Your company has received help desk calls from users about a new interface in Gmail that they had not seen before. They determined that it was a new feature that Google released recently. In the future, you'll need time to review the new features so you can properly train employees before they see changes.What action should you take?

Company Profile > Profile > New User Features > Enable ''Scheduled Release''

Apps > Google Workspace > Gmail > Uncheck ''Enable Gmail Labs for my users''

Company Profile > Profile > New User Features > Enable ''Rapid Release''

Device Management > Chrome > Device Settings > Stop auto-updates

Your company frequently hires from five to ten interns for short contract engagements and makes use of the same generically named Google Workspace accounts (e.g., user1@your-company.com, user2@your-company.com, user3@your-company.com). The manager of this program wants all email to these accounts routed to the manager's mailbox account also.What should you do?

Set up recipient address mapping in GMail Advanced Settings.

Setup address forwarding in each account's GMail setting menu.

Set up recipient address mapping in GMail Advanced Settings.

Configure an Inbound Gateway route.

Give the manager delegated access to the mailboxes.

Your company has sales offices in Madrid, Tokyo, London, and New York. The outbound email for those offices needs to include the sales person's signature and a compliance footer. The compliance footer needs to say ''Should you no longer wish to receive emails about this offer, please reply with UNSUBSCRIBE.'' You are responsible for making sure that users cannot remove the footer.What should you do?

Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.

Send an email to each sales person with the instructions on how to add the footer to their Signature.

Ensure that each sales team is in their own OU, and configure the Append Footer with the signature and footer content translated for each locale.

Ensure that each sales team is in their own OU, and configure the Append Footer with footer content.

Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.

What action should be taken to configure alerting related to phishing attacks?

Set up a suspicious login event alert.

Set up a Token audit log event alert.

Set up an Admin audit log event alert.

Set up an email settings changed alert.

Set up a suspicious login event alert.

A company using Google Workspace has reports of cyber criminals trying to steal usernames and passwords to access critical business data. You need to protect the highly sensitive user accounts from unauthorized access.What should you do?

Enforce 2FA with a physical security key.

Use a third-party identity provider.

Enforce 2FA with Google Authenticator app.

After migrating to Google Workspace, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request.What should you do?

Create a custom role with Google Vault access, and add the legal team.

Add the legal team to the User Management Admin system role.

Add the legal team to the Google Vault Google Group.

Create a custom role with Google Vault access, and add the legal team.

Create a matter in Google Vault, and share with the legal team.

Your company's compliance officer has requested that you apply a content compliance rule that will reject all external outbound email that has any occurrence of credit card numbers and your company's account number syntax, which is AccNo. You need to configure a content compliance rule to scan email to meet these requirements.Which combination of attributes will meet this objective?

Name the rule > select Outbound and Internal Sending > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject.

Name the rule > select Outbound > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject

Name the rule > select Outbound and Internal Sending > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.

Name the rule > select Outbound > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.

Your company has decided to change SSO providers. Instead of authenticating into Google Workspace and other cloud services with an external SSO system, you will now be using Google as the Identity Provider (IDP) and SSO provider to your other third-party cloud services.What two features are essential to reconfigure in Google Workspace? (Choose two.)

Apps > add SAML apps to your domain.

Disable SSO with third party IDP.

Apps > add SAML apps to your domain.

Reconfigure user provisioning via Google Cloud Directory Sync.

Replace the third-party IDP verification certificate.

Disable SSO with third party IDP.

Enable API Permissions for Google Cloud Platform.

Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.What should you do?

Change Enrollment Controls to Place Chrome device in user organization.

Change Enrollment Permissions to only allow users in this organization to re-enroll existing devices.

Change Enrollment Controls to Place Chrome device in user organization.

Change Enrollment Controls to Keep Chrome device in current location.

Change Enrolment Permissions to not allow users in this organization to enroll new devices.

A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user's busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.What two actions should be taken on this call with the user? (Choose two.)

Record a HAR file of the user composing a new email.

Take screenshots of the user's screen when composing an email.

Ask the user to send an email to you so you can check the headers.

Record a HAR file of the user composing a new email.

Take screenshots of the user's screen when composing an email.

Use the Email log search in the Admin panel.

Check the Users > App Users Activity report.

A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user's busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.What two actions should be taken on this call with the user? (Choose two.)

Record a HAR file of the user composing a new email.

Take screenshots of the user's screen when composing an email.

Ask the user to send an email to you so you can check the headers.

Record a HAR file of the user composing a new email.

Take screenshots of the user's screen when composing an email.

Use the Email log search in the Admin panel.

Check the Users > App Users Activity report.

The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.What two actions should you take? (Choose two.)

Obtain the message header and analyze using Google Workspace Toolbox.

Set up a Gmail routing rule to whitelist the sender.

Obtain the message header and analyze using Google Workspace Toolbox.

Review the contents of the messages in Google Vault.

Set up a Gmail routing rule to whitelist the sender.

Conduct an Email log search to trace the message route.

Validate that your domain is not on the Spamhaus blacklist.

Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using Google Workspace.What should you do?

Enable authentication via the Google Authenticator.

Enable additional security verification via email.

Enable authentication via the Google Authenticator.

Deploy browser or device certificates via Google Workspace.

Configure USB Yubikeys for all users.

A company wants to distribute iOS devices to only the employees in the Sales OU. They want to be able to do the following on these devices:Control password policies.Make corporate apps available to the users.Remotely wipe the device if it's lost or compromisedWhat two steps are required before configuring the device policies? (Choose two.)

Turn on Advanced Mobile Management for Sales OU

Set up an Apple Push Certificate.

Turn on Advanced Mobile Management for the domain.

Turn on Advanced Mobile Management for Sales OU

Set up an Apple Push Certificate.

Deploy Apple Certificate to every device.

Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.What should you do?

Install Google Cloud Directory Sync on a supported server.

Install Google Cloud Directory Sync on all Domain Controllers.

Install Google Workspace Sync for Microsoft Outlook on all employees' computers.

Install Google Cloud Directory Sync on a supported server.

Install Google Apps Manager to automate add-user scripts.

Your company moved to Google Workspace last month and wants to install Hangouts Meet Hardware in all of their conference rooms. This will allow employees to walk into a room and use the in-room hardware to easily join their scheduled meeting. A distributed training session is coming up, and the facilitator wants to make remote room joining even easier. Participants in remote rooms should walk into their room and begin receiving the training without having to take any actions to join the session.How should you accomplish this?

Select Add Live Stream to the Calendar invite; all rooms added to the event will auto-join at the scheduled time.

In the Admin Console, select the devices in Meeting Room Hardware, select Call, and Enter the meeting code.

Room participants will need to start the meeting from the remote in the room.

By adding the rooms to the Calendar invite, they will all auto-join at the scheduled time.

Select Add Live Stream to the Calendar invite; all rooms added to the event will auto-join at the scheduled time.

Your corporate LDAP contains the email addresses of several hundred non-employee business partners. You want to sync these contacts to Google Workspace so they appear in Gmail's address autocomplete for all users in the domain.What are two options to meet this requirement? (Choose two.)

Develop a custom application to call the Domain Shared Contacts API.

Configure GCDS to synchronize shared contacts.

Use the Directory API to upload a .csv file containing the contacts.

Configure GCDS to populate a Group with external members.

Use the People API to upload a .csv file containing the contacts.

Develop a custom application to call the Domain Shared Contacts API.

Configure GCDS to synchronize shared contacts.

You are supporting an investigation that is being conducted by your litigation team. The current default retention policy for mail is 180 days, and there are no custom mail retention policies in place. The litigation team has identified a user who is central to the investigation, and they want to investigate the mail data related to this user without the user's awareness.What two actions should you take? (Choose two.)

Create a matter using Google Vault, and share the matter with the litigation team members.

Create a hold on the user's mailbox in Google Vault

Move the user to their own Organization Unit, and set a custom retention policy

Create a matter using Google Vault, and share the matter with the litigation team members.

Create a hold on the user's mailbox in Google Vault

Reset the user's password, and share the new password with the litigation team.

Copy the user's data to a secondary account.

Your Accounts Payable department is auditing software license contracts companywide and has asked you to provide a report that shows the number of active and suspended users by organization unit, which has been set up to match the Regions and Departments within your company. You need to produce a Google Sheet that shows a count of all active user accounts and suspended user accounts by Org unit.What should you do?

From the Google Workspace Reports Menu, run and download the Accounts Aggregate report, and export the data to Google Sheets.

From the Admin Console Billing Menu, turn off auto-assign, and then click into Assigned Users and export the data to Sheets.

From the Admin Console Users Menu, download a list of all Users to Google Sheets, and join that with a list of ORGIDs pulled from the Reports API.

From the Google Workspace Reports Menu, run and download the Accounts Aggregate report, and export the data to Google Sheets.

From the Admin Console Users Menu, download a list of all user info columns and currently selected columns.

You recently started an engagement with an organization that is also using Google Workspace. The engagement will involve highly sensitive data, and the data needs to be protected from being shared with unauthorized parties both internally and externally. You need to ensure that this data is properly secured.Which configuration should you implement?

Create a Team Drive for this engagement, and limit the memberships and sharing settings.

Turn on external sharing with whitelisted domains, and add the external organization to the whitelist.

Provision accounts within your domain for the external users, and turn off external sharing for that Org.

Configure the Drive DLP rules to prevent the sharing of PII and PHI outside of your domain.

Create a Team Drive for this engagement, and limit the memberships and sharing settings.

Your organization has just appointed a new CISO. They have signed up to receive admin alerts and just received an alert for a suspicious login attempt. They are trying to determine how frequently suspicious login attempts occur within the organization. The CISO has asked you to provide details for each user account that has had a suspicious login attempt in the past year and the number of times it occurred for each account.What action should you take to meet these requirements?

Use the login audit report to export all suspicious login details for analysis.

Create a custom dashboard with the security investigation tool showing suspicious logins.

Use the account activity report to export all suspicious login details for analysis.

Create a custom query in BigQuery showing all suspicious login details.

In the years prior to your organization moving to Google Workspace, it was relatively common practice for users to create consumer Google accounts with their corporate email address (for example, to monitor Analytics, manage AdSense, and collaborate in Docs with other partners who were on Google Workspace.) You were able to address active employees' use of consumer accounts during the rollout, and you are now concerned about blocking former employees who could potentially still have access to those services even though they don't have access to their corporate email account.What should you do?

Use the Transfer Tool for Unmanaged Accounts to send requests to the former users to transfer their account to your domain as a managed account.

Contact Google Enterprise Support to provide a list of all accounts on your domain(s) that access non-Google Workspace Google services and have them blocked.

Use the Transfer Tool for Unmanaged Accounts to send requests to the former users to transfer their account to your domain as a managed account.

Provide a list of all active employees to the managers of your company's Analytics, AdSense, etc. accounts, so they can clean up the respective access control lists.

Provision former user accounts with Cloud Identity licenses, generate a new Google password, and place them in an OU with all Google Workspace and Other Google Services disabled.

Your organization has implemented Single Sign-On (SSO) for the multiple cloud-based services it utilizes. During authentication, one service indicates that access to the SSO provider cannot be accessed due to invalid information.What should you do?

Verify the Audience Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.

Verify the NameID Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.

Verify the Audience Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.

Verify the Subject attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.

Verify the Recipient attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.

The CEO of your company heard about new security and collaboration features and wants to know how to stay up to date. You are responsible for testing and staying up to date with new features, and have been asked to prepare a presentation for management.What should you do?

Subscribe to the Google Workspace release calendar, and Join the Google Cloud Connect Community.

Download the Google Workspace roadmap, and work together with a deployment specialist for new features.

Create a support ticket for the Google Workspace roadmap, and ask to enable the latest release of Google Workspace.

Subscribe to the Google Workspace release calendar, and Join the Google Cloud Connect Community.

Change Google Workspace release track to: Rapid Release for faster access to new features.

Your company (your-company.com) just acquired a new business (new-company.com) that is running their email on-premises. It is close to their peak season, so any major changes need to be postponed. However, you need to ensure that the users at the new business can receive email addressed to them using your- company.com into their on-premises email server. You need to set up an email routing policy to accomplish this.What steps should you take?

Set up a Default route with split delivery to route email to the on-premises server.

Set up an Outbound Mail Gateway to route all outbound email to the on-premises server.

Set up accounts for the new employees, and use mail forwarding rules to send to the on-premises server.

Set up an Inbound Mail Gateway to reroute all inbound email to the on-premises server.

Set up a Default route with split delivery to route email to the on-premises server.

A user does not follow their usual sign-in pattern and signs in from an unusual location.What type of alert is triggered by this event?

Suspicious login activity alert.

Suspicious mobile activity alert.

Suspicious login activity alert.

Your large organization, 80,000 users, has been on Google for two years. Your CTO wants to create an integrated team experience with Google Groups, Teams Drives, and Calendar. Users will use a Google Form and Apps Script to request a new ''G-Team.'' A ''G-Team' is composed of a Google Group and a Team Drive/ Secondary Calendar that is shared using that Google Group.What two design decisions are required to implement this workflow securely? (Choose two.)

The Google Form will need to be limited to internal users only.

The Apps Script will need to run as a Google Workspace admin.

You will need a Cloud SQL instance to store ''G-Team' data.

The Google Form will need to be limited to internal users only.

The Apps Script will need to run on a timed interval to process new entries.

The Google Form will need to enforce Group naming conventions.

The application development team has come to you requesting that a new, internal, domain-owned Google Workspace app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.What should you do?

Add OAuth Client ID to Google Drive Trusted List.

Enable all API access for Google Drive.

Enable ''trust domain owned apps'' setting.

Add OAuth Client ID to Google Drive Trusted List.

Whitelist the app in the Google Workspace Marketplace.

Several customers have reported receiving fake collection notices from your company. The emails were received from accounts.receivable@yourcompany.com, which is the valid address used by your accounting department for such matters, but the email audit log does not show the emails in question. You need to stop these emails from being sent.What two actions should you take? (Choose two.)

Change the password for suspected compromised account accounts.receivable@yourcompany.com.

Configure a Sender Policy Framework (SPF) record for your domain.

Change the password for suspected compromised account accounts.receivable@yourcompany.com.

Configure a Sender Policy Framework (SPF) record for your domain.

Configure Domain Keys Identified Mail (DKIM) to authenticate email.

Disable mail delegation for the accounts.receivable@yourcompany.com account.

Disable ''Allow users to automatically forward incoming email to another address.''

Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider. You are responsible for configuring to meet this request.What should you do?

Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Encrypt message if not encrypted''.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Change route'' to send to your third-party encryption provider to encrypt.

Your organization is concerned with the increasing threat of phishing attacks that may impact users.Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.What should you do?

Enable Employee ID Login Challenge.

Enable Enforce Strong Password policy.

Enable Employee ID Login Challenge.

Decrease the Maximum User Session Length.

Revoke token authorizations to external applications.

How can you monitor increases in user reported Spam as identified by Google?

Review spike in user-reported spam in the Alert center.

Review post-delivery activity in the Email logs.

Review user-reported spam in the Investigation Tool.

Review spike in user-reported spam in the Alert center.

Rev]Biw post-delivery activity in the BigQuery Export.

With the help of a partner, you deployed Google Workspace last year and have seen the rapid pace of innovation and development within the platform. Your CIO has requested that you develop a method of staying up-to-date on all things Google Workspace so that you can be prepared to take advantage of new features and ensure that your organization gets the most out of the platform.What should you do?

Develop a cadence of regular roadmap and business reviews with your partner.

Regularly scan the admin console and keep track of any new features you identify.

Create a Feature Release alert in the Alert Center to be alerted to new functionality.

Put half of your organization on the Rapid Release Schedule to highlight differences.

The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.What two actions should you take? (Choose two.)

Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.

Enable all admin settings in Gmail's safety > spoofing and authentication.

Configure objectionable content to reject messages with the words ''wire transfer.''

Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.

Create a rule requiring secure transport for all messages regarding wire transfers.

Add the sender of the wire transfer email to the blocked senders list.

Enable all admin settings in Gmail's safety > spoofing and authentication.

Your-company.com finance departments want to create an internal application that needs to read data from spreadsheets. As the collaboration engineer, you suggest using App Maker. The Finance team is concerned about data security when creating applications with App Maker.What security measures should you implement to secure data?

Use Roles, Script, and Owner access permissions for operations on records and data relations.

Enable App Maker access only for the Finance department Organization Unit.

Use a service account with limited permissions to access each data source.

Change owner access permissions to allow internal usage only.

Your company is in the process of deploying Google Drive Enterprise for your sales organization. You have discovered that there are many unmanaged accounts across your domain. Your security team wants to manage these accounts moving forward.What should you do?

Use the Transfer Tool for unmanaged accounts to invite users into the domain.

Disable access to all ''Other Services'' in the Google Workspace Admin Console.

Use the Transfer Tool for unmanaged accounts to invite users into the domain.

Use the Data Migration Service to transfer the data to a managed account.

Open a support ticket to have Google transfer unmanaged accounts into your domain.

Google Professional Google Workspace Administrator Practice Test 2

Your Chief Information Security Officer is concerned about phishing. You implemented 2 Factor Authentication and forced hardware keys as a best practice to prevent such attacks. The CISO is curious as to how many such email phishing attempts you've avoided since putting the 2FA+Hardware Keys in place last month.

Where do you find the information your CISO is interested in seeing?

Become a Premium Member for full access

Unlock Premium Member

Google Professional Google Workspace Administrator Practice Test 2

Question

Google Professional Google Workspace Administrator Practice Tests

Practice Tests