Last Updated On : 29-Jun-2026


Salesforce Agentforce Specialist - AI-201 Practice Test

Prepare with our free Salesforce Agentforce Specialist - AI-201 sample questions and pass with confidence. Our Agentforce-Specialist practice test is designed to help you succeed on exam day.

378 Questions
Salesforce 2026

Universal Containers is implementing a Retrieval-Augmented Generation (RAG) solution where the knowledge store contains Spanish articles, but users will query the agent in French and English. The Agentforce Specialist needs to ensure the retriever can accurately find relevant articles despite the language differences. What should the specialist do to meet this requirement?

A. Use the multilingual-e5-large embedding model for French and Spanish language users.

B. Use the multilingual-e5-large embedding model for French and English language users.

C. Use the multilingual-e5-large embedding model to handle all languages.

C.   Use the multilingual-e5-large embedding model to handle all languages.

Explanation:

In a RAG architecture, the retriever relies on embeddings to match user queries with relevant documents in the knowledge store. If the knowledge base contains Spanish articles but queries are in French or English, a multilingual embedding model is required to normalize semantic meaning across languages.

Option A is incorrect because it only mentions French and Spanish, leaving out English queries.

Option B is incorrect because it only covers French and English, leaving out Spanish documents.

Option C is correct because the multilingual-e5-large embedding model supports multiple languages simultaneously, ensuring that queries in French or English can still retrieve Spanish articles accurately. This is the intended solution for multilingual retrieval scenarios.

Reference:
Salesforce Documentation: Agentforce RAG Integration
Hugging Face Model Card: multilingual-e5-large embeddings
Trailhead Module: Agentforce AI Retrieval Basics

Universal Containers is designing an agent to assist with order management and dealer support automation. The agent must verify a dealer’s credentials before granting access to order details. The team has already: Declared a variable is_verified to track verification status. Configured an action that verifies the dealer’s credentials. They plan to restrict access to the order details subagent using a guard condition based on is_verified. What must the team do to ensure the order details subagent becomes available only after a dealer is successfully verified?

A. Add an available when: @variables.is_verified == true condition to the order details subagent.

B. Declare the is_verified variable as immutable so it cannot be modified during the session.

C. Update the is_verified variable to true after the verification action succeeds using @utils.setVariables.

C.   Update the is_verified variable to true after the verification action succeeds using @utils.setVariables.

Explanation:

Why C is correct:
To implement a proper guard condition, the team must complete the full state management lifecycle. They have already completed two steps:

Declaring the variable (is_verified).
Configuring the verification action.

The missing piece is the runtime update of the variable. When the verification action successfully executes (e.g., the dealer's credentials are validated), the team must use @utils.setVariables within the agent's logic (typically in a follow-up action, within the verification action's output, or in the agent's response handling) to set @variables.is_verified = true.

This update ensures that:

The guard condition (available_when: @variables.is_verified == true) on the order details subagent evaluates to true at runtime.
The order details subagent becomes dynamically available to the Atlas Reasoning Engine only after successful verification.
The agent cannot attempt to access order details before verification completes.

Why A is incorrect:
This is only half the solution. Adding the available_when condition is necessary, but if the variable is never updated to true, the condition will never evaluate to true, and the subagent will remain permanently unavailable. The team must also implement the runtime variable update (Option C). Option A alone is insufficient.

Why B is incorrect:
Declaring is_verified as immutable (without the mutable keyword) would actually prevent the variable from being updated at runtime. Since the verification status starts as false and must change to true after verification, the variable must be mutable to support this state change. Making it immutable would break the intended workflow entirely.

References:
Salesforce Official Documentation: "Agent Script Guard Conditions and State Management" – explains that guard conditions evaluate runtime variables, and those variables must be explicitly updated using @utils.setVariables (or actions) to reflect state changes.

Trailhead Module: "Build Agentforce Agents with Agent Builder" > Unit: "Control Access with Guard Conditions" – demonstrates the full pattern: declare a mutable variable → set it via action/utility → evaluate it in an available_when condition.

Agentforce Exam Guide (AI-201): Under "Agent Configuration and Logic" – emphasizes that declaring a variable and adding a guard condition is insufficient without the corresponding runtime update logic to change the variable's value.

A company built a custom Apex action invoked by an Employee Agent to fetch data from an external API. The callout method uses the current user’s Salesforce session ID to authenticate the callout. The external callout works perfectly in the UI, but silently fails when the agent triggers it. What is the architectural best practice to fix this?

A. Explicitly extend the Apex class security to the logged-in user’s profile.

B. Ensure the Employee Agent is assigned the Agentforce Service Agent User permission set group.

C. Replace the session ID retrieval with a Named Credential.

C.   Replace the session ID retrieval with a Named Credential.

Explanation:

When an Apex action is invoked by an Agentforce agent (whether Employee or Service Agent), it typically executes in a context that doesn't carry the same user session as an interactive UI session. Relying on UserInfo.getSessionId() for the callout works fine when a user is actively logged into the UI (since a valid session ID exists), but this pattern is fragile and fails silently in automated/agent-triggered contexts — because agent execution often runs asynchronously or in a context where the session ID is not available, not populated, or not valid for callout authentication.

The architectural best practice is to decouple authentication from the interactive user session entirely by using a Named Credential (ideally with an appropriate authentication protocol like OAuth 2.0, or a dedicated integration user's credentials). Named Credentials:

Provide a stable, reusable authentication mechanism that works regardless of execution context (UI, batch, agent-triggered, API).
Are the Salesforce-recommended pattern for external callouts in general — not just for agent-related contexts.
Eliminate the fragility and security anti-pattern of hardcoding or dynamically fetching session IDs for external authentication.

Why the other options are incorrect:

A: Explicitly extend the Apex class security to the logged-in user's profile: This addresses Apex class access (who can execute the class), not the root cause, which is the authentication mechanism for the external callout itself. Even with correct class access, the session ID approach would still fail in the agent execution context.

B: Ensure the Employee Agent is assigned the Agentforce Service Agent User permission set group: This permission set group relates to the Service Agent context (customer-facing), not the Employee Agent, and even if correctly assigned, permission sets control object/field/feature access — they don't fix the underlying issue of an invalid or unavailable session ID during agent-triggered execution.

Reference:
Salesforce Apex Developer Guide — "Named Credentials as Callout Endpoints"; Agentforce best practices for custom Apex actions (avoid session-ID-based auth for actions invoked outside interactive UI sessions).

Cloud Kicks wants its Agentforce Service Agent to retrieve up-to-date factual data from the internet. Which step must an Agentforce Specialist take to ensure the agent uses the web search capability properly?

A. Enable the Answer Questions with Knowledge standard action specifically on the General FAQ subagent.

B. Map the web search retriever to a custom search index in Data 360 before activating the agent.

C. Remove the default General FAQ subagent and replace its function with a new General Web Search subagent.

C.   Remove the default General FAQ subagent and replace its function with a new General Web Search subagent.

Explanation:

This question tests your understanding of the architectural constraints when enabling web search capabilities via an Agentforce Data Library.

Why C is correct:
Salesforce documentation strictly dictates that only one subagent (topic) per agent can use the standard Answer Questions with Knowledge action at a given time. By default, out-of-the-box Service Agents are provisioned with a General FAQ subagent assigned to this action. To implement a public internet search capability via an Agentforce Data Library with web search, you must remove the default General FAQ subagent entirely and provision a new General Web Search subagent to take over its operational scope using that same standard action.

Why A is incorrect:
You cannot simply layer public web searching onto the standard General FAQ subagent if it is already bound to a standard Knowledge indexing configuration; a dedicated web search subagent architecture must be set up.

Why B is incorrect:
Web search data libraries are handled dynamically as an abstract capability via Einstein Studio/Data Library configurations; they do not require you to manually map or index the entire internet into a custom Data 360 search index.

Reference:
Salesforce Help: Use Web Search with Agentforce. Only one subagent per agent can use the Answer Questions with Knowledge action. You must remove the default General FAQ subagent to use an Agentforce Data Library with web search capabilities.

An Agentforce Specialist is testing an agent with Testing Center. The test results show that an agent correctly identifies the right subagent to handle an utterance, but it fails to select all necessary actions within that subagent. Which evaluation metric specifically identifies this failure?

A. Action Assertion

B. Response Evaluation

C. Subagent Assertion

A.   Action Assertion

Explanation:

Agentforce Testing Center provides multiple evaluation metrics to validate agent behavior:

Subagent Assertion checks whether the agent correctly routes the utterance to the appropriate subagent. In this case, the agent did select the right subagent, so this metric passes.

Response Evaluation measures the quality and appropriateness of the agent’s generated response (e.g., conversational accuracy, tone, or completeness). It does not validate whether required actions were executed.

Action Assertion specifically verifies whether the agent selected and executed the correct set of actions within the chosen subagent. Since the failure here is that the agent did not select all necessary actions, this metric identifies the issue.

Thus, Action Assertion is the correct evaluation metric for diagnosing missing or incorrect action execution inside a subagent.

Reference:
Salesforce Documentation: Agentforce Testing Center Metrics
Trailhead Module: Agentforce Testing Basics
Salesforce Developer Guide: Assertions in Agentforce Testing

Agentforce-Specialist Exam Questions - Home Previous
Page 7 out of 76 Pages