Page 1 of 172
The FRX-IC-CPE Certified Professional -
PingOne Advanced Identity Cloud exam Study
Guide Questions & Answers VERIFIED
SOLUTIONS LATEST UPDATE THIS YEAR
The FRX-IC-CPE Certified Professional - PingOne Advanced Identity Cloud exam validates your
ability to configure, administer, troubleshoot, and maintain PingOne Advanced Identity Cloud
(AIC) tenants . I've created an in-depth study guide with domain breakdowns and practice
questions to help you prepare.
Exam Overview
Here are the exam's key details:
Aspect Details
Certification Name Certified Professional - PingOne Advanced Identity Cloud (FRX-IC-CPE)
Product Heritage Formerly ForgeRock Identity Cloud; now PingOne AIC
Exam Format Multiple choice and scenario-based questions
Number of Questions 60 questions
Time Limit 90 minutes
Passing Score 65%
Credential Validity 2 years
Target Audience Administrators, Architects, and System Integrators
Key Exam Domains & Study Objectives
The exam covers several core competency areas, and to be well-prepared, you should focus on
the following key domains and objectives .
,Page 2 of 172
1. Introducing Advanced Identity Cloud & Tenant Architecture
• Primary Use Cases: The exam focuses on understanding how AIC is used for Single Sign-
On (SSO) for employees, B2C customer authentication, B2B partner access
management, and securing APIs .
• Tenant Management: This includes knowledge of tenant types (development, staging,
production), realm configuration, and the promotion of configurations between
environments .
• ESV (Environment Secrets and Variables): Understand how to manage configuration
differences between environments using ESVs .
2. Managing User Journeys (Most Heavily Weighted)
• Journey Building Blocks: A "Journey" is the core of AIC authentication. You need to
know the different nodes used in journeys, such as Collector Nodes, Decision
Nodes, Action Nodes, and Integration Nodes .
• Customizing Journeys: The exam tests your ability to modify default user journeys,
configure self-service features (like password reset), and set up social registration .
• Debugging Journeys: You will need to understand how to enable debug mode on a user
journey to troubleshoot issues .
3. Managing User Identities & Identity Management
• User Lifecycle: This includes managing user identities, performing bulk imports of users,
and using self-registration to add new users .
• Provisioning: You should know how to synchronize identities from external resources
using connectors like SCIM (for cloud apps) and LDAP (for on-prem directories) .
• Modeling Organization Structure: Understand how to create and manage an
organizational hierarchy to control access to applications .
4. Integrating Applications & APIs
• Application Types: The exam covers integrating SAML 2.0 and OAuth
2.0/OIDC applications .
• API Security: You will need to know how to secure API access, often using OAuth 2.0 .
• PingGateway: You need to know how PingGateway (formerly ForgeRock Identity
Gateway) can protect web applications when integrated with AIC .
5. Managing Federation
• Protocols: The exam tests your knowledge of SAML v2.0, OpenID Connect, and OAuth
2.0 .
,Page 3 of 172
• Third-Party Integration: Be prepared to explain how to integrate AIC with third-party
services using federation standards like SAML .
• Identity Bridging: Understand how PingFederate bridges different identity protocols for
interoperability .
6. Security, Identity Governance, & Compliance
• Multi-Factor Authentication (MFA): You should know how MFA adds a layer of security,
and the different factors used (biometrics, OTP, push notifications) .
• Zero Trust Security: Understand how AIC supports Zero Trust models by verifying every
access request .
• Identity Governance: This covers access reviews, certification campaigns, and
compliance reporting .
✅ Sample Practice Questions
• QUESTION 1: Which of the following is a primary use case for Advanced Identity Cloud
in an enterprise environment?
o A) Managing financial transactions
o B) Single Sign-On (SSO) for employees
o C) Developing mobile applications
o D) Data warehousing
o Correct Answer: B
, Page 4 of 172
o Rationale: Advanced Identity Cloud provides SSO capabilities, allowing employees
to access multiple applications with a single set of credentials, enhancing security
and user experience .
• QUESTION 2: How does Advanced Identity Cloud support B2C use cases?
o A) By managing internal employee access
o B) By providing customer authentication and self-service registration
o C) By handling server maintenance
o D) By storing financial data
o Correct Answer: B
o Rationale: In B2C scenarios, Advanced Identity Cloud enables businesses to
authenticate customers, offer self-service registration, and manage user profiles
securely .
The FRX-IC-CPE Certified Professional -
PingOne Advanced Identity Cloud exam Study
Guide Questions & Answers VERIFIED
SOLUTIONS LATEST UPDATE THIS YEAR
The FRX-IC-CPE Certified Professional - PingOne Advanced Identity Cloud exam validates your
ability to configure, administer, troubleshoot, and maintain PingOne Advanced Identity Cloud
(AIC) tenants . I've created an in-depth study guide with domain breakdowns and practice
questions to help you prepare.
Exam Overview
Here are the exam's key details:
Aspect Details
Certification Name Certified Professional - PingOne Advanced Identity Cloud (FRX-IC-CPE)
Product Heritage Formerly ForgeRock Identity Cloud; now PingOne AIC
Exam Format Multiple choice and scenario-based questions
Number of Questions 60 questions
Time Limit 90 minutes
Passing Score 65%
Credential Validity 2 years
Target Audience Administrators, Architects, and System Integrators
Key Exam Domains & Study Objectives
The exam covers several core competency areas, and to be well-prepared, you should focus on
the following key domains and objectives .
,Page 2 of 172
1. Introducing Advanced Identity Cloud & Tenant Architecture
• Primary Use Cases: The exam focuses on understanding how AIC is used for Single Sign-
On (SSO) for employees, B2C customer authentication, B2B partner access
management, and securing APIs .
• Tenant Management: This includes knowledge of tenant types (development, staging,
production), realm configuration, and the promotion of configurations between
environments .
• ESV (Environment Secrets and Variables): Understand how to manage configuration
differences between environments using ESVs .
2. Managing User Journeys (Most Heavily Weighted)
• Journey Building Blocks: A "Journey" is the core of AIC authentication. You need to
know the different nodes used in journeys, such as Collector Nodes, Decision
Nodes, Action Nodes, and Integration Nodes .
• Customizing Journeys: The exam tests your ability to modify default user journeys,
configure self-service features (like password reset), and set up social registration .
• Debugging Journeys: You will need to understand how to enable debug mode on a user
journey to troubleshoot issues .
3. Managing User Identities & Identity Management
• User Lifecycle: This includes managing user identities, performing bulk imports of users,
and using self-registration to add new users .
• Provisioning: You should know how to synchronize identities from external resources
using connectors like SCIM (for cloud apps) and LDAP (for on-prem directories) .
• Modeling Organization Structure: Understand how to create and manage an
organizational hierarchy to control access to applications .
4. Integrating Applications & APIs
• Application Types: The exam covers integrating SAML 2.0 and OAuth
2.0/OIDC applications .
• API Security: You will need to know how to secure API access, often using OAuth 2.0 .
• PingGateway: You need to know how PingGateway (formerly ForgeRock Identity
Gateway) can protect web applications when integrated with AIC .
5. Managing Federation
• Protocols: The exam tests your knowledge of SAML v2.0, OpenID Connect, and OAuth
2.0 .
,Page 3 of 172
• Third-Party Integration: Be prepared to explain how to integrate AIC with third-party
services using federation standards like SAML .
• Identity Bridging: Understand how PingFederate bridges different identity protocols for
interoperability .
6. Security, Identity Governance, & Compliance
• Multi-Factor Authentication (MFA): You should know how MFA adds a layer of security,
and the different factors used (biometrics, OTP, push notifications) .
• Zero Trust Security: Understand how AIC supports Zero Trust models by verifying every
access request .
• Identity Governance: This covers access reviews, certification campaigns, and
compliance reporting .
✅ Sample Practice Questions
• QUESTION 1: Which of the following is a primary use case for Advanced Identity Cloud
in an enterprise environment?
o A) Managing financial transactions
o B) Single Sign-On (SSO) for employees
o C) Developing mobile applications
o D) Data warehousing
o Correct Answer: B
, Page 4 of 172
o Rationale: Advanced Identity Cloud provides SSO capabilities, allowing employees
to access multiple applications with a single set of credentials, enhancing security
and user experience .
• QUESTION 2: How does Advanced Identity Cloud support B2C use cases?
o A) By managing internal employee access
o B) By providing customer authentication and self-service registration
o C) By handling server maintenance
o D) By storing financial data
o Correct Answer: B
o Rationale: In B2C scenarios, Advanced Identity Cloud enables businesses to
authenticate customers, offer self-service registration, and manage user profiles
securely .