Salesforce Analytics-Admn-201 Dumps

Subscriptions in Tableau Server deliver workbook views to users via email on a schedule. Group subscriptions apply to all group members—let’s unpack this:

Group Subscription Mechanics:

Created via Workbooks > Actions > Subscribe > Select Group.

Delivers content to all users in the group at the time the subscription runs (e.g., daily PDF).

Dynamic: Membership updates (additions/removals) are reflected automatically on the next run.

Option C (The subscription updates automatically to include the new user): Correct.

Details: When you add a user to the group (e.g., via Users > Groups > Add Users), Tableau Server’s subscription process queries the group’s current membership at runtime. The new user receives the subscription on the next scheduled delivery—no manual action needed.

Example: Group "Sales" has a 9 AM subscription. Add a user at 8 AM—they get the email tomorrow at 9 AM.

Option A (Admin receives notice to approve/deny): Incorrect.

Why: No approval workflow exists for group membership changes in subscriptions—it’s automatic.

Option B (Creator must manually edit): Incorrect.

Why: Subscriptions are tied to the group, not a static user list—manual edits aren’t required for membership changes.

Option D (Only members at creation time): Incorrect.

Why: This would be true for individual subscriptions (static list), but group subscriptions are dynamic.

Why This Matters: Dynamic group subscriptions streamline content delivery as teams evolve, reducing admin overhead.

In a high-availability (HA) Tableau Server setup, the Repository (PostgreSQL) has an active and passive instance. Failover occurs if the active Repository fails. Let’s dive into the process:

HA Setup:

Two Repository instances across nodes (active/passive).

Failover switches to the passive instance if the active one becomes unavailable (e.g., crash, network issue).

Cluster Controller:

Role: Monitors all processes (e.g., Repository, File Store) across nodes, detecting failures via heartbeats and status checks.

Failover Decision: If the active Repository stops responding, Cluster Controller initiates failover, promoting the passive instance to active.

Coordination: Works with Coordination Service (ZooKeeper) to update topology but makes the initial detection call.

Option A (Cluster Controller): Correct.

Why: It’s the watchdog process, constantly monitoring Repository health and triggering failover when needed.

Option B (Coordination Service): Incorrect.

Role: ZooKeeper maintains cluster state and coordinates topology updates post-failover, but doesn’t detect the failure—Cluster Controller does.

Option C (Gateway): Incorrect.

Role: Routes client requests—unrelated to internal process monitoring or failover.

Option D (Backgrounder): Incorrect.

Role: Executes background tasks—no involvement in Repository failover decisions.

Why This Matters: Understanding failover ensures HA reliability—Cluster Controller is the linchpin for resilience.

Backing up Tableau Server ensures recovery from failures or migrations. A full backup includes multiple data types—let’s dissect this comprehensively:

Backup Components:

Repository Data: PostgreSQL database with metadata (users, permissions, workbooks). Backed up via tsm maintenance backup -f .tsbak.

Configuration Data: Server settings (e.g., ports, authentication) also in the .tsbak file.

Server Secrets: Encryption keys, internal tokens, Repository passwords—critical for restoring functionality.

Extracts: .hyper files in File Store (optional, separate backup).

Option A (Server secrets and Repository passwords): Correct.

Details: Includes encryption keys (for extracts), internal tokens (process communication), and Repository credentials. Backed up separately or stored securely (e.g., tsm security export-keys).

Why Critical: Without these, restored data may be inaccessible or services may fail.

Option C (Configuration data): Correct.

Details: Ports, authentication settings, process topology—part of the .tsbak file.

Why Critical: Restores server behavior and connectivity post-recovery.

Option D (Repository data): Correct.

Details: Core metadata database—also in .tsbak.

Why Critical: Without it, all content and user data is lost.

Option B (Topology data): Incorrect.

Details: Topology (process distribution) is part of configuration data in the .tsbak, not a separate entity. It’s not distinctly backed up as “topology data.”

Why This Matters: A complete backup (secrets, config, repository) ensures full restoration—missing any piece risks an unusable server.

Tableau Server consists of multiple processes managed by TSM. When you stop Tableau Server (e.g., via tsm stop), most application processes halt, but some TSM-specific processes remain active to manage the server’s infrastructure. Let’s examine each:

TSM Processes: These include the Administration Controller, Administration Agent, and License Manager, which handle configuration, monitoring, and licensing.

Application Processes: These include VizQL Server, Backgrounder, Data Server, etc., which deliver Tableau’s core functionality and stop when the server is stopped.

When tsm stop is executed:

The Administration Controller (port 8850) continues running to manage TSM operations (e.g., restarts, status checks).

The License Manager remains active to validate licenses and ensure compliance, even when the server is offline.

Application processes like VizQL Server and Backgrounder shut down, as they’re tied to user-facing services.

Option B (License Manager): Correct. It persists to handle licensing tasks, ensuring the server can restart without license issues.

Option D (Administration Controller): Correct. It’s the core TSM process, always running to accept commands and manage the server state.

Option A (VizQL Server): Incorrect. VizQL stops, as it renders visualizations for users—an application process tied to active server operation.

Option C (Backgrounder): Incorrect. Backgrounder stops, as it processes background tasks (e.g., extract refreshes), which halt when the server is down.

Why This Matters: Understanding which processes persist helps administrators troubleshoot and manage server lifecycle events effectively.

Tableau Server uses internal secrets (tokens) for secure communication between its processes (e.g., Repository, File Store). These are automatically generated during installation and can be regenerated if compromised or for security maintenance. The command to update these is:

tsm security regenerate-internal-tokens: This regenerates the internal security tokens, ensuring all processes use the new tokens after a restart.

Option C (tsm security regenerate-internal-tokens): Correct. This is the documented command for updating internal secrets.

Option A (tsm data-access caching set -r 1): Incorrect. This command configures caching behavior, not security tokens.

Option B (tsm licenses refresh): Incorrect. This refreshes license data, unrelated to internal secrets.

Option D (tsm security validate-asset-keys): Incorrect. This validates encryption keys for assets, not internal tokens.

Editing permissions on a workbook in Tableau Server depends on the user’s role and the project’s permission settings. Since permissions are not locked (i.e., "Managed by Owner"), let’s dissect who can edit them:

Permission Model:

Not Locked: Owners of content (workbooks, data sources) can set permissions, and Project Leaders can override at the project level.

Site Roles: Define maximum capabilities (e.g., Viewer, Explorer, Creator).

Capabilities: "Set Permissions" is explicit—only certain users get it.

Option C (The workbook’s owner): Correct.

Details: The owner (typically the publisher) has full control over their workbook when permissions are Managed by Owner:

How: In the UI, go to Content > Workbooks > Actions > Permissions—owners can edit rules (e.g., grant Editor to a group).

Site Role: Minimum of Explorer (can publish) or Creator to publish, ensuring "Set Permissions" capability.

Why: Ownership inherently includes permission management unless locked.

Option D (Users set to Project Leader for the workbook’s project): Correct.

Details: Project Leaders are assigned via Content > Projects > Actions > Permissions > Set Project Leader:

Power: Can edit permissions for all content in the project, even if not the owner.

Site Role: Requires Site Administrator or Server Administrator (Creator/Explorer variants suffice).

Why: Overrides ownership in Managed by Owner mode—ensures project-level governance.

Option A (Users with project and workbook Viewer role): Incorrect.

Why: Viewer role (site-level) limits users to viewing—lacks "Set Permissions" capability, regardless of project/workbook rules.

Option B (Users with workbook Interactor role): Incorrect.

Why: "Interactor" isn’t a standard role—likely a misnomer for Explorer or Viewer with interaction permissions (e.g., Filter). No permission-editing rights exist here.

Why This Matters: Knowing who can edit permissions prevents access control gaps—crucial for collaborative or regulated environments.

Tableau Server is designed for production environments and is supported only on server-class operating systems, not desktop operating systems. As of the latest documentation (aligned with knowledge up to March 21, 2025), the supported operating systems for Tableau Server on Windows are:

Windows Server 2016

Windows Server 2019

Windows Server 2022 (added in later versions, but relevant as of 2025).

Desktop operating systems like Windows 7 or Windows 10 are not supported for production installations due to stability, security, and performance requirements.

Option A (Windows 7): Incorrect. Windows 7 is a desktop OS and is not supported for Tableau Server. It’s also end-of-life as of January 2020.

Option B (Windows 10): Incorrect. Windows 10 is a desktop OS and not supported for production Tableau Server deployments, though it may be used for testing in non-production scenarios.

Option C (Windows Server 2019): Correct. This is a supported server OS for Tableau Server.

Option D (Windows Server 2016): Correct. This is also a supported server OS for Tableau Server.

TSM commands manage Tableau Server maintenance—let’s validate their syntax:

Command Requirements:

Some need arguments (e.g., file paths); others are standalone.

Valid and Complete: Must work as-is without errors.

Option C (tsm maintenance cleanup): Correct.

Details: Removes temporary files and old logs—no arguments required (optional flags like -l exist).

Use: tsm maintenance cleanup—runs fully.

Option D (tsm maintenance ziplogs): Correct.

Details: Creates a zip of logs (e.g., tsm-logs.zip)—no arguments needed (optional -d for date range).

Use: tsm maintenance ziplogs—complete and valid.

Option A (tsm maintenance backup): Incorrect.

Why: Requires -f .tsbak (e.g., tsm maintenance backup -f backup.tsbak)—incomplete without it.

Option B (tsm maintenance restore): Incorrect.

Why: Needs -f .tsbak (e.g., tsm maintenance restore -f backup.tsbak)—not standalone.

Why This Matters: Correct syntax ensures maintenance tasks execute without errors—critical for server health.

Kerberos delegation allows Tableau Server to pass a user’s Kerberos credentials to a data source for seamless authentication (SSO)—let’s explore which sources support it:

Kerberos Overview:

Used with Active Directory (AD) for SSO in Windows environments.

Tableau Server delegates the user’s ticket to the data source, avoiding embedded credentials.

Requires:

Data source support for Kerberos.

Proper configuration (e.g., SPN, constrained delegation).

Supported Data Sources: Per Tableau’s documentation:

Option A (Teradata): Correct.

Details: Supports Kerberos delegation—common in enterprise data warehouses.

Config: Enable in TSM (tsm authentication kerberos configure) and set SPN for Teradata.

Option C (SQL Server): Correct.

Details: Fully supports Kerberos—widely used with AD-integrated SQL Server instances.

Config: Requires AD setup and "Trustworthy" delegation in SQL Server.

Option D (SAP HANA): Correct.

Details: Supports Kerberos SSO via delegation—popular in SAP ecosystems.

Config: Needs HANA Kerberos setup (e.g., keytab) and Tableau Server integration.

Option B (PostgreSQL): Incorrect.

Why: Supports Kerberos authentication natively, but Tableau Server doesn’t enable delegation to PostgreSQL—users must embed credentials or use other methods (e.g., OAuth).

Why This Matters: Kerberos delegation enhances security by avoiding stored passwords—knowing supported sources ensures SSO feasibility.

Tableau Server supports multiple authentication methods, including Local Authentication, Active Directory, Kerberos, SAML, and OpenID Connect. OpenID Connect (OIDC) is an identity layer built on OAuth 2.0, commonly used for single sign-on (SSO). In Tableau Server, OIDC is implemented as a variant of SAML (Security Assertion Markup Language) authentication because both are SSO protocols managed through the same configuration workflow.

To use OpenID Connect:

Configure Tableau Server for SAML/SSO.

Provide an OIDC-compatible identity provider (IdP) configuration (e.g., Google, Okta).

Set up the IdP metadata and certificates in TSM.

Option D (SAML): Correct. Tableau Server treats OIDC as a subset of its SAML authentication framework, so you configure it under the SAML settings in TSM.

Option A (Local Authentication): Incorrect. Local Authentication uses Tableau’s internal user database, not an external SSO protocol like OIDC.

Option B (Kerberos): Incorrect. Kerberos is a network authentication protocol for Windows environments, unrelated to OIDC.

Option C (Active Directory): Incorrect. AD uses LDAP or Kerberos, not OIDC, for authentication.

Tableau Server’s user-based licensing (Creator, Explorer, Viewer) ties licenses to individual users—let’s determine compatible authentication methods:

User-Based Licensing:

Licenses are assigned per user, tracked by username.

Authentication determines how users log in—must integrate with licensing.

Option A (Local authentication): Correct.

Details: Users are managed in Tableau Server’s internal database—username/password set manually or via import.

Why: Directly ties to user accounts, fully compatible with licensing.

Option C (Trusted authentication): Correct.

Details: Allows external apps to authenticate users via tickets (e.g., /trusted/).

Why: Maps to Tableau usernames, integrating with licensing—common for embedded analytics.

Config: Trusted IPs or credentials set in TSM.

Option D (Active Directory): Correct.

Details: Uses AD for authentication (LDAP or Kerberos)—users sync to Tableau Server.

Why: AD usernames align with licensing—supports SSO and user management.

Config: Enable via tsm authentication active-directory configure.

Option B (Reliance authentication): Incorrect.

Why: Not a recognized Tableau authentication method—likely a typo (e.g., for "Resilience" or misheard term). No such feature exists.

Why This Matters: Authentication flexibility ensures user-based licensing fits diverse IT environments—critical for adoption.

Tableau Server uses a PostgreSQL database as its repository to store metadata, user information, and permissions. In a high-availability (HA) setup with multiple nodes, there are typically two repository instances: one active and one passive. The "preferred active repository" refers to designating which repository instance should take priority as the active one. This is managed through Tableau Services Manager (TSM).

The correct method to set the preferred active repository is by using the tsm configuration set command. Specifically, you would use a command like:

tsm configuration set -k pgsql.preferred_host -v

This command allows an administrator to specify the preferred host for the active repository, ensuring control over which node takes precedence in an HA environment.

Option B (tabcmd set command) is incorrect because tabcmd is a command-line utility primarily used for administrative tasks like managing users, groups, and content (e.g., publishing workbooks), not for configuring server topology or repository settings.

Option C (TSM browser client's Maintenance page) is incorrect because the Maintenance page in the TSM web interface is used for tasks like backups, restores, and cleanup, but it does not provide an option to set the preferred active repository.

Option D (TSM browser client's Configuration Topology page) is partially relevant since the Topology page displays the current configuration of services across nodes, including the repository. However, it does not allow direct modification of the preferred active repository; this must be done via the tsm command line.

Tableau Services Manager (TSM) is the administrative tool for managing Tableau Server’s configuration, processes, and topology. To log in to TSM (via the web UI at :8850 or CLI), you need:

TSM administrator credentials: These are distinct from site roles and are set during installation or reset via tsm reset.

Local administrative rights: On Windows, the account used to access TSM must be in the local Administrators group on the initial node, as TSM interacts with system-level services.

In a test cluster, the engineer’s inability to log in suggests they lack either the correct TSM credentials or sufficient OS-level permissions. Since the question focuses on a Windows environment and “initial node,” the most immediate requirement is local administrative rights to run TSM commands or access the UI.

Option C (An account with administrative rights to the computer): Correct. The engineer must use an account in the local Administrators group on the initial node to authenticate to TSM. After that, they’ll need the TSM admin username/password set during installation.

Option A (An account with a Creator site role): Incorrect. Site roles (e.g., Creator) apply to content access within Tableau Server, not TSM administration.

Option B (An account with a Site Administrator role): Incorrect. Site Administrators manage site content, not server-level TSM functions.

Option D (An account for the Tableau Server administrator): Partially correct but incomplete. This likely refers to the TSM admin account, but without local admin rights on the machine, login will fail. Option C is more precise.

Comments on visualizations foster collaboration in Tableau Server—let’s break down the requirements:

Commenting Prerequisites:

Site-Level Enablement: Comments must be activated for the site.

Permission: Users need the "Add Comment" capability on the content.

Site Role: Minimum role of Viewer allows commenting if permissions are set.

Option B (Add Comments must be allowed in permissions): Correct.

Details: In the Permissions dialog (e.g., for a workbook), set "Add Comment" to "Allowed" for users/groups. Default is "Denied" unless explicitly enabled.

How: Content > Workbooks > Actions > Permissions > Edit Rule.

Why: Permissions are granular—site enablement alone isn’t enough.

Option D (Comments must be enabled on the site Settings page): Correct.

Details: Go to Site > Settings > General > Allow Comments—check the box.

Why: This is a site-wide toggle (default: off). Without it, no one can comment, regardless of permissions.

Option A (Minimum site role of Explorer - can publish): Incorrect.

Why: Viewer role suffices if permissions allow—Explorer (can publish) isn’t required (it adds publishing, not commenting).

Option C (Server Settings page): Incorrect.

Why: Comments are a site-level feature, not server-wide—no such toggle exists in TSM’s Server Settings.

Why This Matters: Enabling comments at both site and content levels ensures controlled collaboration—key for team insights.

Tableau Server’s performance and stability depend on dedicated resources and proper configuration. Running additional software on the same server is the most likely to cause problems because:

Resource contention: Tableau Server requires significant CPU, RAM, and disk I/O. Other software (e.g., databases, web servers) can compete for these resources, leading to slowdowns, crashes, or failed tasks.

Port conflicts: Tableau uses specific ports (e.g., 80, 443, 8850), and other applications might interfere.

Security risks: Additional software increases the attack surface, potentially compromising Tableau Server.

Tableau recommends running the server on dedicated hardware without unrelated applications.

Option A (Running additional software on the server): Correct. This is a common cause of performance issues and is explicitly discouraged in Tableau’s best practices.

Option B (Separating the Backgrounder and VizQL processes to different machines): Incorrect. This is a supported multi-node configuration that can improve performance, not cause problems, if properly set up via TSM.

Option C (Configuring the server to use a static IP address): Incorrect. A static IP is recommended for Tableau Server to ensure consistent network access, so it’s unlikely to cause issues.

Option D (Using a non-default installation path): Incorrect. While not default, a custom path is supported (via TSM or installer options) and unlikely to cause problems if permissions and disk space are adequate.

Tableau Desktop and Tableau Server have versioning considerations when publishing content, particularly regarding compatibility between older Desktop versions (e.g., 10.5) and newer Server versions (e.g., 2020.1). Let’s break this down step-by-step:

Version Context: Tableau Desktop 10.5 was released in 2017 and used the .tde (Tableau Data Extract) format for extracts. Tableau Server 2020.1, released in 2020, introduced the .hyper extract format (starting with version 10.5, but fully standardized later). When publishing from an older Desktop version to a newer Server version, Tableau ensures backward compatibility but may upgrade certain components.

Publishing Process: With a Creator site role and Publisher permissions, you have the rights to publish workbooks to the specified project. Tableau Server accepts workbooks from older Desktop versions (e.g., 10.5) and upgrades them to the current Server version (2020.1) during publishing. This process is seamless for the workbook itself, but extracts require special handling.

Extract Handling: If the workbook contains embedded .tde extracts (stored within the .twb or .twbx file), Tableau Server 2020.1 converts these to .hyper format upon publishing. This conversion is necessary because .hyper replaced .tde as the default extract engine starting in Tableau 10.5 and beyond, offering better performance and scalability. During this process, Tableau Desktop or Server displays a warning to inform the user of the upgrade, as it’s a one-way conversion (you can’t revert to .tde on the Server).

Now, let’s evaluate the options:

Option A (You will successfully publish without any errors or warnings): Incorrect. While the publishing succeeds, a warning about the .tde to .hyper conversion appears if the workbook contains embedded extracts. Without extracts, no warning occurs, but the question’s context implies extracts are likely involved (common in visualizations).

Option B (Error message: unable to publish to a newer version): Incorrect. Tableau supports publishing from older Desktop versions to newer Server versions. There’s no outright error blocking this; compatibility is maintained.

Option C (Warning: embedded .tde extracts will be upgraded to .hyper): Correct. This is the precise warning displayed when a workbook with .tde extracts is published to a Server version that uses .hyper. It ensures the user is aware of the format change, which might affect extract refresh schedules or performance expectations.

Option D (Warning: workbook will be upgraded to a new version): Partially correct but less specific. The workbook is upgraded to 2020.1 compatibility, but the warning focuses on the extract format change (.tde to .hyper), not the workbook version generically. Option C is more accurate.

Why This Matters: The .tde to .hyper shift improves query performance and supports larger datasets, but users need to know about it for planning (e.g., extract refresh schedules might need adjustment). The warning ensures transparency.