List of questions
Related questions
Question 20 - Certified Identity and Access Management Architect discussion
The security team at Universal containers(UC) has identified exporting reports as a high-risk action and would like to require users to be logged into salesforce with their active directory (AD) credentials when doing so. For all other uses of Salesforce, Users should be allowed to use AD credentials or salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with salesforce credentials?
A.
Use SAML Federated Authentication and Custom SAML jit provisioning to dynamically add or remove a permission set that grants the Export Reports permission.
B.
Use SAML Federated Authentication, treat SAML sessions as high assurance, and raise the session level required for exporting reports.
C.
Use SAML Federated Authentication and block access to reports when accesses through a standard assurance session.
D.
Use SAML Federated Authentication with a login flow to dynamically add or remove a permission set that grants the export reports permission.
Your answer:
0 comments
Sorted by
Leave a comment first