Salesforce Certified Identity and Access Management – Spring ’18 Release Exam

An administrator resets a user password in Salesforce.

Which attribute will be updated with the “True” value in the Identity URL or UserInfo endpoint?

A. email_verified
B. password_updated
C. password_reset
D. active


Universal Containers (UC) uses Salesforce for all of its internal users. Recently UC started getting a lot of complaints from users regarding locked user accounts due to users not being able to reset their passwords.

What is the recommended solution a Salesforce adminisrator can follow to solve this problem?

A. Implement a third-party Identity Provider to centralize user management and authentication policies.
B. Modify password policies and set Password Expires to “Never Expires” so that users can log in without any interruption.
C. Configure social media authentication provider to allow users to log in via their social media credentials.
D. Enable two-factor authentication using Lightning Login to allow users to log in without their passwords.


Universal Containers uses Customer Community for its customers and wants to make sure that there is an extra layer of security to avoid unauthorized access.

What is the recommended way of enabling two-factor authentication for external users?

A. Update external user profile to allow users to verify their identity and avoid unauthorized access.
B. Use an AppExchange application to implement two-factor authentication for external users.
C. Use dynamic login on the customer community to allow customers to verify their identity.
D. Use custom login flows to implement two-factor authentication for external users.


Universal Containers (UC) uses an external website to allow its customers to perform self-service functions. The website doesn’t support autentication through SAML or OpenID Connect. UC has decided to impement Salesforce and authenticate its users via Salesforce.

What is the recommended solution to allow users to authenticate via Salesforce on the external website?

A. Configure a connected app in Salesforce and use username-password flow to allow customer to authenticate on the website.
B. Configure Salesforce as a Service Provider, and implement custom federation services using existing Identity Store.
C. Configure Customer Community identity providers, and use Embedded Login to allow customers to authenticate on the website using configured identity providers.
D. Migrate the website to Customer Community to allow a seamless experience and set existing passwords as their customer community user passwords.



Universal Containers (UC) uses Customer Community to allow its customers to register and perform self-service functions. Due to the growth of the business and the customer base, UC wants to deliver a different experience to its customers based on runtime circumstances.

What is the secure and recommended way of enabling this?

A. Develop Lightning components to deliver different experience to customers using their information stored in Salesforce.
B. Use custom login flows to deliver different experiences by extracting the source from the URL where the customer is visiting from.
C. Use an AppExchange product to customize the Customer Community login experience and deliver a personalized experience to customers
D. Enable dynamic login experience by adding expid request parameter in the client configuraiton SSO initialization URL.



Leave a Reply

Your email address will not be published. Required fields are marked *