Your organization has confidential internal content for which only authorized employees are allowed to access Access to this content is managed by using Google Groups Only administrators can create and manage membership You need to provide only the necessary functionality and follow the principle of least privilege What should you do?
Your organization has been on Google Workspace Enterprise for one year. Recently, an admin turned on public link sharing for Drive files without permission from security. Your CTO wants to get better insight into changes that are made to the Google Workspace environment. The chief security officer wants that data brought into your existing SIEM system.
What are two ways you should accomplish this? (Choose two.)
Your company is using Google Workspace Enterprise Standard. They have 200 meeting rooms defined for the main building and used daily by the 12,000 employees. Users are complaining they have difficulties finding a room available when searching within Google Calendar, even if several rooms are available (no one attending meetings in these rooms at that time). You have been asked to find a solution while minimizing the operational effort and avoiding any new expenses due to budget constraints. What should you do?
Recently your organization has had an increase in messages marked as spam You need to quickly and efficiently obtain detailed information regarding each message What should you do?
The compliance team at your organization is conducting a legal investigation into some concerning sales activities of an employee eight months ago The compliance team contacted you for assistance on the situation You set up the default Google Vault retention rules so all data is retained only for one year You must assist the compliance team with the investigation What should you do1?
You are the administrator of a domain that requires iOS mobile device management. What initial steps should be taken to ensure that you can properly manage end-user iOS devices?
The security team for your organization is concerned about phishlng attacks against your end user base. What two actions should you take to configure the strongest possible preventative measure against phishing attacks?
Choose 2 answers
Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.
What should you do?
You have configured SSO using a third-party IDP with your Google Workspace domain. An end user has reported that they cannot sign in to Google Workspace after their username was changed in the third-party SSO product. They can sign in to their other internal applications that use SSO. and no other users are experiencing issues signing in. What could be causing the sign-in issue?
Your company has just acquired a new group of users. They have been provisioned into the Google Workspace environment with your primary domain as their primary email address. These new users still need to receive emails from their previous domain. What is the best way to achieve this for these new users, without updating the information of preexisting users?
Your company is in the process of deploying Google Drive Enterprise for your sales organization. You have discovered that there are many unmanaged accounts across your domain. Your security team wants to manage these accounts moving forward.
What should you do?
A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.
You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user's busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.
What two actions should be taken on this call with the user? (Choose two.)
Your organization recently bought 1.000 licenses for Cloud Identity Premium. The company's development team created an application in the enterprise service bus (ESB) that will read user data in the human resources information system (HRIS) and create accounts via the Google Directory REST API.
While doing the original test before production use, the team observes a 503 error coming from Google API response after a few users are created The team believes the ESB is not the cause, because it can perform 100 requests per second without any problems. What advice would you give the development team in order to avoid the issue?
You work for a midsize organization Your compliance and audit learn sees that users are frequently resetting their passwords You must provide accurate information and ensure that the compliance team is informed every time a user changes their password What should you do?
Your organization has recently gone Google, but you are not syncing Groups yet. You plan to sync all of your Active Directory group objects to Google Groups with a single GCDS configuration.
Which scenario could require an alternative deployment strategy?
A user joined your organization and is reporting that every time they start their computer they are asked to sign in. This behavior differs from what other users within the organization experience. Others are prompted to sign in biweekly. What is the first step you should take to troubleshoot this issue for the individual user?
Several users in your organization reported an issue with receiving emails from one particular external sender You want to troubleshoot the issue and determine whether Google received these emails What should you do?
You are the administrator for a 30.000-user organization. You have multiple Workspace licensing options available to end users in your domain, according to their work responsibilities. A user may be transitioned to a different license type multiple times in a given year. Your organization has a high turnover rate for employees. What is the most efficient way to manage your organization's licensing?
Your company has an OU that contains your sales team and an OU that contains your market research team. The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties. The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.
What should you do?
An administrator accidentally deleted several Workspace user accounts from the Google Admin Console two weeks ago. How can you recover the deleted user accounts?
Your organization is planning to remove any dependencies on Active Directory (AD) from all Cloud applications they are using You are currently using Google Cloud Directory Sync (GCDS) with on-premises AD as a source to provision user accounts in Google Workspace. Your organization is also using a software-as-a-service (SaaS) human resources information system (HRIS) that offers integration via CSV export and Open API standard.
Additional requirements for the solution include:
• It should not require a subscription to any additional third-party service.
• The process must be automated from beginning to end.
You are tasked with the design and implementation of a solution to address user provisioning with these requirements.
What solution should you implement?
Your company has been engaged in a lawsuit, and the legal department has been asked to discover and hold all email for two specific users. Additionally, they have been asked to discover and hold any email referencing “Secret Project 123.”
What steps should you take to satisfy this request?
Your Accounts Payable department is auditing software license contracts companywide and has asked you to provide a report that shows the number of active and suspended users by organization unit, which has been set up to match the Regions and Departments within your company. You need to produce a Google Sheet that shows a count of all active user accounts and suspended user accounts by Org unit.
What should you do?
You are the Workspace administrator for an international organization with Enterprise Plus Workspace licensing. A third of your employees are located in the United States, another third in Europe, and the other third geographically dispersed around the world. European employees are required to have their data stored in Europe. The current OU structure for your organization is organized by business unit, with no attention to user location. How do you configure Workspace for the fastest end user experience while also ensuring that European user data is contained in Europe?
You have implemented a data loss prevention (DLP) policy for a specific finance organizational unit. You want to apply the same security policy to a shared drive owned by the finance department in the most efficient manner. What should you do?
Samantha, an employee from your engineering department, has submitted a help desk ticket. She is unable to share a Google Doc file with Jason, her coworker in the marketing department. However, Samantha is able to share the same file with her colleagues in the engineering department. You must troubleshoot the issue. What should you do?
Employees at your organization frequently and mistakenly delete important emails that they receive from your payroll department The employees have to file support tickets for the IT team to find and restore these emails You must provide an automated solution that minimizes IT overhead and prevents these emails from being permanently deleted from their inboxes What should you do?
The nature of your organization's business makes your users susceptible to malicious email attachments. How should you implement a scan of all incoming email attachments?
Your organization has a strict requirement that your temporary employees can only send emails to and receive emails from specific external domains You must define a policy in Google Workspace that meets this requirement for users in the temporary employee organizational unit (OU) What should you do?
You have configured your Google Workspace account on the scheduled release track to provide additional time to prepare for new product releases and determine how they will impact your users. There are some new
features on the latest roadmap that your director needs you to test as soon as they become generally available without changing the release track for the entire organization.
What should you do?
Your organization is about to expand by acquiring two companies, both of which are using Google Workspace. The CISO has mandated that strict ‘No external content sharing’ policies must be in place and followed. How should you securely configure sharing policies to satisfy both the CISO’s mandate while allowing external sharing with the newly acquired companies?
Your organization has offices in Canada Italy and the United States You want to ensure that employees can access corporate Gmail and Drive from these three geographic locations only What should you do?
A recent legal investigation requires all emails and Google Drive documents from a specific user to be retrieved. As the administrator, how can you fulfill the legal team's request?
Your organization was recently targeted by a phishing attempt that affected several users You must efficiently determine the full extent of the phishing attempt and prevent further issues from occurring What should you do?
Your organization is migrating to Google Workspace and wants to improve how newly created files are classified You must find a scalable solution to improve security and transparency on how to handle sensitive files What should you do?
User A is a Basic License holder. User B is a Business License holder. These two users, along with many additional users, are in the same organizational unit at the same company. When User A attempts to access Drive, they receive the following error: “We are sorry, but you do not have access to Google Docs Editors. Please contact your Organization Administrator for access.” User B is not presented with the same error and accesses the service without issues.
How do you provide access to Drive for User A?
Your company is deploying Chrome devices. You want to make sure the machine assigned to the employee can only be signed in to by that employee and no one else.
What two things should you do? (Choose two.)
Your organization syncs directory data from Active Directory to Google Workspace via Google Cloud Directory Sync. Users and Groups are updated from Active Directory on an hourly basis. A user's last name and primary email address have to be changed. You need to update the user’s data.
What two actions should you take? (Choose two.)
The CEO of your company heard about new security and collaboration features and wants to know how to stay up to date. You are responsible for testing and staying up to date with new features, and have been asked to prepare a presentation for management.
What should you do?
Your organization is expected to start using Google Workspace Enterprise Standard in several countries. During the planning phase, the change management leadership team mandates that meeting rooms near each participant’s office location should be suggested when someone creates a Google Calendar event, to simplify the user experience and avoid booking rooms when people would not be able to move easily. What should you do?
Your organization recently implemented context-aware access policies for Google Drive to allow users to access Drive only from corporate managed desktops. Unfortunately, some users can still access Drive from non-corporate managed machines. What preliminary checks should you perform to find out why the Context-Aware Access policy is not working as intended? (Choose two.)
You need to protect your users from untrusted senders sending encrypted attachments via email. You must ensure that these messages are not delivered to users' mailboxes. What step should be taken?
Your company is using Google Workspace Business Plus edition, and the security team has reported several unsuccessful attempts to sign in to your Google Workspace domain from countries where you have no local employees. The affected accounts are from several executives in the main office.
You are asked to take measures to mitigate this security risk. Although budget is not a concern, your company prefers a minimal financial outlay to fix the issue, which you are tasked with managing. Which two solutions would help you mitigate the risk at minimal cost?
Choose 2 answers
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?
Users at your organization are reporting issues with Google Voice including disconnected calls and overall connection issues. You want to identify whether these issues affect just your organization or whether it's a global Google issue What should you do?
Your company recently migrated to Google Workspace and wants to deploy a commonly used third-party app to all of finance. Your OU structure in Google Workspace is broken down by department. You need to ensure that the correct users get this app.
What should you do?
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials.
What is your business partner required to provide in order to proceed?
When reloading Gmail in Chrome, the web browser returns a 500 Error. As part of the troubleshooting process, Google support asks you to gather logs. How can this be accomplished?
Your default Vault retention policy for Gmail is set to 365 days Your legal department has just informed you that emails sent and received by the customer support department are sensitive and must be retained for only 30 days You must enforce this new retention policy in the simplest way What should you do?
Your company has received help desk calls from users about a new interface in Gmail that they had not seen before. They determined that it was a new feature that Google released recently. In the future, you'll need time to review the new features so you can properly train employees before they see changes.
What action should you take?
Your company’s compliance officer has requested that you apply a content compliance rule that will reject all external outbound email that has any occurrence of credit card numbers and your company’s account number syntax, which is AccNo. You need to configure a content compliance rule to scan email to meet these requirements.
Which combination of attributes will meet this objective?
Your organization wants to grant Google Vault access to an external regulatory authority. In an effort to comply with an investigation, the external group needs the ability to view reports in Google Vault. What should you do?
Your organization has enabled spoofing protection against unauthenticated domains. You are receiving complaints that email from multiple partners is not being received. While investigating this issue, you find that emails are all being sent to quarantine due to the configured safety setting. What should be the next step to allow uses to review these emails and reduce the internal complaints while keeping your environment secure?
The executive team for your company has an extended retention policy of two years in place so that they have access to email for a longer period of time. Your COO has found this useful in the past but when they went to find an email from last year to prove details of a contract in dispute, they were unable to find it. itis no longer in the Trash. They have requested that you recover it.
What should you do?
Your CISO is concerned about third party applications becoming compromised and exposing Google Workspace data you have made available to them. How could you provide granular insight into what data third party applications are accessing?
What should you do?
You are configuring a shared drive for the financial department of your organization. The financial team wants to allow members of the shared drive to add. edit, and move documents into the shared drive. It's important that the same users cannot remove or delete files. How can you configure access for these users to match the team's request?
A user reached out to the IT department about a Google Group that they own: info@company.com. The group is receiving mail, and each message is also delivered directly to the user's Gmail inbox. The user wants to be able to reply to messages directly from Gmail and have them sent on behalf of the group, not their individual account. Currently, their replies come from their individual account. What would you instruct the user to do?
The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.
What two actions should you take? (Choose two.)
Your company is using macOS devices for all employees and has built a process to allow a Google account to be used as credentials (or the device Your company wants to manage newly acquired Windows 10 devices with Google Workspace endpoint management and have employees use their Google Workspace account as login credentials for Windows 10 Which steps should you take to enable this?
Choose 2 answers