What process decides when a Repository failover is required?
Cluster Controller
Coordination Service
Gateway
Backgrounder
In a high-availability (HA) Tableau Server setup, theRepository(PostgreSQL) has an active and passive instance. Failover occurs if the active Repository fails. Let’s dive into the process:
HA Setup:
Two Repository instances across nodes (active/passive).
Failover switches to the passive instance if the active one becomes unavailable (e.g., crash, network issue).
Cluster Controller:
Role: Monitors all processes (e.g., Repository, File Store) across nodes, detecting failures via heartbeats and status checks.
Failover Decision: If the active Repository stops responding, Cluster Controller initiates failover, promoting the passive instance to active.
Coordination: Works with Coordination Service (ZooKeeper) to update topology but makes the initial detection call.
Option A (Cluster Controller): Correct.
Why: It’s the watchdog process, constantly monitoring Repository health and triggering failover when needed.
Option B (Coordination Service): Incorrect.
Role: ZooKeeper maintains cluster state and coordinates topology updates post-failover, but doesn’t detect the failure—Cluster Controller does.
Option C (Gateway): Incorrect.
Role: Routes client requests—unrelated to internal process monitoring or failover.
Option D (Backgrounder): Incorrect.
Role: Executes background tasks—no involvement in Repository failover decisions.
Why This Matters: Understanding failover ensures HA reliability—Cluster Controller is the linchpin for resilience.
Which three types of data should you backup to ensure that you can restore a Tableau Server? (Choose three.)
Server secrets and Repository passwords
Topology data
Configuration data
Repository data
Backing up Tableau Server ensures recovery from failures or migrations. A full backup includes multiple data types—let’s dissect this comprehensively:
Backup Components:
Repository Data: PostgreSQL database with metadata (users, permissions, workbooks). Backed up via tsm maintenance backup -f
Configuration Data: Server settings (e.g., ports, authentication) also in the .tsbak file.
Server Secrets: Encryption keys, internal tokens, Repository passwords—critical for restoring functionality.
Extracts: .hyper files in File Store (optional, separate backup).
Option A (Server secrets and Repository passwords): Correct.
Details: Includes encryption keys (for extracts), internal tokens (process communication), and Repository credentials. Backed up separately or stored securely (e.g., tsm security export-keys).
Why Critical: Without these, restored data may be inaccessible or services may fail.
Option C (Configuration data): Correct.
Details: Ports, authentication settings, process topology—part of the .tsbak file.
Why Critical: Restores server behavior and connectivity post-recovery.
Option D (Repository data): Correct.
Details: Core metadata database—also in .tsbak.
Why Critical: Without it, all content and user data is lost.
Option B (Topology data): Incorrect.
Details: Topology (process distribution) is part of configuration data in the .tsbak, not a separate entity. It’s not distinctly backed up as “topology data.”
Why This Matters: A complete backup (secrets, config, repository) ensures full restoration—missing any piece risks an unusable server.
What is the minimum required free hard disk space recommended for a Tableau Server installation in production?
32 GB
50 GB
15 GB
64 GB
Tableau Server has specific hardware requirements for production environments to ensure stability and performance. The minimum recommended free disk space for a production installation is50 GB. This accounts for:
The installation itself (approximately 1–2 GB).
Space for log files, temporary files, and extracts managed by the File Store and Data Engine.
Room for backups and operational overhead.
The full minimum hardware recommendations for a single-node production deployment are:
8 CPU cores(2.0 GHz or faster).
32 GB RAM.
50 GB free disk space(on the system drive, typically C: on Windows).
Option A (32 GB): Incorrect. While 32 GB is the minimum RAM requirement, it’s insufficient for disk space in production.
Option B (50 GB): Correct. This matches Tableau’s official recommendation for production environments.
Option C (15 GB): Incorrect. 15 GB is the minimum for a non-production or trial installation, not production.
Option D (64 GB): Incorrect. While 64 GB exceeds the minimum, it’s not the specified requirement—50 GB is sufficient.
Which three types of authentications can you use to implement single-sign-on (SSO) authentication to Tableau Server? (Choose three.)
OpenID Connect
Local Authentication
Kerberos with Active Directory
Security Assertion Markup Language (SAML)
Single Sign-On (SSO) allows users to authenticate once (e.g., via a corporate identity provider) and access Tableau Server without re-entering credentials. Tableau Server supports several SSO methods:
OpenID Connect (OIDC): An OAuth 2.0-based protocol for SSO, configured via Tableau’s SAML settings with an OIDC-compatible IdP (e.g., Google, Okta).
Kerberos with Active Directory: A ticket-based SSO protocol, widely used in Windows environments with AD integration.
SAML: A flexible SSO standard using XML assertions, supporting various IdPs (e.g., ADFS, PingFederate).
Let’s evaluate:
Option A (OpenID Connect): Correct. OIDC is an SSO method, implemented as a SAML variant in Tableau Server, enabling seamless login.
Option C (Kerberos with Active Directory): Correct. Kerberos provides SSO in AD environments, delegating authentication to the domain controller.
Option D (Security Assertion Markup Language - SAML): Correct. SAML is a core SSO method in Tableau, widely adopted for enterprise integrations.
Option B (Local Authentication): Incorrect. Local Authentication uses Tableau’s internal user database, requiring manual credential entry—no SSO support.
Why This Matters: SSO enhances user experience and security by leveraging existing identity systems, reducing password fatigue.
What statement correctly describes locking permissions to a project?
Locking permissions to projects must be enabled on the Tableau Server Settings page
You can lock permissions to a project by changing Customizable to Locked
Content permissions are locked to a project by default
You can lock permissions to a project by setting the appropriate Project permission role
In Tableau Server,projectsorganize content (workbooks, data sources) and use permissions to control access. "Locking permissions" restricts how permissions are managed within a project—let’s explore this exhaustively:
Permission Management Modes:
Managed by Owner: Default mode. Content owners (e.g., workbook publishers) can set permissions on their items, inheriting project defaults as a starting point.
Locked to the Project: Project-level permissions are enforced, and content owners cannot modify them. This ensures consistency across all items in the project.
How to Lock:
In the Tableau Server web UI:
Go toContent > Projects.
Select a project, clickActions > Permissions.
In the Permissions dialog, changePermissions Managementfrom "Customizable" (Managed by Owner) to "Locked."
Set the desired permissions (e.g., Viewer, Editor) for users/groups, which then apply uniformly to all content.
Via REST API: Use the updateProject endpoint with "permissionsLocked": true.
Option B (You can lock permissions to a project by changing Customizable to Locked): Correct.
Details: This is the precise action in the UI—switching from "Customizable" to "Locked" locks permissions at the project level.
Impact: Owners lose the ability to override permissions on individual workbooks/data sources, enforcing governance.
Example: Set "All Users" to Viewer (Locked)—all content in the project is view-only, regardless of owner intent.
Option A (Locking permissions must be enabled on the Server Settings page): Incorrect.
Why: Locking is a per-project setting, not a server-wide toggle. The Server Settings page (via TSM) controls global configs (e.g., authentication), not project permissions.
Option C (Content permissions are locked by default): Incorrect.
Default: New projects are "Managed by Owner" (Customizable), allowing flexibility unless explicitly locked by an admin.
Option D (By setting the appropriate Project permission role): Incorrect.
Confusion: "Project permission role" isn’t a term—permissions are set via rules (e.g., Viewer, Editor), but locking is a separate action (Customizable → Locked).
Why This Matters: Locking permissions ensures uniform access control, critical for regulated environments or large teams where consistency trumps flexibility.
Which two types of content can you include in comments on a visualization? (Choose two.)
Interactive snapshots of a view
Text
@mentions
Images (jpg, png)
Comments on Tableau Server visualizations facilitate collaboration. Let’s explore what’s supported:
Comments Feature: Enabled per site (Settings > General > Allow Comments). Users with "Add Comment" permission can post on views.
Option B (Text): Correct.
Details: The primary content type—users type free-form text in the comment box.
Use: Notes, questions, or feedback (e.g., "Sales spiked here—why?").
Option C (@mentions): Correct.
Details: Typing @username notifies the mentioned user via email or the UI (if notifications are enabled).
Use: Directs comments to specific people (e.g., "@John, check this trend").
Option A (Interactive snapshots of a view): Incorrect.
Details: Snapshots (static images) aren’t supported in comments—users must take screenshots externally and can’t embed them interactively.
Option D (Images - jpg, png): Incorrect.
Details: No attachment or image embedding in comments—text and mentions only. Workaround: Link to an image hosted elsewhere.
Why This Matters: Comments enhance teamwork, but their simplicity (text + mentions) keeps the interface lightweight and focused.
What should you do to disable table recommendations for popular data sources and tables to users?
Disable the option using the site Settings page
Use the command: tsm configuration set -k recommendations.enabled -v false
Publish data sources only to projects with permissions locked to the project
Disable the option using the server Settings page
Table recommendations in Tableau Server suggest popular tables and data sources to users when they create new content in the web authoring environment. This feature is enabled by default but can be disabled at the site level.
Option A (Disable the option using the site Settings page): Correct. A site administrator can disable table recommendations by navigating to the site’s Settings > General page in the Tableau Server web interface and unchecking the option "Enable table recommendations." This prevents users on that site from seeing these suggestions, offering a straightforward UI-based solution.
Option B (Use the command: tsm configuration set -k recommendations.enabled -v false): Incorrect. There is no recommendations.enabled key in the TSM configuration settings. This feature is managed per site, not server-wide via TSM.
Option C (Publish data sources only to projects with permissions locked): Incorrect. Locking permissions restricts access but doesn’t disable the recommendation feature itself. Users with access would still see recommendations.
Option D (Disable the option using the server Settings page): Incorrect. Table recommendations are a site-specific setting, not a server-wide setting. The server Settings page (via TSM) controls global configurations, not this feature.
Which three data sources support Kerberos delegation with Tableau Server? (Choose three.)
Teradata
PostgreSQL
SQL Server
SAP HANA
Kerberos delegationallows Tableau Server to pass a user’s Kerberos credentials to a data source for seamless authentication (SSO)—let’s explore which sources support it:
Kerberos Overview:
Used with Active Directory (AD) for SSO in Windows environments.
Tableau Server delegates the user’s ticket to the data source, avoiding embedded credentials.
Requires:
Data source support for Kerberos.
Proper configuration (e.g., SPN, constrained delegation).
Supported Data Sources: Per Tableau’s documentation:
Option A (Teradata): Correct.
Details: Supports Kerberos delegation—common in enterprise data warehouses.
Config: Enable in TSM (tsm authentication kerberos configure) and set SPN for Teradata.
Option C (SQL Server): Correct.
Details: Fully supports Kerberos—widely used with AD-integrated SQL Server instances.
Config: Requires AD setup and "Trustworthy" delegation in SQL Server.
Option D (SAP HANA): Correct.
Details: Supports Kerberos SSO via delegation—popular in SAP ecosystems.
Config: Needs HANA Kerberos setup (e.g., keytab) and Tableau Server integration.
Option B (PostgreSQL): Incorrect.
Why: Supports Kerberos authentication natively, but Tableau Server doesn’t enable delegation to PostgreSQL—users must embed credentials or use other methods (e.g., OAuth).
Why This Matters: Kerberos delegation enhances security by avoiding stored passwords—knowing supported sources ensures SSO feasibility.
What type of information is stored in the tsm maintenance backup -f
Notification settings
SMTP server settings
Repository data
Topology data
The tsm maintenance backup command creates a backup file (with a .tsbak extension) that captures critical data needed to restore Tableau Server in case of failure or migration. This backup primarily includes:
Repository data: This encompasses the PostgreSQL database, which stores metadata such as workbooks, data sources, user information, permissions, schedules, and subscriptions.
Configuration data: This includes server settings like authentication methods, port configurations, and service layouts, but it does not include topology data as a separate entity (topology is part of the configuration).
The command does not back up the following:
Extract files (stored in the File Store), which must be backed up separately if needed.
Log files, which are archived using tsm maintenance ziplogs.
Option A (Notification settings) is incorrect because while notification settings are part of the configuration data stored in the repository, they are not the primary focus of the backup. The broader category is "repository data."
Option B (SMTP server settings) is also incorrect for the same reason—SMTP settings are configuration data within the repository, but the backup is not limited to just these settings.
Option D (Topology data) is incorrect because topology data (e.g., how services are distributed across nodes) is part of the configuration included in the backup, but it’s not stored as a standalone item. The .tsbak file is centered on the repository database.
What are two features of the Tableau Server user-based license? (Choose two.)
A subscription license
Enables distinct user roles
Restricts the number of machine cores you can deploy
A perpetual license
Tableau Server’s user-based licensing model assigns licenses to individual users (Creator, Explorer, Viewer) rather than machines or cores. Key features include:
Subscription license: Licenses are typically subscription-based, renewed annually or monthly, aligning with Tableau’s pricing model.
Distinct user roles: It supports three roles (Creator, Explorer, Viewer), each with specific capabilities, enabling granular access control.
Option A (A subscription license): Correct. User-based licenses are subscription-based by default.
Option B (Enables distinct user roles): Correct. The model defines Creator, Explorer, and Viewer roles.
Option C (Restricts the number of machine cores): Incorrect. This applies to core-based licensing, not user-based.
Option D (A perpetual license): Incorrect. Perpetual licenses were phased out; user-based licenses are subscription-based as of recent models.
A user named John publishes a workbook named Sales Quota to a project named Sales. The All Users group has the View and Download Workbook/Save As capabilities only to the Sales project. A user named Sandy has the Explorer (can publish) site role, on the Sales Quota workbook. No other users orgroups have permissions to the Sales project. The Sales project is set to Managed by the owner. What are the effective rights for Sandy?
All of the capabilities associated with the Editor rule
View and Download Workbook/Save As
The same rights as John
No access
What process decides when a Repository failover is required?
Cluster Controller
Coordination Service
Gateway
Backgrounder
In a high-availability (HA) Tableau Server setup, theRepository(PostgreSQL) has an active and passive instance. Failover occurs if the active Repository fails. Let’s dive into the process:
HA Setup:
Two Repository instances across nodes (active/passive).
Failover switches to the passive instance if the active one becomes unavailable (e.g., crash, network issue).
Cluster Controller:
Role: Monitors all processes (e.g., Repository, File Store) across nodes, detecting failures via heartbeats and status checks.
Failover Decision: If the active Repository stops responding, Cluster Controller initiates failover, promoting the passive instance to active.
Coordination: Works with Coordination Service (ZooKeeper) to update topology but makes the initial detection call.
Option A (Cluster Controller): Correct.
Why: It’s the watchdog process, constantly monitoring Repository health and triggering failover when needed.
Option B (Coordination Service): Incorrect.
Role: ZooKeeper maintains cluster state and coordinates topology updates post-failover, but doesn’t detect the failure—Cluster Controller does.
Option C (Gateway): Incorrect.
Role: Routes client requests—unrelated to internal process monitoring or failover.
Option D (Backgrounder): Incorrect.
Role: Executes background tasks—no involvement in Repository failover decisions.
Why This Matters: Understanding failover ensures HA reliability—Cluster Controller is the linchpin for resilience.
You have a server that contains 16 processor cores. What is the default number of VizQL instances configured by the installer?
4
6
10
2
The VizQL Server process in Tableau Server handles rendering visualizations and processing queries for users viewing dashboards or workbooks. During installation, Tableau Server automatically configures the number of VizQL instances based on the number of processor cores on the machine, following this rule:
Default VizQL instances = 2 per node, unless manually adjusted post-installation.
In multi-node setups, additional instances may be added based on core count, but the question specifies a single server with 16 cores.
The installer does not scale VizQL instances linearly with core count by default (e.g., it doesn’t set 1 instance per 4 cores). Instead:
For a single-node installation, the default is 2 VizQL instances, regardless of core count (assuming the minimum hardware requirements are met: 8 cores, 32 GB RAM).
Administrators can later adjust this using TSM (e.g., tsm topology set-process) based on performance needs, but the question asks for the default configured by the installer.
Option A (4): Incorrect. Four instances might be configured manually for a 16-core server, but it’s not the default.
Option B (6): Incorrect. Six instances exceed the default for a single node.
Option C (10): Incorrect. Ten instances are far beyond the default and would require manual configuration.
Option D (2): Correct. The installer sets 2 VizQL instances by default on a single-node installation.
TESTED 16 Jul 2026
