New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 1 Question 50 Discussion

Actual exam question for Salesforce's Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) exam
Question #: 50
Topic #: 1
[All Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions]

Northern Trail Outfitters (NTO) believes a specific user account may have been compromised. NTO inactivated the user account and needs U perform a forensic analysis and identify signals that could Indicate a breach has occurred.

What should NTO's first step be in gathering signals that could indicate account compromise?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Cherilyn at Sep 18, 2024, 05:02 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Derrick
3 months ago
Not sure if just looking at login history is enough...
upvoted 0 times
...
Marylou
3 months ago
The Identity Provider Event Log has all the juicy details.
upvoted 0 times
...
Doyle
3 months ago
Surprised they didn't mention checking the audit trail first!
upvoted 0 times
...
Lorenza
4 months ago
I think reviewing the user record is more important first.
upvoted 0 times
...
Karan
4 months ago
Definitely start with the login history! That's key.
upvoted 0 times
...
Barney
4 months ago
I lean towards downloading the Login History first. It might help identify any unusual login patterns that could indicate a breach.
upvoted 0 times
...
Serina
4 months ago
I practiced a similar question, and I feel like evaluating the Identity Provider Event Log could give more insights into the user's activities.
upvoted 0 times
...
Tashia
4 months ago
I'm not entirely sure, but I remember something about the Setup Audit Trail being important for tracking user activities. Maybe that’s a good option too?
upvoted 0 times
...
Filiberto
5 months ago
I think the first step should be to review the user record and check the login history. That seems like a logical starting point.
upvoted 0 times
...
Coletta
5 months ago
Hmm, I'm a little confused on this one. I'm not sure if I should go with option A, B, C, or D. Maybe I'll just start with option A and see what that reveals. Gotta start somewhere, right?
upvoted 0 times
...
Galen
5 months ago
Ah, this is a good one. I'd say the first step is to download the Login History and evaluate the details of the user's logins. That should give me a clear picture of any suspicious activity that might have occurred. Option D is the way to go here.
upvoted 0 times
...
Skye
5 months ago
Okay, let's see here. I'm a bit unsure about this one. Should I go with option A and review the user record and transaction history? Or is option C, the Identity Provider Event Log, the better choice? I'll need to think this through carefully.
upvoted 0 times
...
Kenneth
5 months ago
Hmm, this seems like a pretty straightforward forensic analysis question. I think I'll go with option B - downloading the Setup Audit Trail and reviewing the recent user activities. That should give me a good overview of what's been happening with that account.
upvoted 0 times
...
Renea
5 months ago
This seems like a straightforward question about choosing the most appropriate debt financing option for Company P. I'll need to carefully consider the company's situation and requirements.
upvoted 0 times
...
Van
1 year ago
I think downloading the Setup Audit Trail and reviewing all recent activities performed by the user could also provide valuable information.
upvoted 0 times
...
Janine
1 year ago
I agree with Raina. That would be the best first step to gather signals of account compromise.
upvoted 0 times
...
Raina
1 year ago
I think NTO should review the User record and evaluate the login and transaction history.
upvoted 0 times
...
Caren
1 year ago
You know, I've seen some pretty wild stuff in my day, but this is just getting ridiculous. Whoever compromised this account must have been feeling a little 'identity crisis'!
upvoted 0 times
...
Ezekiel
1 year ago
Option C looks promising. The Identity Provider Event Log could give us some juicy details on those shady activities.
upvoted 0 times
Cristy
1 year ago
C) Download the Identity Provider Event Log and evaluate the details of activities performed by the user.
upvoted 0 times
...
Mozell
1 year ago
B) Download the Setup Audit Trail and review all recent activities performed by the user.
upvoted 0 times
...
Justine
1 year ago
A) Review the User record and evaluate the login and transaction history.
upvoted 0 times
...
...
Tegan
1 year ago
I'd go with Option D. The login history is where the real clues are hiding, I bet.
upvoted 0 times
...
Olive
1 year ago
Option A seems like the obvious choice. I bet the login and transaction history will give us a good idea of what's been going on.
upvoted 0 times
Erinn
1 year ago
Let's go ahead and review the User record then.
upvoted 0 times
...
Wava
1 year ago
I agree, checking the login and transaction history will give us important information.
upvoted 0 times
...
Chery
1 year ago
Yeah, that sounds like a good first step to gather signals of account compromise.
upvoted 0 times
...
Gwen
1 year ago
I think we should review the User record and evaluate the login and transaction history.
upvoted 0 times
...
...

Save Cancel