Updated for Winter '26
Salesforce Advanced Administrator Study Guide (Winter '26): Complete Exam Prep
The Salesforce Advanced Administrator certification validates deep platform expertise — complex security models, advanced automation, auditing, Territory Management, and data governance. It is the natural next certification after ADM-201 for experienced administrators seeking to demonstrate platform mastery. This guide covers every exam section at the depth needed to pass.
Written and reviewed by Krishna Mohan — ADM-201, PD1, PD2, App Builder & Consultant certified. Updated for Winter '26. Methodology · Contact
Advanced Administrator Exam at a Glance
60
Questions
105 min
Time Limit
65%
Passing Score
$200
Exam Fee
ADM-201 certification required. Retake fee: $100. 2+ years of hands-on Salesforce administration experience strongly recommended.
Advanced Administrator Exam Sections and Weightage
Security (20%) + Extending Objects (15%) + Auditing (15%) = 50% of the exam. Advanced security and governance topics are the core differentiator from ADM-201.
Permission sets, permission set groups, session-based permissions, Salesforce Shield, field audit trail, platform encryption
Advanced object relationships, external objects, big objects, custom metadata types, platform events
Field history tracking, setup audit trail, event monitoring, login history, debug logs, Health Check
Enterprise Territory Management, Collaborative Forecasting, opportunity splits, advanced lead and account management
Advanced case management, Omni-Channel, entitlement management, escalation rules, Salesforce Knowledge lifecycle
Mass transfer, data governance, deduplication rules, Data Loader scheduling, import error management, archiving strategies
Joined reports, bucket fields, cross-filters, historical trending reports, dynamic dashboards, report subscriptions
What Each Section Actually Tests
Security and Access (20%)
Goes well beyond ADM-201 security fundamentals. Session-based Permission Sets: permission sets that only activate during a specific authenticated session (e.g., step-up authentication for sensitive operations). Permission Set Groups: combine multiple permission sets into a single assignable group. Salesforce Shield: a suite of compliance and security tools — Field Audit Trail (retain field history for up to 10 years vs standard 18 months), Event Monitoring (track user activity at the API level — what fields were accessed, what data was exported), Platform Encryption (encrypt fields at rest using tenant secrets). Know when each Shield product applies — regulated industries (HIPAA, FINRA) with strict data retention requirements are the typical scenarios.
Extending Custom Objects and Applications (15%)
External Objects: represent data stored outside Salesforce (in an external system) but accessible in the org via Salesforce Connect and OData 2.0 adapters. External objects support lookups and relationships but not all Salesforce features (no triggers, limited SOQL). Big Objects: store massive volumes of historical data within Salesforce (billions of records) — used for compliance data archiving. Only support SOQL queries with specific index fields. Custom Metadata Types: configuration records that are deployable via changesets and metadata API (unlike Custom Settings which are data). Ideal for environment-specific configuration values. Platform Events: an event-driven messaging system — publish and subscribe to real-time events using flows, Apex, or external systems via CometD.
Auditing and Monitoring (15%)
Setup Audit Trail: tracks the last 180 days of setup changes — who changed what, when. Essential for compliance and troubleshooting. Field History Tracking: tracks changes to up to 20 fields per object, retained for 18 months (Field Audit Trail extends this). Event Monitoring (Shield): detailed logs of user activity — API calls, login events, report exports, field access. Know the difference between Setup Audit Trail (setup changes) and Event Monitoring (user activity). Health Check: Salesforce's built-in security review tool — scores your org against security best practices. Know what makes a high vs low Health Check score.
Sales Cloud (14%) and Service Cloud (14%)
Sales Cloud: Enterprise Territory Management (ETM) is the key topic — territory models, territory types, assignment rules, and how opportunities are associated to territories. Opportunity Splits: divide credit for an opportunity between multiple sales reps (different split percentages per rep). Collaborative Forecasting with multiple forecast types. Service Cloud: Omni-Channel routing (queue-based, skills-based, external routing) — routing incoming work items to agents based on capacity and skills. Entitlement Management: service contracts, entitlement processes, and milestones (SLA milestones that fire escalation actions when breached). Advanced Knowledge lifecycle: article review cycles, translation, archiving.
Analytics, Reports and Dashboards (10%)
Joined Reports: combine data from up to 5 report types in a single report — each block has its own filters and groupings. Useful for comparing data from different objects side by side. Cross-filters: filter a report to show records with or without related records (e.g., accounts with no open opportunities). Bucket fields: group report values into named categories without creating formula fields. Historical Trending: track record changes over time (up to 3 months) — useful for pipeline movement analysis. Dynamic Dashboards: display data based on the logged-in viewer's context (each user sees their own data) vs a fixed running user.
6-Week Advanced Administrator Study Plan
Week 1 — Advanced Security (20%): Study session-based permission sets, permission set groups, and Salesforce Shield (Field Audit Trail, Event Monitoring, Platform Encryption). Enable Health Check in a Developer Edition org and review your score. Understand each Shield product's use case and regulatory context.
Week 2 — Advanced Objects & Platform Features (15%): Study External Objects (Salesforce Connect, OData), Big Objects (use cases, query limitations), Custom Metadata Types vs Custom Settings (what makes CMT deployable), and Platform Events (publish/subscribe event model). Practice: create a Custom Metadata Type and deploy it via changeset.
Week 3 — Auditing & Monitoring (15%): Learn Setup Audit Trail, Field History Tracking limits, and Event Monitoring. Complete Trailhead's “Audit Trail, Login History, and Setup” module. Understand what each monitoring tool captures and for how long.
Week 4 — Sales Cloud (14%): Deep dive into ETM — create a territory model, configure assignment rules, and associate opportunities. Study Opportunity Splits and Collaborative Forecasting with overrides. Practice: set up ETM from scratch in a Developer Edition org with Agentforce and Sales Cloud enabled.
Week 5 — Service Cloud & Data Management (14% + 12%): Study Omni-Channel routing configurations (queue-based vs skills-based), entitlement processes and milestone actions. Review advanced data management: deduplication rules for large orgs, mass transfer scenarios, Data Loader scheduling.
Week 6: Advanced analytics practice (joined reports, cross-filters, historical trending) + full timed mock exams. Score 75%+ consistently before booking.
How to Approach Advanced Administrator Scenario Questions
- Salesforce Shield questions: If the scenario involves a regulated industry needing to retain field change history beyond 18 months, the answer is Field Audit Trail. If it involves tracking what data users accessed or exported (compliance/data exfiltration concern), the answer is Event Monitoring. If it involves encrypting sensitive data at rest (HIPAA, GDPR), the answer is Platform Encryption. Match the Shield product to the compliance requirement — not the other way around.
- Custom Metadata vs Custom Settings: If the scenario requires configuration values to be deployed to production via changeset (not manually re-entered), the answer is Custom Metadata Types. If the configuration just needs to be stored and retrieved at runtime but does not need to be deployed (or values differ per environment), Custom Settings may be acceptable. The exam strongly favours Custom Metadata Types for configuration that needs to move between environments.
- Report type questions: Need to show records from one object alongside related (or absence of related) records from another object? Use a cross-filter. Need to compare data from multiple report types side-by-side in one view? Use a joined report. Need to show how pipeline amounts changed week-over-week? Use Historical Trending. Each report feature has a specific use case — match it to the scenario requirement.
Mock-Test Benchmark Before Booking
75%+ on 3 timed full mocks (60 Q / 105 min) before booking
The most common failure mode is over-reliance on ADM-201 knowledge. Advanced Administrator tests topics that are genuinely not covered in ADM-201 — candidates who refresh their ADM-201 content instead of studying the Advanced Admin-specific topics (Shield, ETM, External Objects, Opportunity Splits, Omni-Channel) consistently fall short. Focus your preparation on what is new and different from the base Administrator exam.
Top 10 Topics to Review the Day Before
- Salesforce Shield: Field Audit Trail (18 months → 10 years), Event Monitoring, Platform Encryption
- Session-based Permission Sets: activate only during specific authenticated sessions
- Custom Metadata Types vs Custom Settings: CMT is deployable; Settings are data
- External Objects vs Big Objects: External (outside Salesforce, read-only); Big (inside, massive volume)
- Platform Events: publish/subscribe event-driven messaging within and across systems
- ETM object model: Territory Model → Territory Type → Territory → Assignment Rules
- Opportunity Splits: divide opportunity credit between multiple reps (different types: Revenue, Overlay)
- Omni-Channel routing: queue-based (first-come-first-served) vs skills-based (match skills to work)
- Entitlement milestones: SLA checkpoints that fire escalation actions when breached
- Joined reports vs cross-filters: joined (multiple report blocks); cross-filter (with/without related records)
Practice With Real Exam-Style Questions
Apply this study guide with free Advanced Administrator practice questions:
What Comes After This Certification?
After this certification, consider: Advanced Administrator, Platform App Builder, or Sales Cloud Consultant.
Exam Section Difficulty Heatmap
Which sections are a gimme vs which ones trap confident candidates. Use this to prioritise your final-week revision.
| Exam Section | Difficulty | Study Tip |
|---|---|---|
| Organization Setup | Moderate | Multi-currency, locale, and fiscal year settings are often overlooked in study guides. |
| User Setup | Easy | Delegated Administration and Login IP ranges are common scenario topics — know them precisely. |
| Security and Access | Hard | Territory Management 2.0 is the highest-difficulty topic — assignment rules, model states, and sharing interaction. |
| Standard and Custom Objects | Moderate | Schema Builder relationships and when to use junction objects vs hierarchical relationships. |
| Sales and Marketing Applications | Easy | Advanced forecasting and collaborative forecasting hierarchy questions appear regularly. |
| Service and Support Applications | Moderate | Advanced Case Management — branching Entitlement Processes and Omni-Channel skills-based routing. |
| Automation | Trap ⚠ | Before-Save vs After-Save vs Scheduled Paths in Record-Triggered Flows — a very common wrong answer area. |
Difficulty based on analysis of common candidate errors across each exam section.
Ready to Test Your Knowledge?
Try the Advanced Administrator free practice exam — scored with full explanations.
Advanced Administrator Free Practice Exam →