General Exam Tips
- 1.Read ALL answer options before selecting — many questions have a plausible-but-wrong option that sounds correct but violates Salesforce best practices
- 2.Scenario questions contain crucial clues in the constraints: look for words like 'without code', 'external system', 'multiple sources', 'post-deployment', and 'pre-deployment' — they signal which tool or approach to pick
- 3.No penalty for wrong answers — flag hard questions, keep moving, and come back. 105 minutes for 60 questions gives you about 1 min 45 sec each
- 4.Multiple-select questions: read the question stem carefully for 'Select TWO' or 'Select ALL that apply' — missing a required option counts as wrong
- 5.The exam was replaced in March 2025 from the old AI Specialist — any prep material from before March 2025 covers deprecated content that will hurt your score
- 6.When two answers both seem correct, the Salesforce-recommended best practice wins. Eliminate technically-valid-but-not-ideal options first
- 7.Many candidates report the exam is harder than expected — scenario-based questions test judgment, not just memorization. Hands-on practice in a Developer Edition org is the most-cited differentiator between passing and failing
- 8.Draw a quick mental diagram for complex agent configuration questions: user utterance → Atlas → topic → action → result
- 9.Domain weights: AI Agents (35%), Prompt Engineering (20%), Data Cloud (20%), Development Lifecycle (20%), Multi-Agent (5%). Spend study time proportionally — AI Agents alone is roughly 21 of 60 questions
- 10.Aim for 80%+ on practice exams before sitting the real exam — the 73% passing score has less margin for error than it looks on scenario-based questions
Quick Navigation
AI Agents
Must-Know Facts
- Atlas reasoning engine pipeline: user utterance → topic selection → action planning → action execution → response delivery. Atlas selects the topic FIRST, then plans actions — it does NOT execute directly
- Four agent types and their distinct use cases: Service Agent (external customer-facing, replaces chatbots without preprogrammed scenarios), Sales SDR Agent (lead qualification and meeting booking, top-of-funnel automation), Sales Coach (personalized coaching with role-playing for sales reps, rep development), Employee Agent (internal role-based collaborator for staff)
- Topics define what jobs the agent can do. Instructions set decision-making boundaries for how the agent behaves within a topic. Actions are the specific tasks the agent executes
- Agent User is a special Salesforce system user that the agent runs AS — it is NOT the human interacting with the agent. Data access is controlled via permission sets on the Agent User, not the end user's profile
- Standard topics/actions come pre-built and TYPE-SPECIFIC with each agent type — the standards for Service Agent differ from those for Sales SDR or Employee Agent. Custom topics/actions are manually created for unique requirements
- Action types: invocable Apex (@InvocableMethod), REST Apex class, autolaunched Flow, Prompt Template, MuleSoft API — each has a distinct trigger pattern and use case
- Apex-based custom actions require 75% test coverage — same as any Apex in Salesforce. This is a Salesforce platform requirement, not an Agentforce-specific rule
- Channel connections available: Slack, Messaging (SMS, WhatsApp), web chat, email, custom channels. Connecting to a channel does NOT automatically configure Agent User permissions — permissions must be set separately
- Deterministic behavior controls: filters and variables constrain Atlas's decision range to produce predictable responses for compliance-sensitive or regulated scenarios
- Classification Description on each topic is what Atlas uses to select the correct topic — a poor classification description leads to wrong topic selection, which is one of the most common agent misconfiguration issues
Common Traps
Confusing Pairs
Scenario Tips
When the question describes a business wanting to handle customer service inquiries without preprogrammed scripts across web and mobile channels...
Configure a Service Agent. It is designed for external customer-facing interactions and uses Atlas reasoning rather than predefined flows, handling novel questions without scripting
Employee Agent sounds like it could serve anyone but is for INTERNAL staff only. Do not confuse 'serves the business' with 'is external-facing'
When the question asks how to restrict what data an Agentforce agent can access when responding to queries...
Configure permission sets on the Agent User. The Agent User's permissions define the agent's data access boundary, regardless of what the end user can see
Profile-based security or sharing rules on records sound correct but apply to human users, not to the Agent User system account. The exam specifically tests this distinction
When the question asks which action type to use to call out to an external REST API with custom response transformation...
REST Apex class action or Invocable Apex action. Use REST Apex for REST callouts. Use Invocable Apex for custom callouts with business logic. Remember: Apex actions require 75% test coverage before deployment
MuleSoft API action is also valid for external APIs but requires the MuleSoft integration layer. If the question specifies no MuleSoft or asks for the simplest approach with existing Apex code, choose the Apex action type
When the question asks about making agent behavior predictable for a compliance-sensitive scenario where incorrect responses could cause regulatory issues...
Use deterministic behavior controls — filters and variables constrain the agent's decision range for specific scenarios while still using Atlas reasoning
Replacing the agent with a traditional Flow-based chatbot removes AI reasoning entirely. The exam expects you to use Agentforce-native controls, not abandon AI for scripted bots
When the question asks what an administrator should check first if the agent is selecting the wrong topic for user messages...
Review the Classification Description on each topic. Atlas uses Classification Descriptions to select topics — a vague or overlapping description causes wrong topic selection
Checking action configuration or Trust Layer settings won't fix topic selection errors — the issue is upstream at the Classification Description level
Last-Minute Facts
Prompt Engineering
Must-Know Facts
- Prompt Builder is the Salesforce tool for creating REUSABLE prompt templates — not a general text editor. Templates must be explicitly activated before they can be used by agents or users
- Three template types: Sales Email (generates email drafts for sales reps, scoped to email content), Field Generation (auto-fills a SPECIFIC record field with AI output, tied to one object + one field), Flex (general-purpose with custom inputs, not tied to a single field)
- Template activation is a REQUIRED separate step — a created template that is not activated cannot be used. Creation and activation are two distinct lifecycle stages
- Three grounding techniques: merge fields (raw record field values pulled at runtime), Flow merge fields (data processed/calculated by a Flow before insertion), RAG from Data Cloud (semantic search across unstructured knowledge bases)
- Merge fields pull data at RUNTIME — the data is dynamic and specific to the record context at the time the template executes, not static at template creation time
- Prompt templates can serve as ACTIONS in Agent Builder — a Prompt Template action is one of the five action types an agent can execute
- Best practices for reducing hallucinations: ground prompts in relevant data, set a specific output format, include guardrails, provide clear and specific instructions — vague prompts increase hallucination risk
- Each AI feature (including an individual Agentforce agent) can use only ONE Data Library for RAG grounding at a time
- User roles in Prompt Builder control who can create, edit, activate, and use templates — not everyone with Salesforce access can manage prompt templates. This is a common governance oversight
- Field Generation templates can encounter token limit errors when record data is variable-length or excessively long — Flex templates handle variable-length inputs more gracefully in these cases
Common Traps
Confusing Pairs
Scenario Tips
When the question asks about automatically generating a text summary on an Opportunity record using data from that specific record...
Field Generation template in Prompt Builder. It is designed to auto-fill a specific field on a record with AI-generated content
Flex template is tempting because it is 'flexible' — but Flex is for cases NOT tied to a specific field. Field Generation is the precise tool when the output maps to a single record field
When the question describes needing data from multiple related child records (e.g., sum of line item amounts or a count of open cases) included in a prompt...
Use Flow merge fields. The Flow aggregates or calculates the related data, then the Flow merge field inserts the computed result into the prompt template
Standard merge fields sound close but they only pull raw field values from a single record. They cannot aggregate or compute across related records — that requires a Flow
When a Field Generation template is working for most records but failing with token limit errors on records with unusually long text fields...
Switch to a Flex template. Flex handles variable-length inputs more gracefully because its inputs are defined with custom controls and it is not bound to a fixed object/field structure
Adding more merge fields to the Field Generation template is the wrong direction — more merge fields add tokens, which increases the chance of hitting the limit, not resolves it
When the question asks about making a prompt template available for agents or users to actually use in their workflows...
Activate the template. Activation is a required step after template creation. An unactivated template exists in the system but cannot be invoked regardless of user permissions
Assigning the template to a user or publishing it sounds logical but activation is the specific gate — this is a Prompt Builder lifecycle concept the exam tests repeatedly
Last-Minute Facts
Data Cloud for Agentforce
Must-Know Facts
- Data Cloud was rebranded to Data 360 in late 2025 — same product, different name. The exam may use either name; treat them as identical
- Data Library is the storage layer that manages knowledge sources for agent grounding. Each AI feature (including an individual Agentforce agent) can use only ONE Data Library at a time
- Data Library sources: Salesforce Knowledge articles, uploaded files (text, HTML, PDFs with size limits), and Data Cloud objects. Not all data types are supported — structured CRM records use merge fields, not the Data Library
- Chunking: breaking unstructured documents into semantically meaningful pieces for indexing. Chunk size and field selection choices directly impact retrieval quality — this is manually configured, NOT automatic
- Indexing: creating vector embeddings (numerical representations) from chunked content. Which fields you include during indexing determines what the retriever can find — wrong field selection = irrelevant results
- Three search index types: keyword (exact lexical matching, precise for numbers and codes), vector (semantic similarity via embeddings, understands meaning), hybrid (combines both keyword precision with vector understanding)
- Enriched indexes: a vector or hybrid index enhanced with automatically extracted metadata, entities, and question-answer pairs to improve RAG retrieval accuracy — an ENHANCEMENT on top of an existing index type, not a fourth index type
- Two retriever types: individual (queries one index, simpler, faster) vs ensemble (combines results from multiple indexes, broader coverage, higher complexity and latency). Use ensemble ONLY when data is spread across multiple sources
- Only ONE retriever version is active at a time — multiple versions can exist but only one is live. Updating a retriever changes query rules; changing what is indexed requires updating the index itself
- RAG has two phases: offline (chunking and indexing documents into the vector store — happens once when data is added or updated) and online (retrieving relevant chunks at query time to ground the prompt — happens every time a user interacts with the agent)
Common Traps
Confusing Pairs
Scenario Tips
When the question describes an agent that needs to search product documentation containing both model numbers (SKU-4892) and conceptual troubleshooting steps...
Configure hybrid search. It combines keyword precision (for exact model numbers) with vector semantic understanding (for troubleshooting concepts). Neither keyword alone nor vector alone handles both requirements
Vector search alone sounds like the modern AI answer but it struggles with exact product codes and model numbers — a common trap in Data Cloud questions
When an agent is returning irrelevant results from the Data Library despite having a well-configured retriever...
Investigate chunking configuration and field selection during indexing. Poor chunk sizes or wrong indexed fields are the most common causes of irrelevant retrieval results
Trust Layer blocking sounds plausible but would prevent responses entirely, not return irrelevant ones. Permission errors cause access failures, not bad content
When the question asks an agent to pull data from both a Salesforce Knowledge base AND a set of uploaded PDF product manuals...
Configure an ensemble retriever. It combines results from multiple indexes so data from both Knowledge articles and PDFs can be searched and ranked together
An individual retriever pointing to Knowledge alone would miss the PDF data entirely. You need ensemble when data genuinely spans multiple sources
When the question asks about what happens when you update the retriever configuration after seeing irrelevant search results...
Updating the retriever configuration only changes query rules. To fix what is actually retrievable, you must update the search INDEX itself — reconfigure which fields are indexed and re-run the indexing process
Editing the retriever config is the wrong layer — retriever and index are separate. The exam tests this two-layer architecture distinction
Last-Minute Facts
Development Lifecycle
Must-Know Facts
- Agent lifecycle stages: ideation, building, testing (Testing Center), deployment, and observation (Analytics + Utterance Analysis). The cycle is ITERATIVE — observation feeds back into ideation and building improvements
- Agentforce Testing Center: PRE-deployment tool for BATCH testing entire agent configurations. Tests topic selection accuracy, action execution correctness, and overall agent behavior at scale before going live
- Utterance Analysis: POST-deployment tool that analyzes REAL production conversations to identify where the agent struggled with intent, gave poor responses, or missed new topic opportunities
- Agentforce Analytics: POST-deployment monitoring providing adoption metrics, usage patterns, deflection rates, escalation rates, and response quality insights. Built on Data Cloud
- Digital Wallet: tracks CONSUMPTION/COST of Data Cloud and Agentforce usage across both sandbox and production environments. It is NOT a performance or quality metrics tool
- Sandbox environments support Agentforce development and UAT. The Einstein Trust Layer audit trail is active in sandboxes — security testing works in sandbox just like in production
- Agent configurations must be EXPLICITLY DEPLOYED from sandbox to production — they do not sync automatically. Treat agent configurations as deployable metadata
- Agentforce Observability: the broader umbrella that includes Agentforce Analytics PLUS live health monitoring, step-by-step agent reasoning traces (watching the agent reason), and consumption tracking
Common Traps
Confusing Pairs
Scenario Tips
When the question asks about identifying conversations where the agent failed to understand customer intent AFTER deployment...
Utterance Analysis. It analyzes post-deployment production conversations to surface intent failures and topic coverage gaps
Testing Center is tempting because it sounds like 'testing' — but it is a PRE-deployment validation tool. After the agent is live in production, Utterance Analysis is the correct tool
When the question asks about validating that an agent correctly selects topics for 200 test scenarios BEFORE going live...
Agentforce Testing Center. It enables batch testing of complete agent configurations before production deployment, covering topic selection and action execution across many test cases simultaneously
Utterance Analysis sounds like it involves testing conversations but it only works with real production conversations that happen AFTER deployment — it cannot be used pre-deployment
When the question asks about tracking how much the Agentforce deployment is costing across both sandbox and production environments...
Digital Wallet. It provides consumption metering and cost visibility across all environments including sandbox and production
Agentforce Analytics is about performance quality and adoption, not cost. Observability dashboards show health and reasoning, not spend
When the question describes using observations from production conversations to improve the agent and feed back into agent configuration...
Utterance Analysis provides the post-deployment insights. The development lifecycle is iterative — Utterance Analysis observations should feed back into the ideation and building phases for configuration improvements
Testing Center is for pre-deployment validation of new configurations, not for gathering production feedback that drives improvement
Last-Minute Facts
Multi-Agent Interoperability
Must-Know Facts
- Model Context Protocol (MCP) is an OPEN STANDARD originally created by Anthropic — not a Salesforce-proprietary protocol. Salesforce adopted it for agent-to-external-tool communication
- MCP architecture: client-server model. Agentforce acts as the MCP CLIENT. External tools expose MCP SERVERS. The agent calls the MCP server to interact with external systems
- MCP actions in Agentforce execute WITHIN the Einstein Trust Layer boundary — PII is masked before reaching any LLM, even through external MCP connections. The Trust Layer is not bypassed
- AgentExchange: Salesforce's curated marketplace of VETTED MCP servers and pre-built agent components. No-code deployment through Agent Builder. It is NOT an open marketplace — servers are security-reviewed before listing
- Agent API: programmatic interface for EXTERNAL SYSTEMS to invoke Agentforce agents. Used when a custom application outside Salesforce needs to call an agent. This is INBOUND (external → Agentforce)
- MCP direction: agent calls external tools (OUTBOUND, Agentforce → external). Agent API: external calls the agent (INBOUND, external → Agentforce). These are opposite directions
Common Traps
Confusing Pairs
Scenario Tips
When the question asks how to connect an Agentforce agent to an external project management tool to create tasks, without writing custom code...
Use AgentExchange to find and deploy a vetted MCP server for that tool. AgentExchange provides no-code deployment of pre-built MCP connections through Agent Builder
Salesforce Connect sounds similar but is for external DATA SOURCE connections (reading data from external systems), not for agent tool interactions or taking actions in external systems
When the question asks what ensures sensitive customer data is protected when an Agentforce agent uses MCP to interact with an external system...
The Einstein Trust Layer masks PII before data reaches any LLM through MCP. Trust Layer is applied within the Agentforce side of the pipeline, not bypassed by the MCP connection
The external system's own security is a real consideration but is NOT the Salesforce mechanism that ensures data protection. Trust Layer is the answer the exam expects
When the question asks which company originally developed the Model Context Protocol...
Anthropic created MCP. Salesforce adopted and implemented it. This is a factual question testing whether candidates know MCP is an open standard, not a Salesforce invention
Salesforce sounds like the correct answer because they prominently use and promote MCP — but they adopted it, they did not create it