If the protection level of the authentication method SAML is the same as or higher than that of other authentication methods, users who are allowed to access the realms protected by the SAML authentication method can also access all the protection realms of the other authentication methods. Is this correct?

Release : 12.8

Component : SITEMINDER FEDERATION SECURITY SERVICES

Yes, that is correct.  Sessions created via federation are no different than regular SSO sessions created by a Web Agent, and this is true for protection/authentication levels. If a user authenticates via SAML assertion at level 10, the user will have a sufficient authentication level for any resources protected at level 10 or lower.