Security-and-Privacy-Accredited-Professional Practice Test Questions

104 Questions


Which three standard authentication protocols does Salesforce support to integrate external applications using APIs?


A. OpenID Connect


B. Single Sign On (SSO)


C. OMFA


D. Security Assertion Markup Language (SAML)


E. OAuth





A.   OpenID Connect

D.   Security Assertion Markup Language (SAML)

E.   OAuth

You need to limit when and where from users can access Salesforce- to help reduce the risks of unauthorized access. How should you go about this.


A. Restrict Access based on Login IP Addresses but login hairs can't be set up in conjunction with this feature


B. Use MFA to help ensure users are using a more secure login process


C. Restrict Access based on Login IP Addresses and use the Login Hours feature together


D. Do not allow users to access Salesforce from outside the office.





B.   Use MFA to help ensure users are using a more secure login process

MFA is enabled at which level for Marketing Cloud-Email Studio, Mobile Studio, and Journey Builder?


A. User level


B. Top-level account


C. Role level


D. Business unit level





B.   Top-level account

When is data from a newly connected tenant updated in the Security Center App?


A. Upon triggering the refresh


B. During the next daily update


C. Immediately


D. When the API is called





B.   During the next daily update

By which method can Data Classification fields such as Compliance Categorization and Data


A. Sensitivity Level be accessed?


B. Field History Archive


C. Bulk API


D. Custom Metadata Types


E. Apex





E.   Apex

Which of the following is a blocker to rolling out MFA?


A. Licensing for Transaction Security Policies


B. Users refusing to install applications on their personal phones


C. Shared accounts or credentials


D. Licensing for Login Flows





C.   Shared accounts or credentials

The Admin wants to make Salesforce applications more secure. Which set of security settings should be enabled to achieve this?


A. Enable ClickJack protection, Lightning Lockdown, Enable User Certificates


B. Enable ClickJack protection, Health Check, Enable User Certificates


C. Enable Click Jack protection, Require HTTPS, Enable Cross-Site Scripting (XSS) Protection


D. Run Health Check, Require HTTPS, Salesforce Shield





C.   Enable Click Jack protection, Require HTTPS, Enable Cross-Site Scripting (XSS) Protection

Where would the user go to connect a new tenant to the Security Center app?


A. Setup/Manage Tenants


B. Setup/Security Center


C. Manage Security Tab


D. Connected Tenants Tab





D.   Connected Tenants Tab

Which three objects is monitored by the Consent Event Stream (CES)?


A. Lead


B. Authorization Form Consent


C. Case


D. Contact


E. Opportunity





A.   Lead

B.   Authorization Form Consent

D.   Contact

Which three MFA verification methods are supported by MuleSoft Anypoint Platform?


A. SMS text messages


B. Encryption Algorithm


C. Built-in Authenticators


D. Security Keys


E. Salesforce Authenticator





C.   Built-in Authenticators

D.   Security Keys

E.   Salesforce Authenticator

How often are Security Center metrics updated?


A. Daily


B. Weekly


C. Hourly


D. Every 30 days





A.   Daily

User in one of the monitored orgs has been granted the 'Modify All Data' permission.
Where can the consultant see how the permission was granted?


A. View the Configuration Metrics detail page.


B. View the detail page of the 'View All Data' metric, and check the Context column on the change for the user.


C. See the Permissions dashboard.


D. View the detail page of the 'Modify All Data' metric, and check the Context column on the change for the user.





D.   View the detail page of the 'Modify All Data' metric, and check the Context column on the change for the user.


Page 2 out of 9 Pages
Previous