ExamGecko
Search Search Login
Home Home / Google / Professional Google Workspace Administrator

Google Professional Google Workspace Administrator Practice Test - Questions Answers, Page 20

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The compliance team at your organization is conducting a legal investigation into some concerning sales activities of an employee eight months ago The compliance team contacted you for assistance on the situation You set up the default Google Vault retention rules so all data is retained only for one year You must assist the compliance team with the investigation What should you do1?
You are configuring a customer relationship management (CRM) solution to integrate with Google Workspace services for the sales department at your organization The CRM solution is in the Google Workspace Marketplace and you deploy the specific CRM solution Employees report that there are no contacts and documents visible in the CRM solution You must identify and fix the problem What should you do?
Your team is collaborating on a new project by using a Google Doc They are using Doc comments to add numerous questions and suggestions You want to ensure that sensitive data in the Doc comments does not appear in the recipients' inboxes when a user is notified that a comment has been assigned to them What should you do?
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials. What is your business partner required to provide in order to proceed?
You want to create a list of IP addresses that are approved to send email to your domain. To accomplish this, what section of the Google Workspace Admin console should you update?
An employee at your company does not need access to their Workspace account while they are on leave for a year When they return you need to ensure they have access to their account and that all their data and current emails remain intact Also their shared documents must be available to other users You must accomplish this goal in the most cost-effective way What should you do?
Your IT team is being asked to fulfill a query by your organization's legal department that requires an MBOX file that will be shared to a third-party partner for eDiscovery. The query must be run on multiple users. Legal has no admin rights to Google Vault. What should you do to fulfil the request?
Your organization was recently targeted by a phishing attempt that affected several users You must efficiently determine the full extent of the phishing attempt and prevent further issues from occurring What should you do?
Your organization wants to grant Google Vault access to an external regulatory authority. In an effort to comply with an investigation, the external group needs the ability to view reports in Google Vault. What should you do?
You have configured your Google Workspace account on the scheduled release track to provide additional time to prepare for new product releases and determine how they will impact your users. There are some new features on the latest roadmap that your director needs you to test as soon as they become generally available without changing the release track for the entire organization. What should you do?

Question 191

Report
Export
Collapse

After making a recent migration to Google Workspace, you updated your Google Cloud Directory Sync configuration to synchronize the global address list. Users are now seeing duplicate contacts in their global directory in Google Workspace. You need to resolve this issue.

What should you do?

A.
Train users to use Google Workspace's merge contacts feature.
A.
Train users to use Google Workspace's merge contacts feature.
Answers
B.
Enable directory contact deduplication in the Google Workspace Admin panel.
B.
Enable directory contact deduplication in the Google Workspace Admin panel.
Answers
C.
Update shared contact search rules to exclude internal users.
C.
Update shared contact search rules to exclude internal users.
Answers
D.
Create a new global directory, and delete the original.
D.
Create a new global directory, and delete the original.
Answers
Suggested answer: C

Explanation:

Access Admin Console: Log into your Google Workspace Admin Console.

Update GCDS Configuration: Open the Google Cloud Directory Sync (GCDS) configuration.

Modify Search Rules: Update the shared contact search rules within GCDS.

Exclude Internal Users: Modify the rules to exclude internal users from being synchronized as shared contacts.

Save and Sync: Save the updated configuration and perform a sync to apply the changes, which should resolve the issue of duplicate contacts in the global directory.

Google Support: Google Cloud Directory Sync

Question 192

Report
Export
Collapse

The organization has conducted and completed Security Awareness Training (SAT) for all employees. As part of a new security policy, employees who did not complete the SAT have had their accounts suspended. The CTO has requested to be informed of any accounts that have been re-enabled to ensure no one is in violation of the new security policy.

What should you do?

A.
Enable ''Suspicious login'' rule - Other Recipients: CTO
A.
Enable ''Suspicious login'' rule - Other Recipients: CTO
Answers
B.
Enable ''Suspended user made active'' rule - Other Recipients: CTO
B.
Enable ''Suspended user made active'' rule - Other Recipients: CTO
Answers
C.
Enable ''Email settings changed'' rule - -Other Recipients: CTO
C.
Enable ''Email settings changed'' rule - -Other Recipients: CTO
Answers
D.
Enable ''Suspended user made active'' rule and select ''Deliver to'' Super Administrator(s)
D.
Enable ''Suspended user made active'' rule and select ''Deliver to'' Super Administrator(s)
Answers
Suggested answer: B

Explanation:

Access Admin Console: Log into your Google Workspace Admin Console.

Navigate to Alert Center: Go to Security > Alert Center.

Enable Alert Rule: Find and enable the ''Suspended user made active'' rule.

Configure Recipients: In the alert rule settings, add the CTO as an additional recipient under the ''Other Recipients'' section.

Save Settings: Save the configuration. The CTO will now receive notifications whenever a suspended user's account is re-enabled, ensuring compliance with the new security policy.

Google Support: Alert Center

Question 193

Report
Export
Collapse

As the Workspace Administrator, you have been asked to configure Google Cloud Directory Sync (GCDS) in order to manage Google Group memberships from an internal LDAP server. However, multiple Google Groups must have their memberships managed manually. When you run the GCDS sync, you notice that these manually managed groups are being deleted. What should you do to prevent these groups from being deleted?

A.
In the GCDS configuration manager, update the group deletion policy setting to ''don't delete Google groups not found in LDAP.''
A.
In the GCDS configuration manager, update the group deletion policy setting to ''don't delete Google groups not found in LDAP.''
Answers
B.
Use the Directory API to check and update the group's membership after the GCDS sync is completed.
B.
Use the Directory API to check and update the group's membership after the GCDS sync is completed.
Answers
C.
Confirm that the base DN for the group email address attribute matches the base DN for the user email address attribute.
C.
Confirm that the base DN for the group email address attribute matches the base DN for the user email address attribute.
Answers
D.
In the user attribute settings of the GCDS configuration manager options, set the Google domain users deletion/suspension policy to ''delete only active Google domain users not found in LDAP.''
D.
In the user attribute settings of the GCDS configuration manager options, set the Google domain users deletion/suspension policy to ''delete only active Google domain users not found in LDAP.''
Answers
Suggested answer: A

Explanation:

When configuring Google Cloud Directory Sync (GCDS) to manage Google Group memberships from an internal LDAP server, it's crucial to ensure that manually managed groups are not inadvertently deleted during the sync process. The correct setting to prevent this is found within the GCDS configuration manager.

Access GCDS Configuration Manager:

Open the GCDS configuration manager on your server.

Navigate to Group Settings:

Go to the section where group settings are configured.

Update Group Deletion Policy:

Find the group deletion policy setting.

Change the policy to ''don't delete Google groups not found in LDAP.''

Save Configuration:

Save the updated configuration to ensure that the settings are applied during the next synchronization.

By updating this setting, GCDS will no longer delete Google Groups that are not found in LDAP, thereby preserving manually managed groups.

Google Cloud Directory Sync Admin Help

GCDS Configuration Guide

Question 194

Report
Export
Collapse

Your marketing department needs an easy way for users to share items more appropriately. They want to easily link-share Drive files within the marketing department, without sharing them with your entire company. What should you do to fulfil this request? (Choose two.)

A.
Create a shared drive that's shared internally organization-wide.
A.
Create a shared drive that's shared internally organization-wide.
Answers
B.
Update Drive sharing for the marketing department to restrict to internal.
B.
Update Drive sharing for the marketing department to restrict to internal.
Answers
C.
Create a shared drive for internal marketing use.
C.
Create a shared drive for internal marketing use.
Answers
D.
Update the link sharing default to the marketing team when creating a document.
D.
Update the link sharing default to the marketing team when creating a document.
Answers
E.
In the admin panel Drive settings, create a target audience that has all of marketing as members.
E.
In the admin panel Drive settings, create a target audience that has all of marketing as members.
Answers
Suggested answer: C, E

Explanation:

To enable the marketing department to easily share items within their team without exposing them to the entire company, the following steps should be taken:

Create a Shared Drive for Marketing:

In the Google Admin console, navigate to Apps > Google Workspace > Drive and Docs.

Create a new shared drive specifically for the marketing department.

Add all relevant marketing team members to this shared drive, ensuring that it is used for internal purposes only.

Set Up a Target Audience:

In the Admin console, go to Apps > Google Workspace > Drive and Docs > Sharing settings.

Create a target audience that includes all members of the marketing department.

This allows for easier link sharing within the department by setting the target audience as the default sharing option.

Steps to Configure:

Shared Drive: Ensure that the shared drive permissions are set to limit access to the marketing team.

Target Audience: Configure the target audience so that marketing team members can easily share files internally without defaulting to company-wide sharing.

By setting up a dedicated shared drive and configuring a target audience, you ensure that file sharing is streamlined and restricted to the appropriate team members.

Set up target audiences

Create and manage shared drives

Question 195

Report
Export
Collapse

Your company has a broad, granular IT administration team, and you are in charge of ensuring proper administrative control. One of those teams, the security team, requires access to the Security Investigation Tool. What should you do?

A.
Assign the pre-built security admin role to the security team members.
A.
Assign the pre-built security admin role to the security team members.
Answers
B.
Create a Custom Admin Role with the Security Center privileges, and then assign the role to each of the security team members.
B.
Create a Custom Admin Role with the Security Center privileges, and then assign the role to each of the security team members.
Answers
C.
Assign the Super Admin Role to the security team members.
C.
Assign the Super Admin Role to the security team members.
Answers
D.
Create a Custom Admin Role with the security settings privilege, and then assign the role to each of the security team members.
D.
Create a Custom Admin Role with the security settings privilege, and then assign the role to each of the security team members.
Answers
Suggested answer: B

Explanation:

To provide the security team with access to the Security Investigation Tool, the appropriate privileges must be granted through a custom admin role.

Create Custom Admin Role:

In the Google Admin console, navigate to Admin roles.

Click on Create new role.

Assign Security Center Privileges:

Name the role appropriately, such as 'Security Investigator'.

Under Privileges, expand the Security Center section.

Select the necessary privileges, including access to the Security Investigation Tool.

Assign Role to Users:

After creating the role, go to the Admin roles section.

Click on Assign users and add the relevant security team members to this custom role.

Save and Verify:

Save the role and verify that the assigned users have the correct access.

Creating a custom admin role with specific security privileges ensures that the security team has the necessary tools to perform their duties without granting excessive permissions.

Manage admin roles

Security Center overview

Question 196

Report
Export
Collapse

Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to prevent users from copying data from work to non-work apps on iOS devices?

A.
Navigate to ''Data Protection'' setting in Google Admin Console's Device management section and disable the ''Allow users to copy data to personal apps'' checkbox.
A.
Navigate to ''Data Protection'' setting in Google Admin Console's Device management section and disable the ''Allow users to copy data to personal apps'' checkbox.
Answers
B.
Disable ''Open Docs in Unmanaged Apps'' setting in Google Admin Console's Device management section.
B.
Disable ''Open Docs in Unmanaged Apps'' setting in Google Admin Console's Device management section.
Answers
C.
Navigate to Devices > Mobile and endpoints > Universal Settings > General and turn on Basic Mobile Management.
C.
Navigate to Devices > Mobile and endpoints > Universal Settings > General and turn on Basic Mobile Management.
Answers
D.
Clear the ''Allow items created with managed apps to open in unmanaged apps'' checkbox.
D.
Clear the ''Allow items created with managed apps to open in unmanaged apps'' checkbox.
Answers
Suggested answer: D

Explanation:

To prevent data exfiltration from Google apps on iOS devices, you need to configure the appropriate settings in the Google Admin console.

Navigate to Device Management:

In the Google Admin console, go to Devices > Mobile and endpoints > Universal Settings > iOS settings.

Configure Data Protection Settings:

Find the setting for 'Allow items created with managed apps to open in unmanaged apps'.

Clear this checkbox to prevent users from copying data from managed (work) apps to unmanaged (personal) apps.

Save Changes:

Save the changes to ensure that the policy is enforced.

Verification:

Verify that the policy is applied by checking the behavior on an iOS device to ensure that data cannot be copied from managed apps to unmanaged apps or third-party applications.

By clearing this checkbox, you enforce a policy that restricts the movement of data from managed apps to unmanaged environments, thereby preventing data exfiltration.

Manage iOS settings

Endpoint management settings

Question 197

Report
Export
Collapse

The credentials of several individuals within your organization have recently been stolen. Using the Google Workspace login logs, you have determined that in several cases, the stolen credentials have been used in countries other than the ones your organization works in. What else can you do to increase your organization's defense-in-depth strategy?

A.
Implement an IP block on the malicious user's IPs under Security Settings in the Admin Console.
A.
Implement an IP block on the malicious user's IPs under Security Settings in the Admin Console.
Answers
B.
Use Context-Aware Access to deny access to Google services from geo locations other than the ones your organization operates in.
B.
Use Context-Aware Access to deny access to Google services from geo locations other than the ones your organization operates in.
Answers
C.
Enforce higher complexity passwords by rolling it out to the affected users.
C.
Enforce higher complexity passwords by rolling it out to the affected users.
Answers
D.
Use Mobile device management geo-fencing to prevent malicious actors from using these stolen credentials.
D.
Use Mobile device management geo-fencing to prevent malicious actors from using these stolen credentials.
Answers
Suggested answer: B

Explanation:

Access Context-Aware Access Settings: In the Google Admin console, navigate to Security > Context-Aware Access.

Define Access Levels: Create access levels that specify the allowed geographical locations where your organization operates.

Apply Access Levels to Apps: Apply these access levels to Google Workspace applications to ensure that access is restricted based on the defined geographical locations.

Configure Policies: Set policies that deny access to Google services from locations outside the defined areas.

Test Configuration: Test the context-aware access settings to ensure they are working correctly and that unauthorized access attempts from other locations are blocked.

Monitor and Adjust: Continuously monitor the login activity and adjust the access levels as necessary to maintain security.

Google Workspace Admin Help - Context-Aware Access

Google Workspace Admin Help - Setting up Context-Aware Access

Total 197 questions
Go to page: of 20
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms