Free Salesforce Plat-Arch-203 Exam Questions

Question 1

Universal containers (UC) uses a legacy Employee portal for their employees to collaborate and post theirideas. UC decides to use salesforce ideas for voting and better tracking purposes. To avoid provisioning userson Salesforce, UC decides to push ideas posted on the Employee portal to salesforce through API. UC decidesto use an API user using Oauth Username - password flow for the connection. How can the connection tosalesforce be restricted only to the employee portal server?

A : Add the Employee portals IP address to the Trusted IP range for the connected App

B : Use a digital certificate signed by the employee portal Server.

C : Add the employee portals IP address to the login IP range on the user profile.

D : Use a dedicated profile for the user the Employee portal uses.

Answer: A

Question 2

An identity architect is setting up an integration between Salesforce and a third-party system. The third-partysystem needs to authenticate to Salesforce and then make API calls against the REST API.One of the requirements is that the solution needs to ensure the third party service providers connected app inSalesforce mini need for end user interaction and maximizes security.Which OAuth flow should be used to fulfill the requirement?

A : JWT Bearer Flow

B : Web Server Flow

C : User Agent Flow

D : Username-Password Flow

Answer: A

Question 3

Northern Trail Outfitters want to allow its consumer to self-register on it business-to-consumer (B2C) portalthat is built on Experience Cloud. The identity architect has recommended to use Person Accounts.Which three steps need to be configured to enable self-registration using person accounts?Choose 3 answers

A : Enable access to person and business account record types under Public Access Settings.

B : Contact Salesforce Support to enable business accounts.

C : Under Login and Registration settings, ensure that the default account field is empty.

D : Contact Salesforce Support to enable person accounts.

E : Set organization-wide default sharing for Contact to Public Read Only.

Answer: A,C,D

Question 4

Universal Containers (UC) has an existing e-commerce platform and is implementing a new customer community. They do not want to force customers to register on both applications due to concern over the customers experience. It is expected that 25% of the e-commerce customers will utilize the customer community . The e-commerce platform is capable of generating SAML responses and has an existing REST-ful API capable of managing users. How should UC create the identities of its e-commerce users with the customer community?

A : Use SAML JIT in the Customer Community to create users when a user tries to login to the community from the e-commerce site.

B : Use the e-commerce REST API to create users when a user self-register on the customer community and use SAML to allow SSO.

C : Use a nightly batch ETL job to sync users between the Customer Community and the e-commerce platform and use SAML to allow SSO.

D : Use the standard Salesforce API to create users in the Community When a User is Created in the e-Commerce platform and use SAML to allow SSO.

Answer: A

Question 5

A large consumer company is planning to create a community and will requ.re login through the customerssocial identity. The following requirements must be met:1. The customer should be able to login with any of their social identities, however salesforce should onlyhave one user per customer.2. Once the customer has been identified with a social identity, they should not be required to authonzeSalesforce.3. The customers personal details from the social sign on need to be captured when the customer logs intoSalesforce using their social Identity.3. If the customer modifies their personal details in the social site, the changes should be updated in Salesforce.Which two options allow the Identity Architect to fulfill the requirements?Choose 2 answers

A : Use Login Flows to call an authentication registration handler to provision the user before logging theuser into the community.

B : Use authentication providers for social sign-on and use the custom registration handler to insert orupdate personal details.

C : Redirect the user to a custom page that allows the user to select an existing social identity for login

D : Use the custom registration handler to link social identities to Salesforce identities.

Answer: B,D