Free Salesforce-Tableau-Architect Practice Test Questions (2026)

Explanation:

Why B is Correct?

At-rest encryption ensures that data extracts (.tde or .hyper files) stored on Tableau Server’s disk are unreadable without a decryption key, protecting against unauthorized access (e.g., theft, breaches).

Tableau’s Extract Encryption Guide mandates this for compliance (e.g., HIPAA, GDPR).

Why Other Options Are Incorrect?

A. VPN for transfers: Secures data in transit, not at rest (extracts are already encrypted during transfer via HTTPS).

C. Intrusion detection: Useful for monitoring but doesn’t directly encrypt extracts.

D. Increasing storage: Irrelevant—encryption adds minimal overhead (~5-10% space).

Key Steps for Secure Extract Encryption:

Generate a strong encryption key (e.g., 256-bit AES).

Reference:

Tableau’s Security Hardening Guide prioritizes at-rest encryption.

Final Note:

B is the only direct solution for securing extracts at rest. Options A/C/D address peripheral concerns but not core encryption. Always back up the encryption key separately!

Explanation:

Why This is the Correct Approach:

Tableau Server relies on multiple processes to handle different tasks, and balancing them is critical for performance:

VizQL: Renders visualizations for users (needs more instances if many users access dashboards simultaneously).

Data Server: Manages data extracts and live connections (important if the business uses many extracts).

Backgrounder: Runs scheduled refreshes and subscriptions (needs enough capacity to avoid delays).

A medium-sized business should adjust process counts based on:

Concurrent users (more VizQL if many users).

Extract usage (more Data Server if heavy on extracts).

Refresh schedules (more Backgrounder if many automated tasks).

Why the Other Options Are Not Ideal:

A) Excessive processes:
Wastes server resources and can slow down performance due to overhead.

B) Equal processes for all types:
Doesn’t account for actual usage patterns (e.g., may need more VizQL than Backgrounder).

D) Only prioritizing VizQL:
Neglects data refreshes and extract performance, leading to bottlenecks.

Best Practices for Medium-Sized Businesses:
Start with a balanced baseline (e.g., 4-6 VizQL, 3-4 Backgrounder, 2-3 Data Server).

Monitor performance using Tableau’s Admin Views to adjust as needed.

Scale up processes only where necessary (e.g., add VizQL if dashboard load times increase).

Key Takeaway:
Tailor process counts to match real-world usage—don’t over-allocate or assume all processes need equal resources.

Explanation:

Why C is Correct?

Security and accuracy are critical when using Web Data Connectors (WDCs), as they interact with external data sources.

Secure data transfer (via HTTPS/TLS) prevents interception or tampering during transit.

Proper authentication (e.g., OAuth, API keys) ensures only authorized access to data sources.

Efficient data handling avoids performance bottlenecks or corruption during extraction.

Tableau’s WDC Security Guidelines emphasize these practices.

Why Other Options Are Incorrect?

A. Hosting WDCs on the same server: Unnecessary and restrictive—WDCs can be hosted externally if secured properly.

B. Blindly updating WDCs: Risky—updates should be tested for compatibility and stability first.

D. Prohibiting third-party connectors: Overly restrictive—many trusted third-party WDCs exist (e.g., Salesforce, Google Analytics).

Key Steps for Secure WDC Configuration:

Use HTTPS for all WDC endpoints (no HTTP).

Validate WDC code for vulnerabilities (e.g., SQL injection, excessive data exposure).

Monitor WDC performance to ensure efficient data transfer.

Restrict WDC permissions to only necessary data sources.

Reference:

Tableau’s WDC Best Practices highlights secure data handling as a priority

. Final Note:

C is the only balanced approach—security and efficiency are mandatory, while flexibility (A/B/D extremes) can compromise safety or usability. Always audit third-party WDCs before deployment.

Explanation:

In a multi-node Tableau Server deployment, database connectivity issues can stem from multiple sources — network interruptions, authentication problems, database server load, or driver issues. The most effective and structured way to identify the root cause is to:

Check Tableau Server logs (e.g., tabsvc, vizqlserver, backgrounder logs) for error codes or failed connection attempts.

Check database server logs for matching timestamps of failed logins, query failures, or timeouts.

Correlate these logs to see if the issue is network-related, credential-related, or due to resource constraints.

Why other options are incorrect:

A: Hardware replacement is costly, disruptive, and should only be considered after confirming physical layer issues.

C: Reducing access might temporarily reduce load but does not address the actual connectivity failure.

D: Migrating to a new database server is a drastic measure that doesn’t guarantee resolution and risks introducing new problems.

Reference:
Tableau Help – Troubleshoot Connectivity Issues:

Explanation

For maximum data security in a Tableau Server deployment, two encryption layers are required:

1. Encryption over the wire (in transit):
Achieved by enabling SSL/TLS for Tableau Server so all communications between clients, browsers, Tableau Desktop, and the server are encrypted.

2. Encryption at rest:
Protects stored data such as extracts, repository data, and backups.
In Tableau Server, you can enable at-rest encryption for extracts, repository, and file store (available in certain editions and versions).

Why C is correct:

It’s the only option that covers both types of encryption—this ensures compliance with strict financial data regulations (e.g., PCI-DSS, SOX, GLBA).

Why not the others?

A. Enabling only SSL/TLS → Secures transit but leaves data at rest vulnerable.

B. External file storage without encryption → Data at rest is exposed if the storage is compromised.

D. Network-level encryption only → Relies on external network controls but does not secure stored files or server-to-server comms natively.

Reference:

Tableau Help: Encrypt Extracts at Rest
Tableau Help: Configure SSL for Tableau Server
From Tableau docs: "Tableau Server supports encryption for data in transit with SSL/TLS, and encryption at rest for extracts and repository data."

Explanation:

Why B is Correct?

Active Directory (AD) is the most scalable and secure solution for a multinational corporation, as it centralizes user management under the existing corporate identity system.

Single Sign-On (SSO) (e.g., SAML, OAuth, or Kerberos) ensures seamless authentication, improves security, and reduces password fatigue for users.

This approach aligns with enterprise best practices, allowing IT to enforce consistent access policies (e.g., role-based permissions, MFA) across all branches.

Tableau Server natively supports AD integration and SSO, making deployment straightforward.

Why Other Options Are Incorrect?

A. Local authentication per branch creates management overhead (e.g., duplicate accounts, inconsistent policies) and defeats the purpose of centralized identity management.

C. Separate identity stores per region leads to fragmented security and complicates compliance with corporate IT policies.

D. Manual username/password setup is not scalable for a multinational company and increases security risks (e.g., weak passwords, orphaned accounts).

Reference:

Tableau’s Authentication Methods Documentation recommends Active Directory + SSO for enterprise deployments.

Microsoft’s AD Integration Guide explains how SSO works with corporate identity systems.

Implementation Steps:

Configure Tableau Server to sync with AD (via tsm authentication commands)
Enable SSO (e.g., SAML with ADFS, Okta, or Ping Identity).
Map AD groups to Tableau roles for automated permission management.

Explanation:

When dashboards in Tableau Cloud aren’t updating with the latest data, the most common cause is that the data source refreshes aren’t running or the connection to the source is broken.

Why B is correct:

1. Tableau Cloud relies on scheduled refreshes for published data sources and extracts.
2. If refresh schedules are disabled, misconfigured, or failing due to connection/authentication issues, dashboards will show stale data.
3. The logical first step is to verify the data source connection status and check if the refresh jobs have succeeded in Tableau Cloud’s Tasks or Schedules page.

Why not the others?

A. Rebuilding dashboards → Overkill; the visualizations are fine—it’s a data refresh issue.

C. Transitioning back to on-premises → This is a drastic move that doesn’t address the root cause and wastes resources.

D. Limiting user access → Might reduce load but has no effect on whether the data updates.

Reference:

Tableau Help: Schedule Refreshes in Tableau Cloud
Tableau Help: Troubleshoot Extract Refresh Failures
From docs: "If your data is not up to date, verify that the data source connection is valid and that the refresh schedule is enabled and successful."

Explanation:

Why Option C is Correct:

A centralized identity management system (e.g., Okta, Azure AD, PingFederate) provides:

Single sign-on (SSO) for seamless access.

Region-specific compliance (e.g., GDPR in the EU, CCPA in California) via customizable policies.

Audit trails for access monitoring.

Reference: Tableau Cloud Authentication Guide.

Why Other Options Are Incorrect:

A) Shared login: Security nightmare—no accountability or compliance.

B) Local auth per region: Inconsistent and hard to manage at scale.

D) Randomized passwords: Poor UX and doesn’t address compliance.

Implementation Steps:

Choose an IdP (e.g., Azure AD) with regional compliance features.

Configure SAML/OpenID Connect in Tableau Cloud.

Map user attributes to enforce region-based access rules.

Explanation

In large, high-security, high-performance Tableau Server deployments (especially for financial institutions), the service-to-node topology should be strategic:

Critical services (e.g., Repository [pgsql], Data Server, Coordination Service) handle sensitive data and are central to server operations. These should be:

. Isolated on dedicated nodes to prevent resource contention and limit exposure.
. Hardened with security configurations, limited access, and strong OS/network protections.

Less critical or stateless services (e.g., VizQL Server, Application Server) can be collocated on shared nodes to optimize resource usage without jeopardizing security.

This approach balances security (minimizing the attack surface for critical components) and performance (avoiding CPU/memory contention).

Why not the others?

A. Isolating all services on individual nodes → Overly complex, costly, and often unnecessary. It doesn’t give a meaningful performance/security boost for non-critical services.

B. Collocating all services on a single node → Creates a single point of failure and resource bottlenecks, not suitable for high-security environments.

D. Randomly distributing services → No control over performance or security; risks inefficiency and possible downtime.

Reference:

Tableau Help: Distributed and High Availability Deployments
Tableau Blueprint: "Isolate critical Tableau Server processes on dedicated hardware to enhance both performance and security in large-scale deployments."

Explanation:

Why B is Correct?

A phased migration plan minimizes disruptions by:

Testing small batches of dashboards/data sources first to catch issues early.

Scheduling rollouts during low-usage periods (e.g., weekends).

Validating functionality (e.g., permissions, subscriptions) post-migration.

Tableau’s Migration Guide emphasizes this approach.

Why Other Options Are Incorrect?

A. Speed over planning: Risks broken dashboards, data loss, or downtime.

C. Migrating largest datasets first: May overwhelm the new Server and delay critical fixes.

D. Ignoring data/dashboards: Defeats the purpose of migration—users need their content!

Key Steps for a Smooth Migration:

Inventory content:

List dashboards, data sources, users, and schedules.

Prioritize by business impact:

Migrate mission-critical content first.

Test in staging:

Validate performance and permissions.

Reference:
Tableau’s Pre-Migration Checklist.

Final Note:

B is the only method ensuring continuity. Options A/C/D risk chaos. Always communicate timelines to users.