Hi,
I'am working on Trailhead,
Can any one suggest me where exactly i have give permissions for these requirements?
Data Retention—Data must be retained for a period of 180 days, and be reported on after the 180 days has passed. This can happen in a system outside of Salesforce.
Security for Remote/Mobile Users—Remote workers must use VPN to access Salesforce. All mobile users must use two-factor authentication (2FA). All mobile users must be individually approved by the admin. NOTE: For ease of use, you’ve decided to manage 2FA from a single permission.
Field-Level Security—Customer SSN and Bank Account fields on contact records must be encrypted. Any change in the Amount field on opportunity records must be recorded.
Password Policy—Passwords must be reset every 90 days, and must have a minimum of 8 characters and include both alpha and numeric characters.

Thanks advance...