Which two methods should an Architect consider to ensure that the sensitive data cannot be tampered with, or accessible to anyone while in transit? Universal Containers (UC) is using a custom application that will Act as the Identity Provider and will generate SAML assertions used to log in to Salesforce. UC is considering including custom parameters in the SAML assertion. These attributes contain sensitive data and are needed to authenticate users. The assertions are submitted to Salesforce via a browser form post. The majority of the users will only be able to access Salesforce via UC's corporate network, but a subset of admins and executives would be allowed access from outside the corporate network on their mobile devices.