Explanation:

To meet compliance requirements for tracking device information and enabling the ability to revoke access to specific devices, the most appropriate Salesforce-native feature is the Activations feature (✅ Option B). This feature tracks browser and device activation events, allowing Salesforce to maintain a history of devices from which users log in, including details such as IP address, browser type, and device identifier. When a user logs in from a new or unrecognized device, Salesforce triggers a verification challenge, and once the user confirms the device, it is recorded in the Activation records.

Importantly, administrators have the ability to revoke trusted devices through the user’s login history and device activations, effectively forcing re-verification or denying access, which directly addresses the second part of the requirement.

Other options are less suitable:

Option A (MFA) enhances login security but does not provide full device tracking or revocation capabilities.

Option C (Login History) captures login details like IP address and time but does not specifically track devices or allow device revocation.

Option D (Login Flows with custom objects) could theoretically be configured to track device info, but it would require significant custom development and would still lack native revocation capabilities.