Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Exam Identity and Access Management Architect Topic 5 Question 27 Discussion

Actual exam question for Salesforce's Identity and Access Management Architect exam
Question #: 27
Topic #: 5
[All Identity and Access Management Architect Questions]

The security team at Universal Containers (UC) has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so. For all other users of Salesforce, users should be allowed to use AD Credentials or Salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Tyra at Oct 18, 2023, 11:42 PM

Limited Time Offer

25%

Off

Get Premium Identity and Access Management Architect Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Krissy
1 months ago
I'm feeling a bit report-ish about this question. Time to put on my thinking cap and make a choice that's not a total export-astrophe.
upvoted 0 times
Corinne
11 days ago
C) I think using SAML federated Authentication and treating SAML Sessions as High Assurance could be the way to go.
upvoted 0 times
...
Lemuel
16 days ago
B) That sounds like a good idea. Use SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically add or remove a permission set.
upvoted 0 times
...
Coral
26 days ago
A) Use SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.
upvoted 0 times
...
...
Marge
1 months ago
Hmm, exporting reports, huh? Sounds like someone's trying to sneak a peek at the secret recipe for Salesforce's world-famous unicorn frappuccinos.
upvoted 0 times
...
Cherrie
1 months ago
Ah, the age-old battle of security vs. convenience. Option A sounds like the classic 'block everything' approach. I'll pass on that one.
upvoted 0 times
Chandra
7 days ago
User 4: True, that could provide an extra layer of security without completely blocking access.
upvoted 0 times
...
Olive
16 days ago
User 3: Option C could also work by raising the session level required for exporting reports.
upvoted 0 times
...
Kerrie
22 days ago
User 2: I agree, it allows for flexibility while still maintaining control over report exports.
upvoted 0 times
...
Ming
27 days ago
User 1: Option B sounds like a good compromise between security and convenience.
upvoted 0 times
...
...
Annita
2 months ago
Option B looks good, but I'm not sure about the dynamic provisioning aspect. Seems like it could get messy if not implemented properly.
upvoted 0 times
Audry
1 months ago
Hoa: Agreed, let's go with Option D for a simpler solution.
upvoted 0 times
...
Glenn
1 months ago
User 3: That could be a more straightforward approach to manage permissions for exporting reports.
upvoted 0 times
...
Hoa
1 months ago
User 2: Maybe we should consider Option D with the Login Flow instead.
upvoted 0 times
...
Alline
2 months ago
User 1: Option B does sound a bit complex with the dynamic provisioning.
upvoted 0 times
...
...
Pamella
2 months ago
I'm leaning towards option D. Using a login flow to manage the permission set seems more flexible than the other options.
upvoted 0 times
...
Anjelica
2 months ago
Option C seems like the way to go. Treating SAML sessions as high assurance and raising the session level for exporting reports is a neat way to control access without disrupting normal login.
upvoted 0 times
...
Roy
2 months ago
I'm not sure about option B. I think option D might be a better choice since it involves using a Login Flow to manage permissions.
upvoted 0 times
...
Loreta
2 months ago
I agree with Michel. Option B seems like the most efficient way to control access to exporting reports based on the user's login method.
upvoted 0 times
...
Michel
3 months ago
I think option B sounds like a good solution. It allows for dynamic permission management based on the user's credentials.
upvoted 0 times
...

Save Cancel