Salesforce Security-and-Privacy-Accredited-Professional Exam Dumps

Salesforce Security & Privacy Accredited Professional Exam

647 Reviews

Exam Code	Security-and-Privacy-Accredited-Professional
Exam Name	Salesforce Security & Privacy Accredited Professional Exam
Questions	106 Questions Answers With Explanation
Update Date	04, 26, 2026
Price	Was : $90 Today : $50 Was : $108 Today : $60 Was : $126 Today : $70

Add To Cart

Demo Questions

Question # 1

How does SF control access to its APIs? 

A. OAuth Flows 
B. OAuth Everywhere 
C. Connected Apps 
D. Customer 360 API Connect 

Show Answer

Question # 2

After a user completes setup of a portability policy, what API needs to be run to compile the identified PII? 

A. SOAP API
 B. Metadata API 
C. REST API 
D. Portability API 

Show Answer

Question # 3

How does a user reverse the masking of data once the process has completed? 

A. Data Mask retains any historical data that can be retrieved by an admin 
B. The masking of data is an irreversible process 
C. Data Mask takes snapshots of prior versions of sandbox data that can be viewed 
D. Utilize the "Unmask' feature 

Show Answer

Question # 4

MFA is enabled at which level for Marketing Cloud-Email Studio, Mobile Studio, and Journey Builder? 

A. User level 
B. Top-level account 
C. Role level
 D. Business unit level 

Show Answer

Question # 5

Which two reasons explain this?

 A. Entering codes from text messages is error-prone
 B. Mobile devices can be lost or broken 
C. Email account credentials can be compromised 
D. SIM cards can be hacked 

Show Answer

Question # 6

Which type of field allows tracking with Field Audit Trail? 

A. Last Modified By
 B. Formula 
C. Currency field 
D. Roll-Up Summary 

Show Answer

Question # 7

Which metric view holds information on the 'Password Never Expires' setting? 

A. Permission Metrics 
B. Configuration Metrics 
C. Authentication Metrics 
D. User and Profile Metrics 

Show Answer

Question # 8

If a user loses their verification method, what are three of the recommended steps an admin should take? 

A. Disconnect the lost verification method 
B. Generate a temporary verification code so the user can log in 
C. Ask the user to submit a lost verification method report before proceeding with any other steps Post about the incident to all Salesforce users as a learning opportunity 
D. Monitor the user's account activity for suspicious activity 

Show Answer

Question # 9

What three are driving factors for Data Mask completion time? 

A. Number of fields being masked 
B. The amount of data in the fields 
C. A valid distractor 
D. The time of day a config is run 
E. Type of masking rules selected 

Show Answer

Question # 10

Which three standard authentication protocols does Salesforce support to integrate external applications using APIs? 

A. OpenID Connect 
B. Single Sign On (SSO) 
C. OMFA 
D. Security Assertion Markup Language (SAML) 
E. OAuth 

Show Answer

Question # 11

What are three tactics for ensuring the success of an MFA implementation? 

A. Train users on how to bypass MFA if they forget or lose their verification methods
B. Defer MFA logins for new hires until they're comfortable working in Salesforce 
C. Watch for recurring login problems and changes to how many users are logging in Collect and evaluate user feedback 
D. Have a clear and easy access recovery process for users who forget or lose their verification method 

Show Answer

Question # 12

When will a user select the "Unique' check box next to a field as part of their Data Mask configuration? 

A. If a user wants to mask with data generated using a defined pattern. 
B. When a user wants to prevent unintended reuse of library words or random characters 
C. Whenever a user needs to delete sensitive data entirely, leaving an empty data set 
D. When a user needs to specify a minimum and maximum value for the field. 

Show Answer

Question # 13

What are two differences between MFA and Device Activation? 

A. Users can opt out of receiving Device Activation challenges, but can't opt out of MFA challenges 
B. MFA challenges users on every login; Device Activation challenges users only when they log in from a new device 
C. Device Activation allows SMS as a verification method while MFA does not 
D. MFA is enabled for all users by default, admins must enable Device Activation 

Show Answer

Question # 14

What consideration should be made when connecting Salesforce orgs hosted in different data centers? 

A. Data Residency 
B. Fallover 
C. IP restrictions 
D. Scalability 

Show Answer

Question # 15

What do Right to be Forgotten policies automate? 

A. How to compile and send PII to customers. 
B. How PII is anonymized 
C. How and when PII is deleted. 
D. How PII is stored and archived 

Show Answer

Question # 16

Can a customer run a penetration test against Salesforce? 

A. Some types of penetration testing are permitted, but not in production 
B. No, this is not permitted under any circumstances 
C. Penetration testing is allowed, but the Salesforce Agreement needs to be signed before testing can comment 
D. Penetration testing can be carried out at anytime by anyone 

Show Answer

Question # 17

Which three options can be controlled through password policies in Salesforce?

A. Password expiration 
B. Password complexity 
C. Password length
 D. Password with special characters 
E. Disallowed passwords 

Show Answer

Question # 18

Which of the following is a blocker to rolling out MFA? 

A. Licensing for Transaction Security Policies 
B. Users refusing to install applications on their personal phones 
C. Shared accounts or credentials 
D. Licensing for Login Flows

Show Answer

Question # 19

Which Customer 360 Privacy Center capability is used to control how long data is stored in Salesforce? 

A. Date Archiving 
B. DeteRetention 
C. Date Subject Rights 
D. Data Privacy Law Compliance 

Show Answer

Question # 20

Which filter operator is supported by Deterministic Encryption? 

A. contains 
B. like 
C. equals 
D. starts with 

Show Answer

Question # 21

What user permission is required to view Security Center pages and manage app configurations?

A. Customize Application 
B. Manage Security Center 
C. View All Data 
D. Modify All Data 

Show Answer

Question # 22

A customer needs to track field history for more than 20 fields per object? How should the consultant advise them to proceed?

 A. Purchase additional storage capacity to unlock additional field history tracking. 
B. Purchase the Field Audit Trail add-on feature. 
C. Purchase additional field history tracking capacity in blocks of 20 fields. 
D. Enable and save field history tracking settings on the 21st field to automatically add additional field history tracking capacity to the org. 

Show Answer

Question # 23

Which feature in Heroku allows an organization to generate a URL that can be used to download selected data in various formats? 

A. Heroku Kafka 
B. Heroku Postgres Dataclips 
C. Heroku Redis
 D. Heroku Connect 

Show Answer

Question # 24

What two things occur if Platform Encryption is later enabled on fields that are enabled for Field Audit Trail? 

A. Customers must run encryption sync again to encrypt the previously stored data for these fields 
B. All data for these fields will be automatically encrypted 
C. Data that was stored prior to encryption enablement can be encrypted via a support case 
D. Only new data in these fields will be encrypted 

Show Answer

Question # 25

What is the correct order of precedence of strong verification methods for MFA logins? 

A. Salesforce Authenticator, Third-party TOTP authenticator apps, Security keys 
B. Security keys, Salesforce Authenticator, Third-party TOTP authenticator apps 
C. Third-party TOTP authenticator apps, Security keys, Salesforce Authenticator 
D. Salesforce Authenticator, Security keys, Third-party TOTP authenticator apps 

Show Answer