ExamGecko
Search Search Login
Home Home / Google / Professional Google Workspace Administrator

Google Professional Google Workspace Administrator Practice Test - Questions Answers, Page 8

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The compliance team at your organization is conducting a legal investigation into some concerning sales activities of an employee eight months ago The compliance team contacted you for assistance on the situation You set up the default Google Vault retention rules so all data is retained only for one year You must assist the compliance team with the investigation What should you do1?
You are configuring a customer relationship management (CRM) solution to integrate with Google Workspace services for the sales department at your organization The CRM solution is in the Google Workspace Marketplace and you deploy the specific CRM solution Employees report that there are no contacts and documents visible in the CRM solution You must identify and fix the problem What should you do?
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials. What is your business partner required to provide in order to proceed?
Your team is collaborating on a new project by using a Google Doc They are using Doc comments to add numerous questions and suggestions You want to ensure that sensitive data in the Doc comments does not appear in the recipients' inboxes when a user is notified that a comment has been assigned to them What should you do?
You want to create a list of IP addresses that are approved to send email to your domain. To accomplish this, what section of the Google Workspace Admin console should you update?
An employee at your company does not need access to their Workspace account while they are on leave for a year When they return you need to ensure they have access to their account and that all their data and current emails remain intact Also their shared documents must be available to other users You must accomplish this goal in the most cost-effective way What should you do?
Your IT team is being asked to fulfill a query by your organization's legal department that requires an MBOX file that will be shared to a third-party partner for eDiscovery. The query must be run on multiple users. Legal has no admin rights to Google Vault. What should you do to fulfil the request?
Your organization was recently targeted by a phishing attempt that affected several users You must efficiently determine the full extent of the phishing attempt and prevent further issues from occurring What should you do?
Your organization wants to grant Google Vault access to an external regulatory authority. In an effort to comply with an investigation, the external group needs the ability to view reports in Google Vault. What should you do?
You have configured your Google Workspace account on the scheduled release track to provide additional time to prepare for new product releases and determine how they will impact your users. There are some new features on the latest roadmap that your director needs you to test as soon as they become generally available without changing the release track for the entire organization. What should you do?

Question 71

Report
Export
Collapse

Your large organization, 80,000 users, has been on Google for two years. Your CTO wants to create an integrated team experience with Google Groups, Teams Drives, and Calendar. Users will use a Google Form and Apps Script to request a new ''G-Team.'' A ''G-Team' is composed of a Google Group and a Team Drive/ Secondary Calendar that is shared using that Google Group.

What two design decisions are required to implement this workflow securely? (Choose two.)

A.
The Apps Script will need to run as a Google Workspace admin.
A.
The Apps Script will need to run as a Google Workspace admin.
Answers
B.
You will need a Cloud SQL instance to store ''G-Team' data.
B.
You will need a Cloud SQL instance to store ''G-Team' data.
Answers
C.
The Google Form will need to be limited to internal users only.
C.
The Google Form will need to be limited to internal users only.
Answers
D.
The Apps Script will need to run on a timed interval to process new entries.
D.
The Apps Script will need to run on a timed interval to process new entries.
Answers
E.
The Google Form will need to enforce Group naming conventions.
E.
The Google Form will need to enforce Group naming conventions.
Answers
Suggested answer: C

Explanation:

Subscribe to the Google Workspace Release Calendar:

Go to the Google Workspace Updates blog at https://workspaceupdates.googleblog.com/.

Subscribe to the release calendar by clicking on the 'Subscribe to updates' button.

This will provide you with real-time updates about new features and changes in Google Workspace.

Join the Google Cloud Connect Community:

Visit the Google Cloud Connect Community at https://cloudconnectcommunity.google/.

Join the community to engage with other Google Workspace administrators and users.

Participate in discussions, ask questions, and stay informed about best practices and upcoming features.

Google Workspace Updates Blog

Google Cloud Connect Community

Question 72

Report
Export
Collapse

The application development team has come to you requesting that a new, internal, domain-owned Google Workspace app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.

What should you do?

A.
Enable all API access for Google Drive.
A.
Enable all API access for Google Drive.
Answers
B.
Enable ''trust domain owned apps'' setting.
B.
Enable ''trust domain owned apps'' setting.
Answers
C.
Add OAuth Client ID to Google Drive Trusted List.
C.
Add OAuth Client ID to Google Drive Trusted List.
Answers
D.
Whitelist the app in the Google Workspace Marketplace.
D.
Whitelist the app in the Google Workspace Marketplace.
Answers
Suggested answer: C

Explanation:

Navigate to the Google Admin console at admin.google.com.

From the Admin console Home page, go to 'Security' and then to 'API controls.'

In the 'API controls' section, click on 'Manage Third-Party App Access.'

Here, you can add the OAuth Client ID of your internal app to the trusted list. This ensures that only apps you have vetted and approved can access Google Drive APIs, complying with your security policy.

Enter the OAuth Client ID of the new app and save the changes.

This process ensures that the new, internal, domain-owned app can access Google Drive APIs without compromising the security policies in place.

Google Workspace Admin Help - Manage API client access

Question 73

Report
Export
Collapse

Several customers have reported receiving fake collection notices from your company. The emails were received from [email protected], which is the valid address used by your accounting department for such matters, but the email audit log does not show the emails in question. You need to stop these emails from being sent.

What two actions should you take? (Choose two.)

A.
Change the password for suspected compromised account [email protected].
A.
Change the password for suspected compromised account [email protected].
Answers
B.
Configure a Sender Policy Framework (SPF) record for your domain.
B.
Configure a Sender Policy Framework (SPF) record for your domain.
Answers
C.
Configure Domain Keys Identified Mail (DKIM) to authenticate email.
C.
Configure Domain Keys Identified Mail (DKIM) to authenticate email.
Answers
D.
Disable mail delegation for the [email protected] account.
D.
Disable mail delegation for the [email protected] account.
Answers
E.
Disable ''Allow users to automatically forward incoming email to another address.''
E.
Disable ''Allow users to automatically forward incoming email to another address.''
Answers
Suggested answer: A, B

Explanation:

Change the password for the suspected compromised account:

Sign in to the Google Admin console.

From the Admin console Home page, go to 'Users.'

Find and select the account '[email protected].'

Click on 'Security' and then 'Password.'

Follow the instructions to change the password.

Configure a Sender Policy Framework (SPF) record for your domain:

Log in to your domain host (e.g., GoDaddy, Bluehost).

Locate the page for updating your domain's DNS records.

Add a new TXT record for your domain with the SPF rule, typically something like:

v=spf1 include:_spf.google.com ~all

Save the changes to update the DNS records.

Changing the password helps secure the compromised account, while configuring SPF helps prevent email spoofing, ensuring that fake emails are less likely to be delivered as though they come from your legitimate email address.

Google Workspace Admin Help - Change or reset a user's password

Google Workspace Admin Help - Set up SPF records

Question 74

Report
Export
Collapse

Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider. You are responsible for configuring to meet this request.

What should you do?

A.
Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
A.
Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
Answers
B.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Encrypt message if not encrypted''.
B.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Encrypt message if not encrypted''.
Answers
C.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
C.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
Answers
D.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Change route'' to send to your third-party encryption provider to encrypt.
D.
Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check ''Change route'' to send to your third-party encryption provider to encrypt.
Answers
Suggested answer: A

Explanation:

Sign in to the Google Admin console.

From the Admin console Home page, go to 'Apps' and then 'Google Workspace' and 'Gmail.'

Select 'Compliance' and then 'Content compliance.'

Click on 'Add another rule' to create a new content compliance rule.

In the new rule setup, specify conditions:

For 'Email messages to affect,' choose 'Outbound' and 'Internal - sending.'

Under 'Add expressions,' select 'If ANY of the following match the message' and choose 'Predefined content match,' then select 'Credit Card Numbers.'

In the 'Actions' section, select 'Add more recipients' and specify the custom header your encryption provider uses.

Save the rule.

This ensures that emails containing credit card numbers are flagged and encrypted by your third-party encryption provider, fulfilling the security requirements set by your cyber security team.

Google Workspace Admin Help - Set up rules for content compliance

Question 75

Report
Export
Collapse

Your organization is concerned with the increasing threat of phishing attacks that may impact users.

Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.

What should you do?

A.
Enable Enforce Strong Password policy.
A.
Enable Enforce Strong Password policy.
Answers
B.
Enable Employee ID Login Challenge.
B.
Enable Employee ID Login Challenge.
Answers
C.
Decrease the Maximum User Session Length.
C.
Decrease the Maximum User Session Length.
Answers
D.
Revoke token authorizations to external applications.
D.
Revoke token authorizations to external applications.
Answers
Suggested answer: B

Explanation:

Sign in to the Google Admin console.

From the Admin console Home page, go to 'Security' and then 'Login challenges.'

Enable the 'Employee ID login challenge' setting.

Configure the challenge by defining the employee IDs that users need to provide during the login process.

Enabling Employee ID login challenges adds an additional layer of security without requiring 2-Step verification. This helps prevent unauthorized access by ensuring that users provide an additional piece of information known only to them.

Google Workspace Admin Help - Configure login challenges

''?>>?b GF\]\rom the Admin console Home page, go to 'Security.'

Under 'Security,' select 'API controls.'

In the 'API controls' section, click on 'Manage Third-Party App Access.'

Find the Google Drive API in the list.

Choose 'Disable All Access' for Google Drive to ensure that no third-party apps have OAuth permissions to Google Drive.

This configuration adheres to the policy set by the Chief Information Security Officer by preventing third-party apps from accessing Google Drive via OAuth.

Google Workspace Admin Help - Manage API client access

Question 76

Report
Export
Collapse

How can you monitor increases in user reported Spam as identified by Google?

A.
Review post-delivery activity in the Email logs.
A.
Review post-delivery activity in the Email logs.
Answers
B.
Review user-reported spam in the Investigation Tool.
B.
Review user-reported spam in the Investigation Tool.
Answers
C.
Review spike in user-reported spam in the Alert center.
C.
Review spike in user-reported spam in the Alert center.
Answers
D.
Rev]Biw post-delivery activity in the BigQuery Export.
D.
Rev]Biw post-delivery activity in the BigQuery Export.
Answers
Suggested answer: C

Explanation:

Sign in to the Google Admin console.

From the Admin console Home page, go to 'Security' and then to 'Alert center.'

In the Alert center, look for alerts related to user-reported spam.

You can review details of these alerts to monitor any spikes in user-reported spam activity.

The Alert center provides a centralized location to review and manage alerts, making it easier to identify trends and spikes in spam reports.

Google Workspace Admin Help - Alert Center Overview BFbC

Question 77

Report
Export
Collapse

With the help of a partner, you deployed Google Workspace last year and have seen the rapid pace of innovation and development within the platform. Your CIO has requested that you develop a method of staying up-to-date on all things Google Workspace so that you can be prepared to take advantage of new features and ensure that your organization gets the most out of the platform.

What should you do?

A.
Develop a cadence of regular roadmap and business reviews with your partner.
A.
Develop a cadence of regular roadmap and business reviews with your partner.
Answers
B.
Regularly scan the admin console and keep track of any new features you identify.
B.
Regularly scan the admin console and keep track of any new features you identify.
Answers
C.
Create a Feature Release alert in the Alert Center to be alerted to new functionality.
C.
Create a Feature Release alert in the Alert Center to be alerted to new functionality.
Answers
D.
Put half of your organization on the Rapid Release Schedule to highlight differences.
D.
Put half of your organization on the Rapid Release Schedule to highlight differences.
Answers
Suggested answer: A

Explanation:

Schedule regular meetings with your Google Workspace partner.

During these meetings, review the Google Workspace roadmap and upcoming features.

Discuss how new features can be leveraged to benefit your organization.

Plan business reviews to ensure that you are making the most of the platform's capabilities and staying up-to-date with developments.

Establishing a regular cadence of roadmap and business reviews ensures continuous alignment with the latest Google Workspace innovations and allows your organization to take full advantage of new features.

Google Workspace Admin Help - Google Workspace Partners

Question 78

Report
Export
Collapse

The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.

What two actions should you take? (Choose two.)

A.
Configure objectionable content to reject messages with the words ''wire transfer.''
A.
Configure objectionable content to reject messages with the words ''wire transfer.''
Answers
B.
Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.
B.
Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.
Answers
C.
Create a rule requiring secure transport for all messages regarding wire transfers.
C.
Create a rule requiring secure transport for all messages regarding wire transfers.
Answers
D.
Add the sender of the wire transfer email to the blocked senders list.
D.
Add the sender of the wire transfer email to the blocked senders list.
Answers
E.
Enable all admin settings in Gmail's safety > spoofing and authentication.
E.
Enable all admin settings in Gmail's safety > spoofing and authentication.
Answers
Suggested answer: B, E

Explanation:

Verify DMARC, DKIM, and SPF records:

Sign in to your domain host and navigate to the DNS settings.

Ensure that SPF (Sender Policy Framework) is set up correctly to prevent email spoofing.

Configure DKIM (DomainKeys Identified Mail) to add a digital signature to emails sent from your domain.

Set up DMARC (Domain-based Message Authentication, Reporting & Conformance) to provide instructions to receiving mail servers on how to handle emails that fail SPF or DKIM checks.

Enable Gmail spoofing and authentication settings:

Sign in to the Google Admin console.

From the Admin console Home page, go to 'Apps' > 'Google Workspace' > 'Gmail' > 'Safety.'

Enable settings related to spoofing and authentication to add additional layers of protection against phishing attempts.

By verifying these email security settings and enabling spoofing protections, you can help prevent unauthorized or fraudulent emails from being sent, thus reducing the risk of wire transfer fraud.

Google Workspace Admin Help - Set up SPF records

Google Workspace Admin Help - Set up DKIM

Google Workspace Admin Help - Set up DMARC

Question 79

Report
Export
Collapse

Your-company.com finance departments want to create an internal application that needs to read data from spreadsheets. As the collaboration engineer, you suggest using App Maker. The Finance team is concerned about data security when creating applications with App Maker.

What security measures should you implement to secure data?

A.
Use Roles, Script, and Owner access permissions for operations on records and data relations.
A.
Use Roles, Script, and Owner access permissions for operations on records and data relations.
Answers
B.
Enable App Maker access only for the Finance department Organization Unit.
B.
Enable App Maker access only for the Finance department Organization Unit.
Answers
C.
Use a service account with limited permissions to access each data source.
C.
Use a service account with limited permissions to access each data source.
Answers
D.
Change owner access permissions to allow internal usage only.
D.
Change owner access permissions to allow internal usage only.
Answers
Suggested answer: A

Explanation:

When developing the application in App Maker, define roles that correspond to the different levels of access needed by users.

Use scripts to control access to data based on user roles. This ensures that only authorized users can perform certain operations.

Set the owner access permissions appropriately to ensure that data can only be accessed or modified by those with the necessary permissions.

Regularly review and update roles and permissions to adapt to any changes in the organization or the application's usage.

Implementing these security measures ensures that data in your internal application is accessed and managed securely, mitigating risks associated with unauthorized access.

Google Workspace Admin Help - App Maker Security

Question 80

Report
Export
Collapse

Your company is in the process of deploying Google Drive Enterprise for your sales organization. You have discovered that there are many unmanaged accounts across your domain. Your security team wants to manage these accounts moving forward.

What should you do?

A.
Disable access to all ''Other Services'' in the Google Workspace Admin Console.
A.
Disable access to all ''Other Services'' in the Google Workspace Admin Console.
Answers
B.
Use the Transfer Tool for unmanaged accounts to invite users into the domain.
B.
Use the Transfer Tool for unmanaged accounts to invite users into the domain.
Answers
C.
Use the Data Migration Service to transfer the data to a managed account.
C.
Use the Data Migration Service to transfer the data to a managed account.
Answers
D.
Open a support ticket to have Google transfer unmanaged accounts into your domain.
D.
Open a support ticket to have Google transfer unmanaged accounts into your domain.
Answers
Suggested answer: B

Explanation:

Identify Unmanaged Accounts: First, you need to identify the unmanaged accounts in your domain. These are accounts created by users with their company email address but are not managed by your Google Workspace.

Use the Transfer Tool for Unmanaged Accounts: Google provides a specific tool called the 'Transfer tool for unmanaged users'. This tool allows administrators to invite users with unmanaged accounts to join the organization's managed Google Workspace account.

Send Invitations: Using this tool, you can send invitations to these users to join your Google Workspace domain.

Accept Invitations: The users need to accept the invitation to migrate their unmanaged account into your managed domain.

Monitor and Verify: After the invitation is accepted, monitor the process to ensure that all accounts are successfully migrated and are now managed under your Google Workspace domain.

Google Support: Transfer tool for unmanaged users

Total 197 questions
Go to page: of 20
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms