[2024年05月19日] あなたを合格させるIdentity-and-Access-Management-Architect無料最新問題集でSalesforce練習テスト
無料でゲット!高評価Salesforce Identity-and-Access-Management-Architect試験問題集を今すぐダウンロード!
Salesforce Identity-and-Access-Management-Architect Examは、Salesforceエコシステム内のアイデンティティとアクセス管理の分野における専門知識を証明したい個人向けの認定テストです。この認定は、Salesforceプラットフォームを使用してアイデンティティとアクセス管理ソリューションを設計、実装、管理した経験のあるプロフェッショナルを対象としています。
Salesforce Identity-and-Access-Management-Architect試験は、Salesforceプラットフォーム上でIAMに特化したITプロフェッショナルにとって貴重な資格です。この認定は、安全で拡張性のあるIAMソリューションを設計、実装、管理するための知識と専門知識を認めたものです。IAM分野においてキャリアを向上させたいITアーキテクト、管理者、またはコンサルタントであれば、この認定は検討に値するでしょう。
この認定を取得するには、候補者は、アイデンティティアーキテクチャの設計、アクセス管理、データセキュリティ、ガバナンスなど、さまざまな分野で知識とスキルを実証する必要があります。また、成功した候補者は、SSO、OAuth、ID ConnectなどのSalesforceのIDおよびアクセス管理(IAM)ソリューションの経験もあります。
質問 # 119
A web service is developed that allows secure access to customer order status on the Salesforce Platform, The service connects to Salesforce through a connected app with the web server flow. The following are the required actions for the authorization flow:
1. User Authenticates and Authorizes Access
2. Request an Access Token
3. Salesforce Grants an Access Token
4. Request an Authorization Code
5. Salesforce Grants Authorization Code
What is the correct sequence for the authorization flow?
- A. 4, 1, 5, 2, 3
- B. 1, 4, 5, 2, 3
- C. 2, 1, 3, 4, 5
- D. 4,5,2, 3, 1
正解:D
質問 # 120 
A pharmaceutical company has an on-premise application (see illustration) that it wants to integrate with Salesforce.
The IT director wants to ensure that requests must include a certificate with a trusted certificate chain to access the company's on-premise application endpoint.
What should an Identity architect do to meet this requirement?
- A. Generate a certificate authority-signed certificate in Salesforce and uploading it to the on-premise application Truststore.
- B. Use open SSL to generate a Self-signed Certificate and upload it to the on-premise app.
- C. Upload a third-party certificate from Salesforce into the on-premise server.
- D. Configure the company firewall to allow traffic from Salesforce IP ranges.
正解:D
質問 # 121
Universal Containers (UC) has five Salesforce orgs (UC1, UC2, UC3, UC4, UC5). of Every user that is in UC2, UC3, UC4, and UC5 is also in UC1, however not all users 65* have access to every org. Universal Containers would like to simplify the authentication process such that all Salesforce users need to remember one set of credentials. UC would like to achieve this with the least impact to cost and maintenance. What approach should an Architect recommend to UC?
- A. Configure UC1 as the Identity Provider to the other four Salesforce orgs and set up JIT user provisioning on all other orgs.
- B. Purchase a third-party Identity Provider for all five Salesforce orgs to use and set up JIT user provisioning on all other orgs.
- C. Configure UC1 as the Identity Provider to the other four Salesforce orgs, but don't set up JIT user provisioning for other orgs.
- D. Purchase a third-party Identity Provider for all five Salesforce orgs to use, but don't set up JIT user provisioning for other orgs.
正解:A
解説:
Explanation
The best approach to simplify the authentication process and reduce cost and maintenance is to configure UC1 as the Identity Provider to the other four Salesforce orgs and set up JIT user provisioning on all other orgs. This way, users can log in to any of the five orgs using their UC1 credentials, and their user accounts will be automatically created or updated in the other orgs based on the information from UC11. This eliminates the need to purchase a third-party Identity Provider or manually provision users in advance. The other options are not optimal for this requirement because:
Purchasing a third-party Identity Provider for all five Salesforce orgs would incur additional cost and maintenance, and would not leverage the existing user base in UC1.
Not setting up JIT user provisioning for other orgs would require manually creating or updating user accounts in each org, which would be time-consuming and error-prone. References: Salesforce as an Identity Provider, Identity Providers and Service Providers, Just-in-Time Provisioning for SAML
質問 # 122
Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?
- A. Configure the main Salesforce org as a service provider.
- B. Configure the regional salesforce orgs as Identity Providers.
- C. Configure the main salesforce org as an Authentication provider.
- D. Configure the main salesforce org as the Identity provider.
正解:D
質問 # 123
What are three capabilities of Delegated Authentication? Choose 3 answers
- A. It can connect to SOAP services.
- B. It can be assigned by Permission Sets.
- C. It can connect to REST services.
- D. It can be assigned by Profiles.
- E. It can be assigned by Custom Permissions.
正解:A、B、C
質問 # 124
Northern Trail Outfitters manages application functional permissions centrally as Active Directory groups.
The CRM_Superllser and CRM_Reportmg_SuperUser groups should respectively give the user the SuperUser and Reportmg_SuperUser permission set in Salesforce. Salesforce is the service provider to a Security Assertion Markup Language (SAML) identity provider.
Mow should an identity architect ensure the Active Directory groups are reflected correctly when a user accesses Salesforce?
- A. Use a login flow to query standard SAML attributes and set permission sets.
- B. Use a login flow to query custom SAML attributes and set permission sets.
- C. Use the Apex Just-in-Time handler to query standard SAML attributes and set permission sets.
- D. Use the Apex Just-in-Time handler to query custom SAML attributes and set permission sets.
正解:D
質問 # 125
Universal Containers (UC) has an existing Salesforce org configured for SP-Initiated SAML SSO with their Idp. A second Salesforce org is being introduced into the environment and the IT team would like to ensure they can use the same Idp for new org. What action should the IT team take while implementing the second org?
- A. Use the same SAML Identity location as the first org.
- B. Use a different Entity ID than the first org.
- C. Use the same request bindings as the first org.
- D. Use the Salesforce Username as the SAML Identity Type.
正解:B
質問 # 126
Northern Trail Outfitters (NTO) uses Salesforce Experience Cloud sites (previously known as Customer Community) to provide a digital portal where customers can login using their Google account.
NTO would like to automatically create a case record for first time users logging into Salesforce Experience Cloud.
What should an Identity architect do to fulfill the requirement?
- A. Create an authentication provider for Social Login using Google and leverage standard registration handler.
- B. Configure an authentication provider for Social Login using Google and a custom registration handler.
- C. Implement a Just-in-Time handler class that has logic to create cases upon first login.
- D. Implement a login flow with a record create component for Case.
正解:D
解説:
Explanation
To automatically create a case record for first time users logging into Salesforce Experience Cloud using their Google account, the identity architect should implement a login flow with a record create component for Case.
A login flow is a custom post-authentication process that can be used to add additional screens or logic after a user logs in to Salesforce. A record create component is a type of flow element that can be used to create a new record in Salesforce. By implementing a login flow with a record create component for Case, the identity architect can check if the user is logging in for the first time using their Google account and create a case record accordingly. References: Login Flows, Record Create Element
質問 # 127
Universal Containers (UC) has a classified information system that its call center team uses only when they are working on a case with a record type "Classified". They are only allowed to access the system when they own an open "Classified" case, and their access to the system is removed at all other times. They would like to implement SAML SSO eith Salesforce as the Idp, and automatically allow or deny the staff's access to the classified information system based on whether they currently own an open "Classified" case record when they try to access the system using SSO. What is the recommended solution for automatically allowing or denying the access to the classified information system based on the open "classified" case record criteria?
- A. Use Salesforce reports to identify users that currently owns open "Classified" cases and should be granted access to the Classified information system.
- B. Use Apex trigger on case to dynamically assign permission Sets that Grant access when an user is assigned with an open "Classified" case, and remove it when the case is closed.
- C. Use a Common Connected App Handler using Apex to dynamically allow access to the system based on whether the staff owns any open "Classified" Cases.
- D. Use Custom SAML JIT Provisioning to dynamically query the user's open "Classified" cases when attempting to access the classified information system.
正解:C
質問 # 128
Universal Containers (UC) rolling out a new Customer Identity and Access Management Solution will be built on top of their existing Salesforce instance.
Several service providers have been setup and integrated with Salesforce using OpenlD Connect to allow for a seamless single sign-on experience. UC has a requirement to limit user access to only a subset of service providers per customer type.
Which two steps should be done on the platform to satisfy the requirement?
Choose 2 answers
- A. Assign the connected app to the customer community, and enable the users profile in the Community settings.
- B. Manage which connected apps a user has access to by assigning authentication providers to the user's profile.
- C. Use Profiles and Permission Sets to assign user access to Admin Pre-Approved Connected Apps.
- D. Set each of the Connected App access settings to Admin Pre-Approved.
正解:C、D
解説:
Explanation
To limit user access to only a subset of service providers per customer type, the identity architect should use Profiles and Permission Sets to assign user access to Admin Pre-Approved Connected Apps. Connected apps are frameworks that enable external applications to integrate with Salesforce using APIs and standard protocols, such as OpenID Connect. By setting each of the Connected App access settings to Admin Pre-Approved, the identity architect can control which users can access which connected apps by assigning profiles or permission sets to the connected apps. The other options are not relevant for this scenario.
References: Connected Apps, Manage Connected Apps
質問 # 129
Universal Containers (UC) wants to build a few applications that leverage the Salesforce REST API. UC has asked its Architect to describe how the API calls will be authenticated to a specific user. Which two mechanisms can the Architect provide? Choose 2 Answers
- A. Refresh Token
- B. Session ID
- C. Authentication Token
- D. Access Token
正解:A、D
解説:
Explanation
These are the mechanisms that the Salesforce REST API uses for authentication. According to the Salesforce documentation1, the REST API requires an access token obtained by authentication. The access token is a session credential that represents the authorization of a specific application to access specific parts of a user's data2. The access token is valid for a limited time and can be refreshed using a refresh token. A refresh token is a credential that represents the authorization of an application to refresh an expired access token2.
Option A is incorrect because an authentication token is not used by the Salesforce REST API. An authentication token is an email security feature that appends a unique string of characters to your password when you log in from an unrecognized device or IP address3. Option B is incorrect because a session ID is not used by the Salesforce REST API. A session ID is a unique identifier for a user's session that can be used for SOAP API calls4.
References: 1: Step Two: Set Up Authentication | REST API Developer Guide | Salesforce Developers 2: Use Salesforce REST APIs with Heroku - Trailhead 3: Authentication Token - Salesforce 4: Session ID - Salesforce
質問 # 130
An Identity architect works for a multinational, multi-brand organization. As they work with the organization to understand their Customer Identity and Access Management requirements, the identity architect learns that the brand experience is different for each of the customer's sub-brands and each of these branded experiences must be carried through the login experience depending on which sub-brand the user is logging into.
Which solution should the architect recommend to support scalability and reduce maintenance costs, if the organization has more than 150 sub-brands?
- A. Create a community subdomain for each sub-brand and customize the look and feel of the Login page for each community subdomain to match the brand.
- B. Use Audiences to customize the login experience for each sub-brand and pass an audience ID to the community during the OAuth and Security Assertion Markup Language (SAML) flows.
- C. Create a separate Salesforce org for each sub-brand so that each sub-brand has complete control over the user experience.
- D. Assign each sub-brand a unique Experience ID and use the Experience ID to dynamically brand the login experience.
正解:D
解説:
Explanation
To support scalability and reduce maintenance costs for a multinational, multi-brand organization, the architect should recommend assigning each sub-brand a unique Experience ID and using the Experience ID to dynamically brand the login experience. Experience ID is a parameter that can be used to identify different brands or experiences within a single Experience Cloud site (formerly known as Community). Dynamic branding is a feature that allows Experience Cloud sites to display different branding elements, such as logos, colors, or images, based on the Experience ID or other criteria. This solution can provide a consistent and personalized brand experience for each sub-brand without creating multiple subdomains or orgs. References:
Experience ID, Dynamic Branding for Experience Cloud Sites
質問 # 131
Under which scenario Web Server flow will be used?
- A. Used for verifying Access protected resources.
- B. Used for mobile applications and testing legacy Integrations.
- C. Used for web applications when server-side code needs to interact with APIS.
- D. Used for server-side components when page needs to be rendered.
正解:C
解説:
Explanation
The web server flow is used for web applications when server-side code needs to interact with APIs. This flow implements the OAuth 2.0 authorization code grant type, which allows the web app to obtain an access token and a refresh token from Salesforce after the user grants permission1. The web app can then use the access token to call the Salesforce APIs and use the refresh token to obtain a new access token when the previous one expires2. The other options are not valid scenarios for using the web server flow. The web server flow is not used for server-side components when page needs to be rendered, as this does not involve API calls. The web server flow is not used for mobile applications and testing legacy integrations, as these scenarios are better suited for other OAuth flows, such as the user-agent flow or the password flow3. The web server flow is not used for verifying access protected resources, as this is a general purpose of OAuth, not a specific scenario for the web server flow. References: OAuth 2.0 Web Server Flow for Web App Integration, Mastering Salesforce Canvas Apps, OAuth Authorization Flows
質問 # 132
How should an identity architect automate provisioning and deprovisioning of users into Salesforce from an external system?
- A. Run registration handler on incoming OAuth responses.
- B. Call SOAP API upsertQ on user object.
- C. Call OpenID Connect (OIDC)-userinfo endpoint with a valid access token.
- D. Use Security Assertion Markup Language Just-in-Time (SAML JIT) on incoming SAML assertions.
正解:A
解説:
Explanation
To automate provisioning and deprovisioning of users into Salesforce from an external system, the identity architect should run a registration handler on incoming OAuth responses. A registration handler is a class that implements the Auth.RegistrationHandler interface and defines how to create or update users in Salesforce based on the information from an external identity provider. OAuth is a protocol that allows users to authorize an external application to access Salesforce resources on their behalf. By running a registration handler on incoming OAuth responses, the identity architect can automate user provisioning and deprovisioning based on the OAuth attributes. References: Registration Handler, Authorize Apps with OAuth
質問 # 133
Universal Containers (UC) employees have Salesforce access from restricted IP ranges only, to protect against unauthorized access. UC wants to roll out the Salesforce1 mobile app and make it accessible from any location. Which two options should an Architect recommend? Choose 2 answers
- A. Use Login Flow to bypass IP range restriction for the mobile app.
- B. Remove existing restrictions on IP ranges for all types of user access.
- C. Relax the IP restrictions in the Connect App settings for the Salesforce1 mobile app.
- D. Relax the IP restriction with a second factor in the Connect App settings for Salesforce1 mobile app.
正解:C、D
解説:
Explanation
The two options that an architect should recommend for UC to roll out the Salesforce1 mobile app and make it accessible from any location are:
Relax the IP restriction with a second factor in the Connected App settings for Salesforce1 mobile app.
This option allows UC to enable two-factor authentication (2FA) for the Salesforce1 mobile app, which requires users to verify their identity with a second factor, such as a verification code or a mobile app, after entering their username and password. By enabling 2FA in the Connected App settings, UC can relax the IP restriction for the Salesforce1 mobile app, as users can access it from any location as long as they provide the second factor.
Relax the IP restrictions in the Connected App settings for the Salesforce1 mobile app. This option allows UC to disable or modify the IP restriction for the Salesforce1 mobile app in the Connected App settings, which control how users can access a connected app, such as Salesforce1. By relaxing the IP restrictions, UC can allow users to access the Salesforce1 mobile app from any location without requiring 2FA.
The other options are not recommended for this scenario. Removing existing restrictions on IP ranges for all types of user access would compromise security and compliance, as it would expose Salesforce to unauthorized access from any location. Using Login Flow to bypass IP range restriction for the mobile app would require custom code and logic, which could introduce complexity and errors. References: [Connected Apps], [Two-Factor Authentication], [Require a Second Factor of Authentication for Connected Apps], [IP Restrictions for Connected Apps], [Login Flows]
質問 # 134
A company's external application is protected by Salesforce through OAuth. The identity architect for the project needs to limit the level of access to the data of the protected resource in a flexible way.
What should be done to improve security?
- A. Define a permission set that grants access to the app and assign to authorized users.
- B. Select "Admin approved users are pre-authonzed" and assign specific profiles.
- C. Leverage external objects and data classification policies.
- D. Create custom scopes and assign to the connected app.
正解:D
質問 # 135
Universal Containers (UC) employees have Salesforce access from restricted IP ranges only, to protect against unauthorised access. UC wants to roll out the Salesforce1 mobile app and make it accessible from any location. Which two options should an Architect recommend? Choose 2 answers
- A. Use Login Flow to bypass IP range restriction for the mobile app.
- B. Remove existing restrictions on IP ranges for all types of user access.
- C. Relax the IP restrictions in the Connect App settings for the Salesforce1 mobile app.
- D. Relax the IP restriction with a second factor in the Connect App settings for Salesforce1 mobile app.
正解:C、D
質問 # 136
Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth. NTO wants to use Salesforce Identity to register and authenticate new customers on the website.
Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?
Choose 2 answers
- A. Delegated Authentication
- B. Embedded Login
- C. Connected Apps
- D. Identity Connect
正解:A、B
解説:
Explanation
To register and authenticate new customers on the website using Salesforce Identity, the identity architect should use Delegated Authentication and Embedded Login. Delegated Authentication is a feature that allows Salesforce to delegate the authentication process to an external service, such as a custom website, instead of validating the username and password internally. Embedded Login is a feature that allows Salesforce to embed a login widget into any web page, such as a custom website, to enable users to log in with their Salesforce credentials. The other options are not relevant for this scenario. References: Delegated Authentication, Embedded Login
質問 # 137
Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financial system, and CPQ system. Below is the SSO implementation landscape.
What role combination is represented by the systems in this scenario''
- A. Salesforce Org1 and PingFederate are acting as Identity Providers.
- B. Salesforce Org1 and Salesforce Org2 are the only Service Providers.
- C. Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.
- D. Financial System and CPQ System are the only Service Providers.
正解:B
解説:
Explanation
In a SAML-based SSO scenario, the identity provider (IdP) is the system that performs authentication and passes the user's identity and authorization level to the service provider (SP), which trusts the IdP and authorizes the user to access the requested resource1. In this case, PingFederate is the IdP that authenticates users for UC and sends SAML assertions to the SPs. The SPs are the systems that rely on PingFederate for authentication and provide access to their services based on the SAML assertions. The SPs in this scenario are Salesforce Org1, Salesforce Org2, Financial System, and CPQ System2. Therefore, the correct answer is B.
References:
SAML web-based authentication guide
SAML-based single sign-on: Configuration and Limitations
質問 # 138
Containers (UC) uses an internal system for recruiting and would like to have the candidates' info available in the Salesforce automatically when they are selected. UC decides to use OAuth to connect to Salesforce from the recruiting system and would like to do the authentication using digital certificates. Which two OAuth flows should be considered to meet the requirement? Choose 2 answers
- A. Refresh Token flow
- B. JWT Bearer Token flow
- C. SAML Bearer Assertion flow
- D. Web Service flow
正解:B、C
解説:
Explanation
JWT Bearer Token flow and SAML Bearer Assertion flow are two OAuth flows that can be used to authenticate to Salesforce using digital certificates. JWT Bearer Token flow allows a connected app to request an access token from Salesforce by using a JSON Web Token (JWT) that is signed with a digital certificate.
SAML Bearer Assertion flow allows a connected app to request an access token from Salesforce by using a SAML assertion that is signed with a digital certificate. These two flows can meet the requirement of UC to use OAuth and digital certificates to connect to Salesforce from the recruiting system.
質問 # 139 
An organization has a central cloud-based Identity and Access Management (IAM) Service for authentication and user management, which must be utilized by all applications as follows:
1 - Change of a user status in the central IAM Service triggers provisioning or deprovisioining in the integrated cloud applications.
2 - Security Assertion Markup Language single sign-on (SSO) is used to facilitate access for users authenticated at identity provider (Central IAM Service).
Which approach should an IAM architect implement on Salesforce Sales Cloud to meet the requirements?
- A. A Configure Salesforce as a SAML Service Provider, and enable SCIM (System for Cross-Domain Identity Management) for provisioning and deprovisioning of users.
- B. Configure central IAM Service as an authentication provider and extend registration handler to manage provisioning and deprovisioning of users.
- C. Deploy Identity Connect component and set up automated provisioning and deprovisioning of users, as well as SAML-based SSO.
- D. Configure Salesforce as a SAML service provider, and enable Just-in Time (JIT) provisioning and deprovisioning of users.
正解:A
質問 # 140
Northern Trail Outfitters (NTO) has an off-boarding process where a terminated employee is first disabled in the Lightweight Directory Act Protocol (LDAP) directory, then requests are sent to the various application support teams to finish user deactivations. A terminated employee recently was able to login to NTO's Salesforce instance 24 hours after termination, even though the user was disabled in the corporate LDAP directory.
What should an identity architect recommend to prevent this from happening in the future?
- A. use a login flow to make a callout to the LDAP directory before authenticating the user to Salesforce.
- B. Setup an identity provider (IdP) to authenticate users using LDAP, set up single sign-on to Salesforce and disable Login Form authentication.
- C. Configure an authentication provider to delegate authentication to the LDAP directory.
- D. Create a Just-in-Time provisioning registration handler to ensure users are deactivated in Salesforce as they are disabled in LDAP.
正解:C
解説:
Explanation
Login History allows administrators to view the login attempts of all users in the org, including the status, source IP, login type, and application. This can help identify and troubleshoot any login errors or issues.
References: Login History
質問 # 141
Universal Containers (UC) has implemented SAML-based SSO solution for use with their multi-org Salesforce implementation, utilizing one of the the orgs as the Identity Provider. One user is reporting that they can log in to the Identity Provider org but get a generic SAML error message when accessing the other orgs. Which two considerations should the architect review to troubleshoot the issue? Choose 2 answers
- A. The Federation ID must be populated on the user record.
- B. The Federation ID must be a valid Salesforce Username
- C. The Federation ID must is case sensitive
- D. The Federation ID must be in the form of an email address.
正解:A、C
質問 # 142
Universal containers (UC) wants to integrate a Web application with salesforce. The UC team has implemented the Oauth web-server Authentication flow for authentication process. Which two considerations should an architect point out to UC? Choose 2 answers
- A. The flow will not provide an Oauth refresh token back to the server.
- B. The flow involves passing the user credentials back and forth.
- C. The web server must be able to protect consumer privacy
- D. The web application should be hosted on a secure server.
正解:C、D
解説:
Explanation
The web application should be hosted on a secure server and the web server must be able to protect consumer privacy are two considerations that an architect should point out to UC. To integrate an external web app with the Salesforce API, UC can use the OAuth 2.0 web server flow, which implements the OAuth 2.0 authorization code grant type4. With this flow, the server hosting the web app must be able to protect the connected app's identity, defined by the client ID and client secret4. The web application should be hosted on a secure server to ensure that the communication between the web app and Salesforce is encrypted and protected from unauthorized access or tampering6. The web server must be able to protect consumer privacy to comply with data protection laws and regulations, such as GDPR or CCPA . The web server should implement best practices for storing and handling user data, such as encryption, hashing, salting, and anonymization. The flow involves passing the user credentials back and forth is not a correct consideration, as the web server flow does not require the user credentials to be passed between the web app and Salesforce. Instead, it uses an authorization code that is exchanged for an access token and a refresh token4. The flow will not provide an OAuth refresh token back to the server is also not a correct consideration, as the web server flow does provide a refresh token that can be used to obtain new access tokens without user interaction4. References: OAuth 2.0 Web Server Flow for Web App Integration, Secure Your Web Application, [General Data Protection Regulation (GDPR)], [California Consumer Privacy Act (CCPA)],
[Data Protection Best Practices]
質問 # 143
Universal Containers (UC) is using its production org as the identity provider for a new Experience Cloud site and the identity architect is deciding which login experience to use for the site.
Which two page types are valid login page types for the site?
Choose 2 answers
- A. Experience Builder Page
- B. Login Discovery Page
- C. lightning Experience Page
- D. Embedded Login Page
正解:B、D
解説:
Explanation
Login Discovery Page and Embedded Login Page are two valid login page types for Experience Cloud sites.
Login Discovery Page allows users to choose their preferred login method, such as username/password, SSO, or social sign-on. Embedded Login Page allows users to log in from any site page without being redirected to a separate login page. References: Login Discovery Page, Embedded Login
質問 # 144
......
一発合格の秘訣は無料でゲット!Identity-and-Access-Management-ArchitectCertified 試験エンジンPDF:https://jp.fast2test.com/Identity-and-Access-Management-Architect-premium-file.html
Identity-and-Access-Management-Architect試験問題集合格には最新なテスト問題集:https://drive.google.com/open?id=1sCbrVtz5WOVzXzp1o8fqrM9-ScO17ZPk