Ask Question
Google Professional Google Workspace Administrator Practice Test - Questions Answers, Page 9
List of questions
Question 81
Your chief compliance officer is concerned about API access to organization data across different cloud vendors. He has tasked you with compiling a list of applications that have API access to Google Workspace data, the data they have access to, and the number of users who are using the applications.
How should you compile the data being requested?
Explanation:
Access Admin Console: Log into your Google Workspace Admin Console.
Navigate to Reports: Go to the Reports section in the Admin Console.
Token Audit Log: Within the Reports, access the 'Token Audit' log. This log provides details on OAuth tokens issued to applications by your users.
Review Applications: Review the list of applications that have been granted access to your Google Workspace data. This will include information about the scopes (types of data) that each application can access.
Compile List: Compile a list of all the applications from the token audit log. Include details about the data they have access to and the number of users using each application.
Export Data: You can export this data to a spreadsheet for further analysis and reporting to your chief compliance officer.
Google Support: Token audit log
Question 82
Your organization syncs directory data from Active Directory to Google Workspace via Google Cloud Directory Sync. Users and Groups are updated from Active Directory on an hourly basis. A user's last name and primary email address have to be changed. You need to update the user's data.
What two actions should you take? (Choose two.)
Explanation:
Update Active Directory: Since your organization syncs directory data from Active Directory to Google Workspace, any changes to user data need to be made in Active Directory first.
Change Primary Email in AD: Change the user's primary email address in Active Directory. This will ensure that the new email address is synchronized with Google Workspace.
Change Last Name in AD: Similarly, change the user's last name in Active Directory. This ensures the updated name is synchronized correctly.
Sync Changes: Wait for the next synchronization cycle of Google Cloud Directory Sync (GCDS) to update the changes in Google Workspace.
Verify Changes in Google Workspace: After the sync is complete, verify that the changes to the user's email address and last name have been successfully updated in Google Workspace.
Google Support: Google Cloud Directory Sync
Question 83
Your CISO is concerned about third party applications becoming compromised and exposing Google Workspace data you have made available to them. How could you provide granular insight into what data third party applications are accessing?
What should you do?
Explanation:
Access Admin Console: Log into your Google Workspace Admin Console.
Navigate to Reports: Go to the Reports section within the Admin Console.
OAuth Token Audit Log: Access the OAuth Token Audit Activity logs. This log provides detailed information about third-party applications that have been granted access to your Google Workspace data.
Review Data Access: Review the logs to see which applications have accessed what type of data. This includes details on the scopes of access requested by the applications.
Generate Report: Create a report from these logs to provide granular insight into the data accessed by third-party applications. This report can be used to assess and mitigate any potential risks.
Google Support: Token audit log
Question 84
The Director of your Finance department has asked to be alerted if two financial auditors share any files outside the domain. You need to set an Admin Alert on Drive Sharing.
What should you do?
Explanation:
Access Admin Console: Log into your Google Workspace Admin Console.
Navigate to Alert Center: Go to the Alert Center within the Admin Console.
Create Drive Audit Alerts: Create two separate Drive audit alerts for each of the financial auditors.
Set Visibility Condition: Configure the alert condition to trigger when the visibility of any file shared by these users is set to ''Shared Externally''.
Set Notification: Configure the alert to send an email notification to the Director of the Finance department whenever the condition is met.
Save Alerts: Save the alerts and ensure they are active.
Google Support: Alert Center
Google Support: Drive audit logs
Question 85
Your company has been engaged in a lawsuit, and the legal department has been asked to discover and hold all email for two specific users. Additionally, they have been asked to discover and hold any email referencing ''Secret Project 123.''
What steps should you take to satisfy this request?
Explanation:
Create a Matter: Access Google Vault and create a new matter for the lawsuit. Matters are used to manage legal holds and searches.
Create a Hold: Within the matter, create a new hold.
Set the Hold Scope: Set the hold scope to Gmail, since the requirement is to discover and hold emails.
Specify Accounts: Set the usernames to [email protected] and [email protected]. This ensures that all emails for these specific users are held.
Set Search Terms: Use the search terms ''secret project 123'' to hold any emails that reference this specific term. This is a broad search that captures any email mentioning 'Secret Project 123.'
Save the Hold: Save the hold to ensure that it captures all relevant emails for the specified users and the search term.
Google Support: Create or update a hold
Question 86
Your Security Officer ran the Security Health Check and found the alert that ''Installation of mobile applications from unknown sources'' was occurring. They have asked you to find a way to prevent that from happening.
Using Mobile Device Management (MDM), you need to configure a policy that will not allow mobile applications to be installed from unknown sources.
What MDM configuration is needed to meet this requirement?
Explanation:
Access the Admin Console: Log into your Google Workspace Admin Console.
Navigate to Device Management: Go to the Device Management section.
Android Settings: Within Device Management, access the Android settings.
Configure Application Settings: Ensure that the setting ''Allow non-Play Store apps from unknown sources installation'' is unchecked. This will prevent users from installing apps from unknown sources, thereby enhancing security.
Save Configuration: Save the configuration changes to apply the policy across all managed Android devices.
Question 87
After a recent transition to Google Workspace, helpdesk has received a high volume of password reset requests and cannot respond in a timely manner. Your manager has asked you to determine how to resolve these requests without relying on additional staff.
What should you do?
Explanation:
Access the Admin Console: Log into your Google Workspace Admin Console.
Navigate to Security Settings: Go to the Security section in the Admin Console.
Password Recovery: Enable the option for non-admin password recovery. This feature allows users to reset their own passwords using their recovery email address or phone number without needing to contact the helpdesk.
Configure Recovery Options: Ensure users have their recovery options set up (recovery email and phone number) so they can use this feature effectively.
Inform Users: Notify users about this new self-service password recovery option and provide instructions on how to use it.
Google Support: Set up self-service password recovery
Question 88
Your organization deployed Google Workspace Enterprise within the last year, with the support of a partner. The deployment was conducted in three stages: Core IT, Google Guides, and full organization. You have been tasked with developing a targeted ongoing adoption plan for your Google Workspace organization.
What should you do?
Explanation:
Access Work Insights: Log into your Google Workspace Admin Console and access Work Insights.
Gather Adoption Metrics: Use Work Insights to gather data on how users are adopting Google Workspace. This includes information on how often they are using different Google Workspace applications and features.
Analyze Data: Analyze the data to identify which teams or departments may need additional training and support.
Targeted Training: Develop targeted training exercises based on the insights gathered. Focus on areas where adoption is low or where users are not taking full advantage of the available features.
Implement Training: Use Google Guides or other training methods to deliver the targeted training sessions.
Monitor Progress: Continue to use Work Insights to monitor adoption and adjust the training plan as necessary.
Google Support: Work Insights
Question 89
Your company recently decided to use a cloud-based ticketing system for your customer care needs. You are tasked with rerouting email coming into your customer care address, [email protected] to the cloud platform's email address, [email protected]. As a security measure, you have mail forwarding disabled at the domain level.
What should you do?
Explanation:
Access the Admin Console: Log into your Google Workspace Admin Console.
Navigate to Apps: Go to Apps > Google Workspace > Gmail > Compliance.
Create a Content Compliance Rule: Create a new content compliance rule.
Set Conditions: Set the condition to apply to incoming mail for [email protected].
Change Route: Configure the rule to change the route to [email protected]. This effectively reroutes emails without using traditional forwarding, which is disabled at the domain level.
Save and Apply: Save the compliance rule and ensure it is applied to enforce the new routing policy.
Google Support: Set up content compliance
Question 90
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials.
What is your business partner required to provide in order to proceed?
Explanation:
In order to set up a new custom cloud application to log in without having separate credentials, you need to configure Single Sign-On (SSO) using SAML (Security Assertion Markup Language). The Assertion Consumer Service (ACS) URL is a critical piece of information required for this configuration. It is the endpoint on the service provider's system that receives the authentication assertions from the identity provider (Google Workspace in this case).
Service Provider ACS URL: The ACS URL is necessary for the SSO configuration because it is the URL to which the identity provider will send the SAML assertion after authentication. This URL tells the identity provider where to send the SAML response after the user has been authenticated.
Configuration Steps:
In Google Admin console, navigate to Apps > Web and mobile apps.
Add a custom SAML app.
Enter the ACS URL provided by the service provider in the appropriate field.
Complete the configuration by providing other necessary information such as the Entity ID and Name ID format.
Importance: Without the ACS URL, the identity provider will not know where to send the authentication tokens, making SSO impossible.
Google Workspace Admin Help: Set up your own custom SAML app
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
.png)
Question