The core of the problem is to identify the responsible users and the extent of past unauthorized sharing. The Security Investigation Tool is designed precisely for this purpose. It allows administrators to search and analyze various audit logs, including Drive logs, to pinpoint specific events, users, and data.

Here ' s why the other options are less appropriate as the first or most direct action for this specific problem:

A. Review the organization ' s sharing policies in the Admin console, and update the policies to prevent external sharing. This is a crucial preventative measure for the future, and a necessary step after identifying the scope of the problem. However, it won ' t help you identify who shared what in the past .

B. Use the security health page to identify misconfigured sharing settings in Drive. The security health page provides an overview of your security posture and can highlight general misconfigurations. While useful for identifying potential vulnerabilities, it won ' t give you the granular details of specific users and shared documents that have already occurred, which is what the question asks for.

D. Create an activity rule in the Security Center to alert you of future external sharing events. Similar to option A, this is a future-oriented preventative and monitoring measure. It will help catch future violations but won ' t provide information about the past unauthorized sharing that has already happened.

References from Google Workspace Administrator:

Security investigation tool: This tool is explicitly designed for identifying, triaging, and taking action on security issues. It allows administrators to search and analyze logs from various Google Workspace services, including Drive, to investigate specific events like external sharing.

Using a CSV file to list all the conference rooms and a script to automate their creation via the Workspace API is the most efficient solution. This approach allows you to batch-create the rooms with the specified attributes (capacity, whiteboard, projector, wheelchair accessible) without manually inputting each room individually. It minimizes manual effort and ensures consistency across all room configurations.

To verify a domain name with Google Workspace and gain access to all its features, you typically need to prove that you own the domain. One of the most common methods for doing this is by adding a specific TXT record to your domain ' s DNS (Domain Name System) zone. Google provides this unique TXT record, and once it ' s published in your DNS, Google can verify your ownership.  

Here ' s why option C is the correct approach and why the others are not the standard methods for domain verification in Google Workspace:

C. Request a TXT record be added to the DNS zone by your domain registrar.

Google Workspace provides a unique TXT record that you need to add to your domain ' s DNS settings. This record contains a specific code that Google ' s systems check for. By finding this record in your domain ' s public DNS, Google can confirm that you have control over the domain and are authorized to use it with Google Workspace. You usually manage DNS records through the interface provided by your domain registrar or your DNS hosting provider.  

Associate Google Workspace Administrator topics guides or documents reference: The official Google Workspace Admin Help documentation on " Verify your domain for Google Workspace " (or similar titles) explicitly outlines the different methods for domain verification. Adding a TXT record is consistently presented as a primary and recommended method. The documentation provides the exact steps:Sign in to your domain host (domain registrar).

Go to your domain ' s DNS records.

Add a TXT record with the value provided by Google.

Save the TXT record.

In the Google Admin console, start the verification process. Google will then check for the TXT record.

A. Contact Google support and request manual verification.

While Google support can assist with domain verification issues, it ' s not the standard first step. Manual verification is usually reserved for situations where the standard methods (like TXT or CNAME records) cannot be used or have failed. You should first attempt one of the standard DNS-based verification methods.

Associate Google Workspace Administrator topics guides or documents reference: The standard domain verification process, as documented in Google Workspace Admin Help, primarily involves DNS record modifications. Contacting support is usually a step taken if there are problems with these standard methods.  

B. Add an MX record to your DNS zone that points to Google Workspace.

MX records are for directing email to the correct mail servers. While you will eventually need to configure MX records to use Gmail with your domain, adding them is not the primary step for verifying the domain ' s ownership. Domain verification needs to be completed before you can fully set up email and have Google manage your domain ' s email flow.  

Associate Google Workspace Administrator topics guides or documents reference: The Google Workspace Admin Help documentation clearly separates the steps for domain verification from setting up MX records for email. Verification comes first to prove ownership.

D. Purchase an SSL certificate for your domain.

An SSL (Secure Sockets Layer) certificate is used to secure communication between a web server and a browser, typically for websites. It is not related to verifying domain ownership for Google Workspace services. While having an SSL certificate is important for website security, it does not serve as a method for Google to confirm that you own the domain for Google Workspace setup.  

Associate Google Workspace Administrator topics guides or documents reference: Google Workspace domain verification methods are specifically focused on demonstrating control over the domain ' s DNS records. SSL certificates are a separate aspect of web security.

Therefore, the correct action to verify your domain for Google Workspace is to request a TXT record from Google and add it to your domain ' s DNS zone through your domain registrar ' s management interface.

The security investigation tool in Google Workspace allows you to identify the impacted users and messages. By marking the messages as phishing, you acknowledge their malicious nature, helping to protect the users. Adding the sender’s email address to the Blocked senders list ensures that future messages from this sender will be automatically blocked, preventing recurrence of similar incidents.

A Google Group with collaborative inbox settings allows you to evenly distribute support request emails among the team. By setting the posting permissions to “Anyone on the web,” external customers can send emails directly to the group, and the emails will be distributed to the support agents as tasks. This is a cost-effective solution that also provides an organized way to manage and track customer support requests.

AppSheet is a no-code platform that allows users to create custom applications without the need for software development skills. It is capable of building applications that can be used both on the web and mobile devices. AppSheet would allow the organization to create the approval application efficiently, meeting the requirements of the purchase process, and would be a cost-effective solution that does not require hiring developers or using a third-party application provider.

Google Workspace offers Archived User licenses, which allow you to retain access to the data and communications of former employees without paying for a full user license. This option ensures compliance with the policy of retaining project data and communications in Google Vault while minimizing costs by avoiding unnecessary full user licenses.

Google Workspace allows organizations to control the geographic location of their data for compliance and regulatory reasons, often referred to as " data regions " or " data locality. " To ensure user data is located in the same region as their physical office, especially for compliance with regulations like those in the EU, you need to set a data region policy for the respective organizational units.

Here ' s why the other options are incorrect:

A. Set the OU data location to No preference. " No preference " means Google can store the data wherever it deems appropriate, which goes against the requirement of ensuring data is located in a specific region (e.g., EU for EU users, US for US users).

B. Turn on advanced settings and select Enable features that may process data across multiple regions. This option would allow data to be processed across multiple regions, which directly contradicts the company regulation that requires data to be located in the same region as their physical office.

C. Turn on advanced settings and select Disable features that may process data across multiple regions. While this might seem related to controlling data flow, the primary mechanism for specifying data residency for OUs is through data region policies, not simply disabling cross-region processing features. Disabling such features might limit functionality without directly setting the data storage region.

References from Google Workspace Administrator:

Choose a data region for your data: Google Workspace provides options for administrators to choose a data region for covered Google Workspace services, which applies to primary customer data at rest. This can be set at the organizational unit (OU) level.

By setting the Accessing groups from outside this organization to Private, you prevent users from joining external Google Groups while still allowing internal users to use Google Groups within the organization. This setting ensures that only members of your organization can join and interact with internal groups, effectively stopping external access without affecting internal group usage.

When multiple users across different office buildings experience issues with a Google Workspace service like Google Voice (dropped calls, poor call quality), the first and most efficient step to determine if it ' s a widespread service disruption or a localized issue is to check the official Google Workspace Status Dashboard. This dashboard provides real-time and historical information on the status of all Google Workspace services.

Here ' s why the other options are less effective as the first step:

A. Verify whether users in the affected buildings have been assigned Google Voice licenses. If users are experiencing issues like dropped calls, it implies they have licenses and can generally access the service. A licensing issue would likely prevent them from using Google Voice at all, not just lead to poor quality. This would be a troubleshooting step if the dashboard shows no outage and individual users can ' t use the service at all.

C. Check the Google Workspace Updates blog for announcements about Google Voice issues. The Updates blog is for new features, policy changes, and sometimes post-mortems of past major incidents, but it ' s not a real-time status indicator for current outages. The Status Dashboard is designed for this immediate check.

D. Use the security investigation tool to search user log events for " Call failed " , and analyze packet loss data. The security investigation tool is excellent for detailed forensic analysis of specific user activities and security events. While it could eventually reveal packet loss or call failure events, it ' s a time-consuming investigative tool. Before diving into granular logs, you first need to rule out a broader service outage that would affect many users. If the Status Dashboard shows no issues, then using the investigation tool to look at specific user logs is a valid next step for localized troubleshooting.

References from Google Workspace Administrator:

Google Workspace Status Dashboard: This is the primary and official source for real-time information on the status of Google Workspace services. It is designed precisely for checking widespread outages or disruptions.