An identity architect's client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.
What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?

A. Ensure that there is an HTTPS connection between IDP and SP.

B. Ensure that on the SSO settings page, the "Request Signing Certificate" field has a self- signed certificate.

C. Ensure that the Issuer and Assertion Consumer service (ACS) URL is property configured between SP and IDP.

D. Encrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP.