Your company uses a whitelisting approach to manage third-party apps and add-ons. The Senior VP of Sales
& Marketing has urgently requested access to a new Marketplace app that has not previously been vetted. The company’s Information Security policy empowers you, as a Google Workspace admin, to grant provisional access immediately if all of the following conditions are met:
Which actions should you take first to ensure that you are compliant with Infosec policy?
As a Workspace Administrator, you want to keep an inventory of the computers and mobile devices your company owns in order to track details such as device type and who the device is assigned to. How should you add the devices to the company-owned inventory?
Your organization has a group of users who interact with sensitive information and their accounts contain valuable files You need to protect these users from targeted online attacks What should you do?
Your organization syncs directory data from Active Directory to Google Workspace via Google Cloud Directory Sync. Users and Groups are updated from Active Directory on an hourly basis. A user's last name and primary email address have to be changed. You need to update the user’s data.
What two actions should you take? (Choose two.)
Your company works regularly with a partner. Your employees regularly send emails to your partner's employees. You want to ensure that the Partner contact information available to your employees will allow them to easily select Partner names and reduce sending errors.
What should you do?
You are in the middle of migrating email from on-premises Microsoft Exchange to Google Workspace. Users that you have already migrated are complaining of messages from internal users going into spam folders. What should you do to ensure that internal messages do not go into Gmail spam while blocking spoofing attempts?
You are a Workspace Administrator with a mix of Business Starter and Standard Licenses for your users. A Business Starter User in your domain mentions that they are running out of Drive Storage Quota. Without deleting data from Drive, what two actions can you take to alleviate the quota concerns for this user? (Choose two.)
An employee at your organization is experiencing video call issues in Google Meet and they were unable to resolve the issues by themselves You need to troubleshoot the issue What should you do first?
What action should be taken to configure alerting related to phishing attacks?
Your organization has users in the United States and Europe For compliance reasons you want to ensure that user data is always stored in the region where the user is located What should you do?
As a Google Workspace administrator for your organization, you are tasked with controlling which third-party apps can access Google Workspace data. Before implementing controls, as a first step in this process, you want to review all the third-party apps that have been authorized to access Workspace data. What should you do?
Your company has numerous locations throughout the world. Each of these locations has multiple office managers that field questions from employees through an email alias. Some questions have not been answered by an office manager How can you create a system to assign conversations to different receptionists using Workspace?
Your organization recently deployed Google Workspace. Your admin team has been very focused on configuring the core services for your environment, which has left you little time to pay attention to other areas. Your security team has just informed you that many users are leveraging unauthorized add-ons, and they are concerned about data exfiltration. The admin team wants you to cut off all add-ons access to Workspace data immediately and block all future add-ons until further notice. However, they approve of users leveraging their Workspace accounts to sign into third-party sites. What should you do?
A user named Alice is leaving your organization You need to transfer all of Alice's data from her Drive to Bob's Drive in the most simple and efficient manner possible What should you do?
Your company has acquired a new company in Japan and wants to add all employees of the acquisition to your existing Google Workspace domain. The new company will retain its original domain for email addresses and, due to the very sensitive nature of its work, the new employees should not be visible in the global directory. However, they should be visible within each company's separate directory. What should you do to meet these requirements?
Your company (your-company.com) just acquired a new business (new-company.com) that is running their email on-premises. It is close to their peak season, so any major changes need to be postponed. However, you need to ensure that the users at the new business can receive email addressed to them using your- company.com into their on-premises email server. You need to set up an email routing policy to accomplish this.
What steps should you take?
Your Security Officer ran the Security Health Check and found the alert that “Installation of mobile applications from unknown sources” was occurring. They have asked you to find a way to prevent that from happening.
Using Mobile Device Management (MDM), you need to configure a policy that will not allow mobile applications to be installed from unknown sources.
What MDM configuration is needed to meet this requirement?
When reloading Gmail in Chrome, the web browser returns a 500 Error. As part of the troubleshooting process, Google support asks you to gather logs. How can this be accomplished?
Your organization has a strict requirement that your temporary employees can only send emails to and receive emails from specific external domains You must define a policy in Google Workspace that meets this requirement for users in the temporary employee organizational unit (OU) What should you do?
Your sales team, which is organized as its own organizational unit, is prone to receiving malicious attachments. What action should you take, as an administrator, to apply an additional layer of protection in the admin console for your sales team without disrupting business operation?
Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?
A user does not follow their sign-in pattern and signs In from an unusual location As an admin, what should you do in response to this alert for this user during this investigation?
Your organization is using Password Sync to sync passwords from Active Directory to Google Workspace. A user changed their network password and cannot log in to Google Workspace with the new password. What steps should you take to troubleshoot this issue?
You need to protect your users from untrusted senders sending encrypted attachments via email. You must ensure that these messages are not delivered to users' mailboxes. What step should be taken?
You have implemented a data loss prevention (DLP) policy for a specific finance organizational unit. You want to apply the same security policy to a shared drive owned by the finance department in the most efficient manner. What should you do?
Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to preventusers from copying data from work to personal apps on iOS devices? (Choose Two)
The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified
as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.
What two actions should you take? (Choose two.)
A user is reporting that external, inbound messages from known senders are repeatedly being incorrectly classified as spam. What steps should the admin take to prevent this behavior in the future?
After a recent transition to Google Workspace, helpdesk has received a high volume of password reset requests and cannot respond in a timely manner. Your manager has asked you to determine how to resolve these requests without relying on additional staff.
What should you do?
Your Finance team has to share quarterly financial reports in Sheets with an external auditor. The external company is not a Workspace customer and allows employees to access public sites such as Gmail and Facebook. How can you provide the ability to securely share content to collaborators that do not have a Google Workspace or consumer (Gmail) account?
The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.
What two actions should you take? (Choose two.)
What steps does an administrator need to take to enforce TLS with a particular domain?
How can you monitor increases in user reported Spam as identified by Google?
An employee has been leaking confidential salary information to an external party. You must use Vault to preserve the messages for an investigation. What should you do?
HR informs you that a user has been terminated and their account has been suspended. The user is part of a current legal investigation, and HR requires the user's email data to remain on hold. The terminated user's team is actively working on a critical project with files owned by the user. You need to ensure that the terminated user's content is appropriately kept before provisioning their license to a new user.
What two actions should you take? (Choose two.)
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?
Multiple users across the organization are experiencing video degradation in Meet video calls. As an administrator, what steps should you take to start troubleshooting?
After migrating to Google Workspace, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request.
What should you do?
Four weeks ago. you exported data from Google Vault and emailed the PST export file to your legal admin. They accidentally deleted the PST file and need it sent again. What steps should you take to re-send the PST file to the legal admin?
Your organization has offices in Canada Italy and the United States You want to ensure that employees can access corporate Gmail and Drive from these three geographic locations only What should you do?
Your company recently acquired an organization that was not leveraging Google Workspace. Your company is currently using Google Cloud Directory Sync (GCDS) to sync from an LDAP directory into Google Workspace. You want to deploy a second instance of GCDS and apply the same strategy with the newly acquired organization, which also has its users in an LDAP directory. How should you change your GCDS instance to ensure that the setup is successful? (Choose two.)
Your-company.com recently started using Google Workspace. The CIO is happy with the deployment, but received notifications that some employees have issues with consumer Google accounts (conflict accounts). You want to put a plan in place to address this concern.
What should you do?
Your company policy requires that managers be provided access to Drive data once an employee leaves the company.
How should you grant this access?
Your company has just received a shipment of ten Chromebooks to be deployed across the company, four of which will be used by remote employees. In order to prepare them for use, you need to register them in Google Workspace.
What should you do?
An employee at your organization is resigning They are in charge of organizing and maintaining recurring team events You want to preserve the existing meetings and transfer ownership to the resigning employee's manager What should you do?
Your organization has recently gone Google, but you are not syncing Groups yet. You plan to sync all of your Active Directory group objects to Google Groups with a single GCDS configuration.
Which scenario could require an alternative deployment strategy?
Your global marketing team has over 500 employees. They recently started working with Google Analytics and want to move to managed accounts You decide to use Google Cloud Directory Sync (GCDS) to sync users from your current identity provider Your organization currently has no Google Workspace licenses linked to the Admin console You run GCDS for the first lime and receive the following error. "Domain user limit reached " You need to identify and fix the problem What should you do?
Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.
What should you do?
The application development team has come to you requesting that a new, internal, domain-owned Google Workspace app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.
What should you do?
You have configured SSO using a third-party IDP with your Google Workspace domain. An end user has reported that they cannot sign in to Google Workspace after their username was changed in the third-party SSO product. They can sign in to their other internal applications that use SSO. and no other users are experiencing issues signing in. What could be causing the sign-in issue?
You recently started an engagement with an organization that is also using Google Workspace. The engagement will involve highly sensitive data, and the data needs to be protected from being shared with unauthorized parties both internally and externally. You need to ensure that this data is properly secured.
Which configuration should you implement?
The company's ten most senior executives are to have their offices outfitted with dedicated, standardized video conference cameras, microphones, and screens. The goal is to reduce the amount of technical support they require due to frequent, habitual switching between various mobile and PC devices throughout their busy days. You must ensure that it is easier for the executives to join Meet video conferences with the dedicated equipment instead of whatever device they happen to have available.
What should you do?
Your default Vault retention policy for Gmail is set to 365 days Your legal department has just informed you that emails sent and received by the customer support department are sensitive and must be retained for only 30 days You must enforce this new retention policy in the simplest way What should you do?
Several users in your organization reported an issue with receiving emails from one particular external sender You want to troubleshoot the issue and determine whether Google received these emails What should you do?
Your company has a broad, granular IT administration team, and you are in charge of ensuring proper administrative control. One of those teams, the security team, requires access to the Security Investigation Tool. What should you do?
Your company is using Google Workspace Business Plus edition, and the security team has reported several unsuccessful attempts to sign in to your Google Workspace domain from countries where you have no local employees. The affected accounts are from several executives in the main office.
You are asked to take measures to mitigate this security risk. Although budget is not a concern, your company prefers a minimal financial outlay to fix the issue, which you are tasked with managing. Which two solutions would help you mitigate the risk at minimal cost?
Choose 2 answers
You work for an international organization and your CEO frequently travels to other countries You need to enable email access and configure the account for multiple administrative assistants What should you do?
Your CISO is concerned about third party applications becoming compromised and exposing Google Workspace data you have made available to them. How could you provide granular insight into what data third party applications are accessing?
What should you do?
Your organization is migrating to Google Workspace and wants to improve how newly created files are classified You must find a scalable solution to improve security and transparency on how to handle sensitive files What should you do?