Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.
What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?
To ensure a trusted connection between the login service and Salesforce, mutual authentication using SSL should be enforced. This ensures both parties verify each other's identity before establishing a connection, preventing unauthorized access and ensuring data integrity. Additionally, setting up a proxy service for the login service in the DMZ (Demilitarized Zone) adds an extra layer of security by isolating the internal network from direct exposure to the internet, which addresses the security team's concern regarding the risks of exposing the corporate login service.
Should just be B - Requiring Security Tokens on Passwords is onerous for an end user and doesn't increase trust between the systems
TLS is required for delegated authentication. However, There is no mention of TSL in the options for this question. The closest correct answer would be B. https://help.salesforce.com/s/articleView?language=ja&id=sf.sso_delauthentication_tips.htm&type=5
Question does not ask for multiple answers, plus A is never recommended as a solution