Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 8 Question 19 Discussion

Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?
B) Enforce mutual authentication between systems using SSL. and D) Set up a proxy service for the login service in the DMZ.
A) Require the use of Salesforce security tokens on passwords.
C) Include Client Id and Client Secret in the login header callout.

Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Exam - Topic 8 Question 19 Discussion

Actual exam question for Salesforce's Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) exam
Question #: 19
Topic #: 8
[All Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions]

Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.

What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?

Show Suggested Answer Hide Answer
Suggested Answer: B, D

by Detra at Apr 01, 2023, 03:32 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified Platform Identity and Access Management Architect (Plat-Arch-203) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Glory
7 months ago
D sounds good, but isn't it adding more complexity?
upvoted 0 times
...
Elbert
7 months ago
C is a solid option, but it needs extra care with secrets.
upvoted 0 times
...
Nenita
7 months ago
Wait, can we really trust SSL alone? Seems sketchy.
upvoted 0 times
...
My
8 months ago
I think A is too risky with security tokens exposed.
upvoted 0 times
...
Leonora
8 months ago
B is definitely the way to go for mutual authentication!
upvoted 0 times
...
Sanjuana
8 months ago
Setting up a proxy service in the DMZ seems like a good idea, but I wonder if it adds unnecessary complexity to the setup.
upvoted 0 times
...
Elsa
8 months ago
I feel like the Client Id and Client Secret option could work, but I can't recall if that's enough for a trusted connection.
upvoted 0 times
...
Jaime
8 months ago
I think using SSL for mutual authentication sounds familiar, especially for securing connections. It might be the right choice.
upvoted 0 times
...
Jesusita
8 months ago
I remember we discussed mutual authentication in class, but I'm not entirely sure if it's the best option here.
upvoted 0 times
...
Rebbecca
8 months ago
This question seems pretty straightforward. I'm pretty confident I can identify the key component of regulated PII based on the options provided.
upvoted 0 times
...
Celestina
8 months ago
Okay, let me see here. The question is specifically asking about the lifespan of a value in a subprocess data object, so I'm guessing the answer has to do with the subprocess itself rather than the broader process or project.
upvoted 0 times
...
Gennie
1 year ago
Mutual authentication using SSL? More like 'Mutual Annihilation using SSL' - am I right, folks?
upvoted 0 times
Silva
11 months ago
D) Set up a proxy service for the login service in the DMZ.
upvoted 0 times
...
Rodrigo
11 months ago
C) Include Client Id and Client Secret in the login header callout.
upvoted 0 times
...
Shawn
11 months ago
B) Enforce mutual authentication between systems using SSL.
upvoted 0 times
...
Catrice
1 year ago
A) Require the use of Salesforce security tokens on passwords.
upvoted 0 times
...
...
Karol
1 year ago
C) Including the Client Id and Client Secret in the login header callout? That sounds a bit risky to me, like exposing sensitive credentials.
upvoted 0 times
...
Silva
1 year ago
A) Requiring Salesforce security tokens on passwords might work, but it feels a bit outdated. I'd go with the more robust SSL mutual authentication.
upvoted 0 times
Darrin
11 months ago
B) Enforce mutual authentication between systems using SSL.
upvoted 0 times
...
Ahmad
11 months ago
D) Set up a proxy service for the login service in the DMZ.
upvoted 0 times
...
Justine
11 months ago
B) Enforce mutual authentication between systems using SSL.
upvoted 0 times
...
...
Marguerita
1 year ago
D) Setting up a proxy service in the DMZ could be a good idea to add an extra layer of security and isolate the internal login service.
upvoted 0 times
Talia
1 year ago
A) Require the use of Salesforce security tokens on passwords.
upvoted 0 times
...
Lenora
1 year ago
D) Setting up a proxy service in the DMZ could be a good idea to add an extra layer of security and isolate the internal login service.
upvoted 0 times
...
Serita
1 year ago
B) Enforce mutual authentication between systems using SSL.
upvoted 0 times
...
...
Krissy
1 year ago
B) Enforcing mutual authentication using SSL seems like the most secure option to establish a trusted connection between the login service and Salesforce.
upvoted 0 times
Jessenia
1 year ago
User 2
upvoted 0 times
...
Bobbie
1 year ago
User 1
upvoted 0 times
...
...
Pauline
1 year ago
I'm not sure, but setting up a proxy service in the DMZ could also help protect the corporate login service.
upvoted 0 times
...
Geraldo
1 year ago
I agree with Theola, SSL provides a secure way to establish trust between systems.
upvoted 0 times
...
Theola
1 year ago
I think enforcing mutual authentication using SSL would be the best option.
upvoted 0 times
...

Save Cancel