Salesforce Certified Identity and Access Management Practice

How does Salesforce handle delegated authentication?

• A. By authenticating users through an internal secure system
• B. By allowing users to authenticate through an external system
• C. By requiring all users to change their passwords frequently
• D. By using biometric verification methods

The correct answer is: By allowing users to authenticate through an external system

Salesforce handles delegated authentication by allowing users to authenticate through an external system, which is particularly useful for organizations that wish to manage their authentication processes through their existing infrastructure. This enables businesses to take advantage of existing security measures and protocols already in place, such as Single Sign-On (SSO) systems or external identity providers. Delegated authentication helps streamline user experience by allowing users to access Salesforce through their existing credentials, which can reduce the need for multiple passwords and improve overall security. By integrating with an external authentication system, Salesforce delegates the responsibility for validating user credentials, ensuring that even as authentication methods evolve, Salesforce can remain flexible and adaptive to the organization's needs. The incorrect responses reflect alternatives that do not accurately describe how Salesforce implements delegated authentication. While an internal secure system and biometric verification methods have their own roles within security frameworks, they do not align with the essence of delegated authentication as implemented by Salesforce. Frequent password changes, though important for security hygiene, do not encapsulate the concept of delegated authentication either, as this primarily involves the use of external systems for user verification.