Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 5 Question 38 Discussion

An identity architect's client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?
D) Encrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP.
A) Ensure that there is an HTTPS connection between IDP and SP.
B) Ensure that on the SSO settings page, the 'Request Signing Certificate' field has a self-signed certificate.
C) Ensure that the Issuer and Assertion Consumer service (ACS) URL is property configured between SP and IDP.

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 5 Question 38 Discussion

Actual exam question for Salesforce's Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) exam
Question #: 38
Topic #: 5
[All Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions]

An identity architect's client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.

What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Edison at May 07, 2024, 05:27 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Sunshine
6 months ago
Is it really necessary to encrypt the SAML request? Seems like overkill.
upvoted 0 times
...
Maryanne
6 months ago
I agree, HTTPS is a must, but it’s not enough on its own.
upvoted 0 times
...
Deeanna
7 months ago
Wait, a self-signed certificate? That sounds risky!
upvoted 0 times
...
Maurine
7 months ago
I think option C is more important, gotta get those URLs right.
upvoted 0 times
...
Rikki
7 months ago
Definitely go with option D, encryption is key!
upvoted 0 times
...
Eden
7 months ago
Encrypting the SAML request with a CA-signed certificate sounds like a solid recommendation. I think we practiced a similar question about encryption in our last session.
upvoted 0 times
...
Cherrie
8 months ago
I feel like ensuring the Issuer and ACS URL is properly configured is important, but I can't recall if it's enough on its own to establish trust.
upvoted 0 times
...
Glen
8 months ago
I'm not entirely sure, but I think using a self-signed certificate might not be the best option for trust. We talked about this in class, right?
upvoted 0 times
...
Lanie
8 months ago
I remember we discussed the importance of using HTTPS to secure the connection between the IdP and SP. It seems like a basic but crucial step.
upvoted 0 times
...
Lorean
8 months ago
I'm pretty confident I can handle this question. Ensuring HTTPS between the SP and IdP is a simple but effective way to prevent SAML request tampering.
upvoted 0 times
...
Azzie
8 months ago
Configuring the Issuer and ACS URL properly is crucial for SAML integration, so I'd start there to make sure the connection is set up correctly.
upvoted 0 times
...
Glen
8 months ago
Encrypting the SAML request using a CA-signed certificate sounds like a good way to add extra trust and security between the SP and IdP.
upvoted 0 times
...
Sommer
8 months ago
Hmm, I'm a bit confused about the different options here. I'll need to review my SAML security knowledge to figure out the best approach.
upvoted 0 times
...
Jenifer
8 months ago
This seems like a straightforward SAML security question. I'd focus on ensuring the integrity of the SAML request between the SP and IdP.
upvoted 0 times
...
Jamal
8 months ago
I'm a bit unsure about this one. The options all sound similar, but I need to make sure I understand the difference between them. Maybe I'll try to eliminate the ones that don't seem quite right.
upvoted 0 times
...
Kallie
8 months ago
Okay, let me see. Project Integration Management is about bringing all the pieces together, so I'm guessing the right answer is the project charter and project management plan. That makes the most sense to me.
upvoted 0 times
...
Ligia
8 months ago
Definitely prospective review - that's when you get approval before the actual medical service happens. Always do this with insurance to make sure it's covered.
upvoted 0 times
...
Celia
8 months ago
I have a gut feeling it's "with_parent: '{{intlist}}'", but I can't remember any specific examples using that in practice.
upvoted 0 times
...
Angelyn
2 years ago
True, but end-to-end encryption with CA signed certs might ensure trust the most.
upvoted 0 times
...
Rosina
2 years ago
Encryption seems robust but self-signed certificates are pretty common.
upvoted 0 times
...
Arlyne
2 years ago
Option B? A self-signed certificate? What is this, amateur hour? Definitely go with the CA-signed certificate, option D all the way!
upvoted 0 times
Adell
2 years ago
User1
upvoted 0 times
...
Christiane
2 years ago
User2
upvoted 0 times
...
Terina
2 years ago
Definitely go with the CA-signed certificate, option D all the way!
upvoted 0 times
...
Blondell
2 years ago
Option B? A self-signed certificate? What is this, amateur hour?
upvoted 0 times
...
Ernest
2 years ago
Yeah, option D is the way to go for extra security and trust between the SP and IdP.
upvoted 0 times
...
Cecily
2 years ago
Cecily is right, go with option D, the CA-signed certificate for sure.
upvoted 0 times
...
Thaddeus
2 years ago
Option B? A self-signed certificate? What is this, amateur hour?
upvoted 0 times
...
...
Weldon
2 years ago
I am considering the option about encrypting the SAML Request. D, right?
upvoted 0 times
...
Charlena
2 years ago
This is a tricky one, but I'd go with option D. Gotta keep that SAML request secure, even if it means a little more work.
upvoted 0 times
...
Adell
2 years ago
I agree with Aliza. Encryption is the best way to protect the SAML request from being tampered with. Option D is the clear choice here.
upvoted 0 times
Gladys
2 years ago
User B
upvoted 0 times
...
Timothy
2 years ago
User A
upvoted 0 times
...
...
Garry
2 years ago
I think the right answer might be using an HTTPS connection?
upvoted 0 times
...
Annamae
2 years ago
Option C seems like the most straightforward solution. Ensuring the Issuer and ACS URL are properly configured is crucial for a successful SSO integration.
upvoted 0 times
Daryl
2 years ago
Definitely, it's a fundamental step in ensuring the integrity of the SSO process.
upvoted 0 times
...
Justine
2 years ago
So, making sure the configuration is correct is key.
upvoted 0 times
...
Gary
2 years ago
Exactly, it's important for the SAML request content to remain secure.
upvoted 0 times
...
Marget
2 years ago
I agree, it helps establish trust between the SP and IdP.
upvoted 0 times
...
Marleen
2 years ago
Yes, ensuring the Issuer and ACS URL are properly configured is crucial for a successful SSO integration.
upvoted 0 times
...
Dorian
2 years ago
Option C seems like the most straightforward solution.
upvoted 0 times
...
...
Marci
2 years ago
Pretty nervous actually, securing SAML is critical.
upvoted 0 times
...
Aliza
2 years ago
Hmm, I think option D is the way to go. Encrypting the SAML request with a CA-signed certificate provides an extra layer of trust and security.
upvoted 0 times
...
Luther
2 years ago
This question about securing SAML requests, how do you feel about it?
upvoted 0 times
...

Save Cancel