Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.
What should you do?
Your organization is part of a highly regulated industry with a very high turnover. In order to recycle licenses for new employees and comply with data retention regulations, it has been determined that certain Google Workspace data should be stored in a separate backup environment.
How should you store data for this situation?
Your organization is migrating to Google Workspace and wants to improve how newly created files are classified You must find a scalable solution to improve security and transparency on how to handle sensitive files What should you do?
A disgruntled employee has left your company and deleted all their email messages and files in Google Drive. The security team is aware that some intellectual property may have surfaced on a public social media site. What is the first step to start an investigation into this leak?
On which two platforms can you push WiFi connection information with Google Workspace? (Choose two.)
The helpdesk at your organization reports that many users in multiple locations are not able to access Gmail, but can access other Workspace services. You must troubleshoot the issue What should you do first?
Your organization's Sales Department uses a generic user account (sales@company.com) to manage requests. With only one employee responsible for managing the departmental account, you are tasked with providing the department with the most efficient means to allow multiple employees various levels of access and manage requests from a common email address.
What should you do?
An employee has been leaking confidential salary information to an external party. You must use Vault to preserve the messages for an investigation. What should you do?
All Human Resources employees at your company are members of the “HR Department” Team Drive. The HR Director wants to enact a new policy to restrict access to the “Employee Compensation” subfolder stored on that Team Drive to a small subset of the team.
What should you do?
As the Workspace Administrator, you have been asked to configure Google Cloud Directory Sync (GCDS) in order to manage Google Group memberships from an internal LDAP server. However, multiple Google Groups must have their memberships managed manually. When you run the GCDS sync, you notice that these manually managed groups are being deleted. What should you do to prevent these groups from being deleted?
The nature of your organization's business makes your users susceptible to malicious email attachments. How should you implement a scan of all incoming email attachments?
Your admin quarantine is becoming a burden to manage due to a consistently high influx of messages that match the content compliance rule Your security team will not allow you to remove or relax this rule, and as a result, you need assistance processing the messages in the quarantine. What is the first step you should take to enable others to help manage the quarantine, while maintaining security?
Your organization has been using Google Workspace for almost a year, and your annual security and risk assessment initiative is approaching in preparation for the risk assessment you want to quickly review all the security-related settings for Gmail, Drive and Calendar and identify the ones that may be posing risk What should you do?
Your default Vault retention policy for Gmail is set to 365 days Your legal department has just informed you that emails sent and received by the customer support department are sensitive and must be retained for only 30 days You must enforce this new retention policy in the simplest way What should you do?
Your company has an OU that contains your sales team and an OU that contains your market research team. The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties. The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.
What should you do?
The executive team for your company has an extended retention policy of two years in place so that they have access to email for a longer period of time. Your COO has found this useful in the past but when they went to find an email from last year to prove details of a contract in dispute, they were unable to find it. itis no longer in the Trash. They have requested that you recover it.
What should you do?
As a Workspace Administrator you want to keep an inventory of the computers and mobile devices your company owns in order to track details such as device type and who the device is assigned to. How should you add the devices to the company-owned inventory?
HR informs you that a user has been terminated and their account has been suspended. The user is part of a current legal investigation, and HR requires the user's email data to remain on hold. The terminated user's team is actively working on a critical project with files owned by the user. You need to ensure that the terminated user's content is appropriately kept before provisioning their license to a new user.
What two actions should you take? (Choose two.)
In the years prior to your organization moving to Google Workspace, it was relatively common practice for users to create consumer Google accounts with their corporate email address (for example, to monitor Analytics, manage AdSense, and collaborate in Docs with other partners who were on Google Workspace.) You were able to address active employees’ use of consumer accounts during the rollout, and you are now concerned about blocking former employees who could potentially still have access to those services even though they don't have access to their corporate email account.
What should you do?
The company's ten most senior executives are to have their offices outfitted with dedicated, standardized video conference cameras, microphones, and screens. The goal is to reduce the amount of technical support they require due to frequent, habitual switching between various mobile and PC devices throughout their busy days. You must ensure that it is easier for the executives to join Meet video conferences with the dedicated equipment instead of whatever device they happen to have available.
What should you do?
Your organization is on Google Workspace Enterprise and allows for external sharing of Google Drive files to facilitate collaboration with other Google Workspace customers. Recently you have had several incidents of files and folders being broadly shared with external users and groups. Your chief security officer needs data on the scope of external sharing and ongoing alerting so that external access does not have to be disabled.
What two actions should you take to support the chief security officer's request? (Choose two.)
Your company has acquired a new company in Japan and wants to add all employees of the acquisition to your existing Google Workspace domain. The new company will retain its original domain for email addresses and, due to the very sensitive nature of its work, the new employees should not be visible in the global directory. However, they should be visible within each company's separate directory. What should you do to meet these requirements?
Your company is using macOS devices for all employees and has built a process to allow a Google account to be used as credentials (or the device Your company wants to manage newly acquired Windows 10 devices with Google Workspace endpoint management and have employees use their Google Workspace account as login credentials for Windows 10 Which steps should you take to enable this?
Choose 2 answers
Your company is using Google Workspace Enterprise Plus, and the Human Resources (HR) department is asking for access to Work Insights to analyze adoption of Google Workspace for all company employees. You assigned a custom role with the work Insights permission set as “view data for all teams” to the HR group, but it is reporting an error when accessing the application. What should you do?
Your organization is in the process of deploying Google Drive for desktop so that your users can access Drive files directly from their desktops. For security reasons, you want to restrict Drive for desktop to only company-owned devices. What two steps should you take from the admin panel to restrict Drive for desktop to only company-owned devices?
Choose 2 answers
Your organization has just appointed a new CISO. They have signed up to receive admin alerts and just received an alert for a suspicious login attempt. They are trying to determine how frequently suspicious login attempts occur within the organization. The CISO has asked you to provide details for each user account that has had a suspicious login attempt in the past year and the number of times it occurred for each account.
What action should you take to meet these requirements?
Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to prevent users from copying data from work to non-work apps on iOS devices?
The Director of your Finance department has asked to be alerted if two financial auditors share any files outside the domain. You need to set an Admin Alert on Drive Sharing.
What should you do?
The compliance team at your organization is conducting a legal investigation into some concerning sales activities of an employee eight months ago The compliance team contacted you for assistance on the situation You set up the default Google Vault retention rules so all data is retained only for one year You must assist the compliance team with the investigation What should you do1?
Your company is in the process of deploying Google Drive Enterprise for your sales organization. You have discovered that there are many unmanaged accounts across your domain. Your security team wants to manage these accounts moving forward.
What should you do?
Your organization is concerned with the increasing threat of phishing attacks that may impact users.
Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.
What should you do?
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?
Your organization wants more visibility into actions taken by Google staff related to your data for audit and security reasons. They are specifically interested in understanding the actions performed by Google support staff with regard to the support cases you have opened with Google. What should you do to gain more visibility?
Your organization has decided to enforce 2-Step Verification for a subset of users. Some of these users are now locked out of their accounts because they did not set up 2-Step Verification by the enforcement date. What corrective action should you take to allow the users to sign in again?
Your organization does not allow users to share externally. The security team has recently approved an exemption for specific members of the marketing team and sales to share documents with external customers, prospects, and partners. How best would you achieve this?
Your company has decided to change SSO providers. Instead of authenticating into Google Workspace and other cloud services with an external SSO system, you will now be using Google as the Identity Provider (IDP) and SSO provider to your other third-party cloud services.
What two features are essential to reconfigure in Google Workspace? (Choose two.)
Your company’s Google Workspace primary domain is “mycompany.com,” and it has acquired a startup that is using another cloud provider with a domain named “mystartup.com.” You plan to add all employees from the startup to your Google Workspace domain while preserving their current mail addresses. The startup CEO's email address is andrea@mystartup.com, which also matches your company CEO's email address as andrea@mycompany.com, even though they are different people. Each must keep the usage of their email. In addition, your manager asked to have all existing security policies applied for the new employees without any duplication. What should you do to implement the migration?
Your organization recently implemented context-aware access policies for Google Drive to allow users to access Drive only from corporate managed desktops. Unfortunately, some users can still access Drive from non-corporate managed machines. What preliminary checks should you perform to find out why the Context-Aware Access policy is not working as intended? (Choose two.)
The application development team has come to you requesting that a new, internal, domain-owned Google Workspace app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.
What should you do?
In your organization, users have been provisioned with either Google Workspace Enterprise, Google Workspace Business, or no license, depending on their job duties, and the cost of user licenses is paid out of each division's budget. In order to effectively manage the license disposition, team leaders require the ability to look up the type of license that is currently assigned, along with the last logon date, for their direct reports.
You have been tasked with recommending a solution to the Director of IT, and have gathered the following requirements:
What approach should you recommend?
You received this email from the head of marketing:
Hello Workspace Admin:
Next week, a new consultant will be starting on the "massive marketing mailing" project. We want to ensure that they can view contact details of the rest of the marketing team, but they should not have access to view contact details of anyone else here at our company. Is this something that you can help with?
What are two of the steps you need to perform to fulfill this request?
Choose 2 answers
Your company is using Google Workspace Business Standard. The company has five meeting rooms that are all registered as resources in Google Workspace and used on a daily basis by the employees when organizing meetings. The office layout was changed last weekend, and one of the meeting rooms is now a dedicated room for management. The CEO is complaining that anyone can book the room and requested this room to be used only by the management team and their executive assistants (EAs). No one else must be allowed to book it via Google Calendar. What should you do?
Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using Google Workspace.
What should you do?
Your organization has confidential internal content for which only authorized employees are allowed to access Access to this content is managed by using Google Groups Only administrators can create and manage membership You need to provide only the necessary functionality and follow the principle of least privilege What should you do?
Your IT team is being asked to fulfill a query by your organization's legal department that requires an MBOX file that will be shared to a third-party partner for eDiscovery. The query must be run on multiple users. Legal has no admin rights to Google Vault. What should you do to fulfil the request?
You want to create a list of IP addresses that are approved to send email to your domain. To accomplish this, what section of the Google Workspace Admin console should you update?
As a Workspace Administrator, you want to keep an inventory of the computers and mobile devices your company owns in order to track details such as device type and who the device is assigned to. How should you add the devices to the company-owned inventory?
Your organization has hired a recruiting firm that is responsible for reviewing resumes and job descriptions of prospective summer interns. Employees at your organization need to collaborate with the external firm on these documents. You must set permissions and ensure the recruiting firm employees can't remove the files. What should you do?
Your company recently acquired an organization that was not leveraging Google Workspace. Your company is currently using Google Cloud Directory Sync (GCDS) to sync from an LDAP directory into Google Workspace. You want to deploy a second instance of GCDS and apply the same strategy with the newly acquired organization, which also has its users in an LDAP directory. How should you change your GCDS instance to ensure that the setup is successful? (Choose two.)
Your organization uses a third-party product to filter mail before it arrives at your Workspace Domain. How should you configure Gmail to ensure that inbound messages are not seen as a spam attack due to the volume of mail being received from this product?
What steps does an administrator need to take to enforce TLS with a particular domain?
You work for a midsize organization Your compliance and audit learn sees that users are frequently resetting their passwords You must provide accurate information and ensure that the compliance team is informed every time a user changes their password What should you do?
Your-company.com recently started using Google Workspace. The CIO is happy with the deployment, but received notifications that some employees have issues with consumer Google accounts (conflict accounts). You want to put a plan in place to address this concern.
What should you do?
You have configured Secure Transport (TLS) Compliance for all messages coming to and from an external domain. altostrat.com. that your end users communicate with via Gmail. What will your end users experience when messages are delivered to them from altostrat.com without TLS enabled?
Your global marketing team has over 500 employees. They recently started working with Google Analytics and want to move to managed accounts You decide to use Google Cloud Directory Sync (GCDS) to sync users from your current identity provider Your organization currently has no Google Workspace licenses linked to the Admin console You run GCDS for the first lime and receive the following error. "Domain user limit reached " You need to identify and fix the problem What should you do?
You have enabled Automatic Room Replacement for your calendar resources, but it is not working for any instances of a conflict booking. What could be the issue?