Explanation:

The channels:read scope allows a Slack app to:

✔ Retrieve a list of all public channels (using conversations.list).
✔ Fetch details about a specific public channel (using conversations.info).

This matches the security team's requirement to monitor public channels only.

❌ Why Other Options Are Incorrect:

A. files:read: Grants access to file metadata/content, not channel data. Irrelevant here.

B. admin.conversations:read: Used for Enterprise Grid admins to access all channels (including private and shared), not just public ones. Overkill for this use case.

C. conversations.connect:read: Designed for Connect apps (external org collaborations), not internal public channel monitoring.

Reference:
Slack API Scopes Documentation confirms channels:read is the correct scope for public channel access.
conversations.list and conversations.info methods require this scope for public channels (API method docs).

Explanation:

❌ A. Open

✖️ Why it's wrong:

Visibility: An "Open" workspace is visible to all members of the organization, fulfilling Requirement 1.

Approval: However, "Open" workspaces allow any member of the organization to join without requiring approval. This directly contradicts Requirement 2, where the group's leaders want to approve members.

❌ B. Invite Only

✖️ Why it's wrong:

Visibility: An "Invite Only" workspace is not visible to all members of the organization in the directory. Members must be explicitly invited by a Workspace Owner or Admin (or sometimes by other members if settings allow). This fails Requirement 1 ("visible to all members... so that they can volunteer to join").

Approval: While it gives control over who joins (via invitation), it doesn't allow for a "request and approve" workflow by the leaders if the workspace isn't discoverable.

✅ C. By Request

✔️ Why it's the Correct Answer:

This option perfectly aligns with both requirements.

Visibility: A "By Request" workspace is visible to all members of the organization in the workspace directory. This fulfills Requirement 1, allowing members to discover the ERG and express interest.

Approval: When a member sees a "By Request" workspace and wants to join, they submit a request. This request then goes to the Workspace Owners/Admins (who, in this case, would be the group's leaders delegated that authority, or who would process these requests on behalf of the leaders). The Owners/Admins then have the explicit "rights to approve any members before they join," fulfilling Requirement 2. This creates the desired controlled entry point with visibility.

❌ D. Hidden

✖️ Why it's wrong:

Visibility: A "Hidden" workspace is not visible to any non-member within the organization directory. It is the most restrictive visibility setting. This completely fails Requirement 1 ("visible to all members... so that they can volunteer to join"). It's typically used for highly confidential or temporary administrative workspaces.

Approval: While it allows for control over who joins (only by direct invitation from an Owner/Admin), its lack of discoverability makes it unsuitable for a volunteer group that wants members to find and request to join.

Conclusion:
"By Request" is the ideal access level because it strikes the perfect balance between discoverability for the entire organization and controlled approval by the group's leaders, which are the two critical requirements in this scenario.

Reference:
Slack Help Center: Set permissions for a workspace (or similar articles detailing workspace access levels like "Open," "By Request," "Invite Only," and "Hidden"). These documents explain how each access level impacts visibility and joining methods.

Explanation:

In Slack, archiving a channel keeps all its messages and files searchable but prevents any new messages from being posted. This is ideal when you want to preserve historical context while preventing further activity. The best practice is to inform members where to continue the conversation before archiving the channel so they know the new location for ongoing discussions.

Option-by-Option Breakdown

🔴 A. Convert #bread-buds to private, archive it, and direct everyone to #carbohydrate-chats.
Incorrect — converting to private would limit access to only current members, preventing new hires or other interested people from referencing the old discussions in the future.

🔴 B. Delete #bread-buds, reference its messages as needed, and direct everyone to #carbohydrate-chats.
Incorrect — deleting a channel permanently erases all its content, making it impossible to reference old baking instructions.

🔴 C. Remove all members from #bread-buds, and invite them to #carbohydrate-chats.
Incorrect — removing members makes the channel inaccessible and doesn’t solve the problem of preventing posts while keeping it viewable.

🟢 D. Post a message in #bread-buds redirecting everyone to #carbohydrate-chats, and archive #bread-buds.
Correct — posting a message provides a clear transition path, and archiving ensures no new posts can be made while keeping all historical content searchable.

Reference:
Slack Help: Archive a channel
Slack Admin Guide: Managing channels

Explanation:

For automatic deactivation of members when they leave the company, SCIM (System for Cross-domain Identity Management) integration is required. Here’s why:
✔ SCIM allows the IdP to send deprovisioning signals to Slack when a user’s access is revoked in the corporate directory (e.g., upon termination).
✔ Without SCIM, Slack cannot automatically deactivate users—even if the IdP is used for authentication (SSO).
✔ This is a standard requirement for automated user lifecycle management in Slack.

❌ Why the Other Options Are Incorrect:

A. Incorrect: Access expiration after 90 days is unrelated to automatic deprovisioning. This is a manual or policy-based setting, not tied to IdP-driven deactivation.

B. Incorrect: Workspace Admins/Owners can still be deactivated automatically if SCIM is configured. Their role does not block deprovisioning.

C. Incorrect: A user’s channel membership does not affect deactivation. SCIM will deprovision them regardless of channel activity.

🧩 Key Takeaway:
➝ SCIM is mandatory for automated deactivation.
➝ Slack Plus Plan supports SCIM, but the IdP must be configured to use it.
➝ Without SCIM, admins must manually deactivate users, creating security risks.

ℹ️ Reference:
✔ Slack SCIM Documentation
✔ Slack Plus Plan Features

Explanation:

Correct Answer: A. A user will understand the purpose of using Slack for their work in a new shared way.

A. A user will understand the purpose of using Slack for their work in a new shared way. ✅
Correct. A vision statement aligns end users around a shared purpose for Slack. It builds cultural understanding and helps them adopt new workflows confidently, instead of just focusing on features.

B. A user will learn several Slack channels they should join. ❌
Not correct. Channel recommendations may come later in training, but a vision statement is about purpose and direction, not tactical instructions.

C. A user will be able to describe their permissions compared to admin permissions. ❌
Not correct. Vision statements are not about permissions or roles. That’s covered in documentation or training materials. End users don’t need this for daily engagement.

D. A user will know about newly released features. ❌
Not correct. Features change often, but a vision statement provides a long-term framework for why Slack matters. It’s broader and more motivational than just announcing features.

📖 Reference: Slack Blog: Driving adoption with a Slack vision statement