Salesforce prepway identity And Access Management Designer Identity-and-access-management-architect Release Date by Payton q49 vce pdf

Page: 15 / 17

Exam Name:	Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203)
Exam Code:	Identity-and-Access-Management-Architect Dumps
Vendor:	Salesforce	Certification:	Identity and Access Management Designer
Questions:	243 Q&A's	Shared By:	payton

Question 60

A security architect is rolling out a new multi-factor authentication (MFA) mandate, where all employees must go through a secure authentication process before accessing Salesforce. There are multiple Identity Providers (IdP) in place and the architect is considering how the "Authentication Method Reference" field (AMR) in the Login History can help.

Which two considerations should the architect keep in mind?

Choose 2 answers

Options:

AMR field shows the authentication methods used at IdP.

Both OIDC and Security Assertion Markup Language (SAML) are supported but AMR must be implemented at IdP.

High-assurance sessions must be configured under Session Security Level Policies.

Dependency on what is supported by OpenID Connect (OIDC) implementation at IdP.

Discussion

Question 61

The security team at Universal containers(UC) has identified exporting reports as a high-risk action and would like to require users to be logged into salesforce with their active directory (AD) credentialswhen doing so. For all other uses of Salesforce, Users should be allowed to use AD credentials or salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with salesforce credentials?

Options:

Use SAML Federated Authentication and Custom SAML jit provisioning to dynamically add or remove a permission set that grants the Export Reports permission.

Use SAML Federated Authentication, treat SAML sessions as high assurance, and raise the session level required for exporting reports.

Use SAML Federated Authentication and block access to reports when accesses through a standard assurance session.

Use SAML Federated Authentication with a login flow to dynamically add or remove a permission set that grants the export reports permission.

Discussion

Miriam

Highly recommended Dumps. 100% authentic and reliable. Passed my exam with wonderful score.

Milan Feb 5, 2026

I see. Thanks for the information. I'll definitely keep Cramkey in mind for my next exam.

Yusra

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.

Alisha Feb 5, 2026

I recently used their dumps for the certification exam I took and I have to say, I was really impressed.

Ava-Rose

Yes! Cramkey Dumps are amazing I passed my exam…Same these questions were in exam asked.

Ismail Feb 16, 2026

Wow, that sounds really helpful. Thanks, I would definitely consider these dumps for my certification exam.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Feb 23, 2026

That sounds really useful. I'll definitely check it out.

Victoria

Hey, guess what? I passed the certification exam! I couldn't have done it without Cramkey Dumps.

Isabel Feb 20, 2026

Same here! I was so surprised when I saw that almost all the questions on the exam were exactly what I found in their study materials.

Question 62

Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.

Which Salesforce license is required to fulfill this requirement?

Options:

External Identity

IdentityVerification

Identity Connect

Identity Only

Discussion

Question 63

Universal Container's (UC) is using Salesforce Experience Cloud site for its containerwholesale business. The identity architect wants to an authentication provider for the new site.

Which two options should be utilized in creating an authentication provider?

Choose 2 answers

Options:

A custom registration handier can be set.

A custom error URL can be set.

The default login user can be set.

The default authentication provider certificate can be set.