Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Salesforce Exam Identity and Access Management Architect Topic 1 Question 47 Discussion

Actual exam question for Salesforce's Identity and Access Management Architect exam
Question #: 47
Topic #: 1
[All Identity and Access Management Architect Questions]

An identity architect's client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.

What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Colton
2 months ago
Seriously, Julianna? You crack me up. But he's got a point - a self-signed certificate is not the way to go for this kind of setup.
upvoted 0 times
Janessa
1 months ago
D) Encrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP.
upvoted 0 times
...
Jesusa
1 months ago
C) Ensure that the Issuer and Assertion Consumer service (ACS) URL is property configured between SP and IDP.
upvoted 0 times
...
Ailene
2 months ago
A) Ensure that there is an HTTPS connection between IDP and SP.
upvoted 0 times
...
...
Julianna
2 months ago
Haha, did someone say 'self-signed certificate'? That's like putting a 'kick me' sign on your back!
upvoted 0 times
Nikita
1 months ago
User 4: D) Encrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP.
upvoted 0 times
...
Phillip
1 months ago
C) Ensure that the Issuer and Assertion Consumer service (ACS) URL is property configured between SP and IDP.
upvoted 0 times
...
Arthur
1 months ago
B) Ensure that on the SSO settings page, the 'Request Signing Certificate' field has a self-signed certificate.
upvoted 0 times
...
Latrice
2 months ago
A) Ensure that there is an HTTPS connection between IDP and SP.
upvoted 0 times
...
...
Chauncey
2 months ago
I have to disagree with Maybelle. Encrypting the SAML request is the best way to prevent any tampering. It's the most secure option here.
upvoted 0 times
Tamera
2 months ago
User C
upvoted 0 times
...
Rolande
2 months ago
User B
upvoted 0 times
...
Rozella
2 months ago
User A
upvoted 0 times
...
...
Maybelle
3 months ago
Hmm, I'm not sure about that. Isn't option C the more straightforward solution? Configuring the Issuer and ACS URL properly should also provide a good level of trust.
upvoted 0 times
...
Adolph
3 months ago
I believe option D is also important for ensuring the integrity of the SAML request.
upvoted 0 times
...
Reid
3 months ago
I agree with Eleonore, HTTPS connection is crucial for security.
upvoted 0 times
...
Ria
3 months ago
Option D is the way to go! Encrypting the SAML request using a CA-signed certificate is the only way to ensure the content isn't tampered with.
upvoted 0 times
Celeste
2 months ago
Olene: Absolutely, using a CA-signed certificate adds an extra layer of protection.
upvoted 0 times
...
Tammy
2 months ago
It's important to make sure the content remains secure during the SSO process.
upvoted 0 times
...
Olene
2 months ago
I agree, encrypting the SAML request is crucial for security.
upvoted 0 times
...
Tambra
2 months ago
Option D is definitely the best choice.
upvoted 0 times
...
Gail
3 months ago
I agree, encrypting the SAML request is crucial for security.
upvoted 0 times
...
Vivienne
3 months ago
Option D is definitely the best choice.
upvoted 0 times
...
...
Eleonore
3 months ago
I think option A is the best choice.
upvoted 0 times
...

Save Cancel