Salesforce Certified B2C Solution Architect (Arch-302) Exam - Topic 3 Question 97 Discussion

Experience Cloud is a product that allows creating and managing digital experiences for customers, partners, employees, and communities. Experience Cloud can be integrated with external payment gateways and Pardot to offer secure and personalized experiences for members who want to set up recurring donations. To increase security for their existing users, a Solution Architect can recommend the following options:

Implement high-assurance requirements for Experience Cloud profiles. High-assurance requirements are settings that define the level of security and identity verification needed for users to access certain pages or features in Experience Cloud. High-assurance requirements can help prevent unauthorized or fraudulent access to sensitive or confidential data or transactions, such as recurring donations.

Add a login flow that defines the scope of user access authorized by authentication providers. A login flow is a process that allows customizing the user login experience in Experience Cloud using various actions, such as collecting information, displaying messages, updating records, etc. A login flow can help define the scope of user access authorized by authentication providers, such as social media accounts or SAML-based identity providers. This can help limit or restrict the access of users based on their authentication method or credentials.

Develop login flows to change the user's session security level to initiate third-party identity verification. A session security level is a setting that determines the level of security and identity verification required for a user's session in Experience Cloud. A session security level can be changed using login flows to initiate third-party identity verification, such as SMS verification, email verification, biometric verification, etc. This can help enhance the security and trust of the user's session and prevent unauthorized or fraudulent access to sensitive or confidential data or transactions, such as recurring donations.

Option C is incorrect because replacing Pardot with Marketing Cloud to implement SMS for multi-factor authentication is not a valid or feasible option to increase security for their existing users. Pardot is a product that allows creating and managing B2B marketing campaigns and activities, such as email marketing, lead generation, lead nurturing, etc. Marketing Cloud is a product that allows creating and managing B2C marketing campaigns and activities, such as email marketing, mobile marketing, social media marketing, etc. Replacing Pardot with Marketing Cloud would not only be costly and complex, but also unnecessary and irrelevant for their use case of setting up recurring donations. Moreover, implementing SMS for multi-factor authentication does not require replacing Pardot with Marketing Cloud, as it can be done using other methods or tools, such as login flows or third-party identity verification services. Option D is incorrect because maintaining GAuth tokens for existing Experience Cloud profiles is not an option or a way to increase security for their existing users. GAuth tokens are tokens that are used by Google Authenticator, an app that generates one-time passwords for two-factor authentication. GAuth tokens are not related to Experience Cloud profiles or their security settings. Reference:

https://help.salesforce.com/s/articleView?id=sf.networks_security.htm&type=5

https://help.salesforce.com/s/articleView?id=sf.networks_login_flow_examples.htm&type=5

https://help.salesforce.com/s/articleView?id=sf.networks_session_security_levels.htm&type=5