You have enabled Automatic Room Replacement for your calendar resources, but it is not working for any instances of a conflict booking. What could be the issue?
Your organization is about to expand by acquiring two companies, both of which are using Google Workspace. The CISO has mandated that strict ‘No external content sharing’ policies must be in place and followed. How should you securely configure sharing policies to satisfy both the CISO’s mandate while allowing external sharing with the newly acquired companies?
Your company has decided to change SSO providers. Instead of authenticating into Google Workspace and other cloud services with an external SSO system, you will now be using Google as the Identity Provider (IDP) and SSO provider to your other third-party cloud services.
What two features are essential to reconfigure in Google Workspace? (Choose two.)
As a Google Workspace administrator for your organization, you are tasked with controlling which third-party apps can access Google Workspace data. Before implementing controls, as a first step in this process, you want to review all the third-party apps that have been authorized to access Workspace data. What should you do?
An end user informs you that they are having issues receiving mail from a specific sender that is external to your organization. You believe the issue may be caused by the external entity’s SPF record being incorrectly configured. Which troubleshooting step allows you to examine the full message headers for the offending message to determine why the messages are not being delivered?
Your organization has just completed migrating users to Workspace. Many employees are concerned about their legacy Microsoft Office documents, including issues of access, editing, and viewing. Which two practices should you use to alleviate user concerns without limiting Workspace collaboration features? (Choose two.)
The human resources (HR) team needs a centralized place to share key documents with the entire organization while protecting confidential documents and mitigating the risk of losing documents when someone leaves. These documents must be editable by the HR team members. What is the best way to set this up?
Your organization recently bought 1.000 licenses for Cloud Identity Premium. The company's development team created an application in the enterprise service bus (ESB) that will read user data in the human resources information system (HRIS) and create accounts via the Google Directory REST API.
While doing the original test before production use, the team observes a 503 error coming from Google API response after a few users are created The team believes the ESB is not the cause, because it can perform 100 requests per second without any problems. What advice would you give the development team in order to avoid the issue?
A retail company has high employee turnover due to the cyclical nature in the consumer space. The increase in leaked confidential content has created the need for a specific administrative role to monitor ongoing employee security investigations. What step should you take to increase the visibility of such investigations?
The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified
as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.
What two actions should you take? (Choose two.)
Your company has an OU that contains your sales team and an OU that contains your market research team. The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties. The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.
What should you do?
"The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties" and "Constant Contact is often used as the source of these messages". Nowhere in the question did it specify that emails received via Constant Contact should be allowed for the sales OU. It only mentioned that the company uses Constant Contact for its own outgoing emails- which in this case does not affect the answer at all.
Your company has received help desk calls from users about a new interface in Gmail that they had not seen before. They determined that it was a new feature that Google released recently. In the future, you'll need time to review the new features so you can properly train employees before they see changes.
What action should you take?
Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?
Your organization has decided to enforce 2-Step Verification for a subset of users. Some of these users are now locked out of their accounts because they did not set up 2-Step Verification by the enforcement date. What corrective action should you take to allow the users to sign in again?
Your organization recently deployed Google Workspace. Your admin team has been very focused on configuring the core services for your environment, which has left you little time to pay attention to other areas. Your security team has just informed you that many users are leveraging unauthorized add-ons, and they are concerned about data exfiltration. The admin team wants you to cut off all add-ons access to Workspace data immediately and block all future add-ons until further notice. However, they approve of users leveraging their Workspace accounts to sign into third-party sites. What should you do?
Your organization recently implemented context-aware access policies for Google Drive to allow users to access Drive only from corporate managed desktops. Unfortunately, some users can still access Drive from non-corporate managed machines. What preliminary checks should you perform to find out why the Context-Aware Access policy is not working as intended? (Choose two.)
Your company has acquired a new company in Japan and wants to add all employees of the acquisition to your existing Google Workspace domain. The new company will retain its original domain for email addresses and, due to the very sensitive nature of its work, the new employees should not be visible in the global directory. However, they should be visible within each company's separate directory. What should you do to meet these requirements?
Your company (your-company.com) just acquired a new business (new-company.com) that is running their email on-premises. It is close to their peak season, so any major changes need to be postponed. However, you need to ensure that the users at the new business can receive email addressed to them using your- company.com into their on-premises email server. You need to set up an email routing policy to accomplish this.
What steps should you take?
"...If you're migrating to Gmail from a legacy server, use split delivery to test Gmail with a subset of users. During the testing, the MX records for your domain point to Gmail. Users who have been added in the Admin console get messages in their Gmail inboxes. Set up a catch-all routing rule for unregistered users who need to get messages from the legacy mail server."
In your organization, users have been provisioned with either Google Workspace Enterprise, Google Workspace Business, or no license, depending on their job duties, and the cost of user licenses is paid out of each division's budget. In order to effectively manage the license disposition, team leaders require the ability to look up the type of license that is currently assigned, along with the last logon date, for their direct reports.
You have been tasked with recommending a solution to the Director of IT, and have gathered the following requirements:
What approach should you recommend?
Your company works regularly with a partner. Your employees regularly send emails to your partner's employees. You want to ensure that the Partner contact information available to your employees will allow them to easily select Partner names and reduce sending errors.
What should you do?
Your employer, a media and entertainment company, wants to provision Google Workspace Enterprise accounts on your domain for several world-famous celebrities. Leadership is concerned with ensuring that these VIPs are afforded a high degree of privacy. Only a small group of senior employees must be able to look up contact information and initiate collaboration with the VIPs using Google Workspace services such as Docs, Chat, and Calendar.
You are responsible for configuring to meet these requirements. What should you do?
As the newly hired Admin in charge of Google Workspace, you learn that the organization has been using Google Workspace for months and has configured several security rules for accessing Google Drive. A week after you start your role, users start to complain that they cannot access Google Drive anymore from one satellite office and that they receive an error message that “a company policy is blocking access to this app.” The users have no issue with Gmail or Google Calendar. While investigating, you learn that both this office's Internet Service Provider (ISP) and the global IP address when accessing the internet were changed over the weekend. What is the most logical reason for this issue?
Your company is using Google Workspace Business Plus edition, and the security team has reported several unsuccessful attempts to sign in to your Google Workspace domain from countries where you have no local employees. The affected accounts are from several executives in the main office.
You are asked to take measures to mitigate this security risk. Although budget is not a concern, your company prefers a minimal financial outlay to fix the issue, which you are tasked with managing. Which two solutions would help you mitigate the risk at minimal cost?
Choose 2 answers
Your organization is preparing to deploy Workspace and will continue using your company’s existing identity provider for authentication and single sign-on (SSO). In order to migrate data from an external system, you were required to provision each user’s account in advance. Your IT team and select users (~5% of the organization) have been using Workspace for configuration and testing purposes. The remainder of the organization can technically access their accounts now, but the IT team wants to block their access until the migrations are complete. What should your organization do?
Your company is using Google Workspace Business Standard. The company has five meeting rooms that are all registered as resources in Google Workspace and used on a daily basis by the employees when organizing meetings. The office layout was changed last weekend, and one of the meeting rooms is now a dedicated room for management. The CEO is complaining that anyone can book the room and requested this room to be used only by the management team and their executive assistants (EAs). No one else must be allowed to book it via Google Calendar. What should you do?
A user does not follow their usual sign-in pattern and signs in from an unusual location.
What type of alert is triggered by this event?
You are a Workspace Administrator with a mix of Business Starter and Standard Licenses for your users. A Business Starter User in your domain mentions that they are running out of Drive Storage Quota. Without deleting data from Drive, what two actions can you take to alleviate the quota concerns for this user? (Choose two.)
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials.
What is your business partner required to provide in order to proceed?
Your sales team, which is organized as its own organizational unit, is prone to receiving malicious attachments. What action should you take, as an administrator, to apply an additional layer of protection in the admin console for your sales team without disrupting business operation?
Your organization is planning to remove any dependencies on Active Directory (AD) from all Cloud applications they are using You are currently using Google Cloud Directory Sync (GCDS) with on-premises AD as a source to provision user accounts in Google Workspace. Your organization is also using a software-as-a-service (SaaS) human resources information system (HRIS) that offers integration via CSV export and Open API standard.
Additional requirements for the solution include:
• It should not require a subscription to any additional third-party service.
• The process must be automated from beginning to end.
You are tasked with the design and implementation of a solution to address user provisioning with these requirements.
What solution should you implement?
You are supporting an investigation that is being conducted by your litigation team. The current default retention policy for mail is 180 days, and there are no custom mail retention policies in place. The litigation team has identified a user who is central to the investigation, and they want to investigate the mail data related to this user without the user’s awareness.
What two actions should you take? (Choose two.)
Your company recently acquired an organization that was not leveraging Google Workspace. Your company is currently using Google Cloud Directory Sync (GCDS) to sync from an LDAP directory into Google Workspace. You want to deploy a second instance of GCDS and apply the same strategy with the newly acquired organization, which also has its users in an LDAP directory. How should you change your GCDS instance to ensure that the setup is successful? (Choose two.)
GCDS can only sync from a single LDAP directory. If you have multiple LDAP directories, it is recommended that you consolidate your LDAP server data into a single directory. You need to run 2 separate GCDS instances while creating exclusion rules to prevent suspensions/deletions.
Your organization is using Password Sync to sync passwords from Active Directory to Google Workspace. A user changed their network password and cannot log in to Google Workspace with the new password. What steps should you take to troubleshoot this issue?
The network password is determined to be with AD. In this case, you must verify that password sync is installed on all domain controllers. This is the initial troubleshooting. After this troubleshooting, the logs of these connectors are taken
Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to prevent users from copying data from work to non-work apps on iOS devices?
Allow users to copy Google Workspace items to personal apps
Allows users to copy content from a Google app (such as Gmail, Drive, Docs, Sheets, Slides, Chat, and Meet) to a Google app in their personal account or a third-party app. Also allows users to drag content between Google apps, for any account.
To prevent users from copying or dragging information from their work account, or using the All inboxes feature (which combines messages from multiple Gmail accounts into one inbox), uncheck the box.
The Director of your Finance department has asked to be alerted if two financial auditors share any files outside the domain. You need to set an Admin Alert on Drive Sharing.
What should you do?
The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.
What two actions should you take? (Choose two.)
A user is reporting that external, inbound messages from known senders are repeatedly being incorrectly classified as spam. What steps should the admin take to prevent this behavior in the future?
As the Workspace Administrator, you have been asked to configure Google Cloud Directory Sync (GCDS) in order to manage Google Group memberships from an internal LDAP server. However, multiple Google Groups must have their memberships managed manually. When you run the GCDS sync, you notice that these manually managed groups are being deleted. What should you do to prevent these groups from being deleted?
Don’t delete Google Groups not found in LDAP If checked, Google Group deletions in your Google domain are disabled, even when the Groups aren't in your LDAP server.
After migrating to Google Workspace, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request.
What should you do?
The organization has conducted and completed Security Awareness Training (SAT) for all employees. As part of a new security policy, employees who did not complete the SAT have had their accounts suspended. The CTO has requested to be informed of any accounts that have been re-enabled to ensure no one is in violation of the new security policy.
What should you do?
CTO must be informed when creating the Suspended user made active—A suspended user is made active by an admin Alert. Ref: https://support.google.com/a/answer/3230421?hl=en#zippy=%2Cuser-activity-alerts
After making a recent migration to Google Workspace, you updated your Google Cloud Directory Sync configuration to synchronize the global address list. Users are now seeing duplicate contacts in their global directory in Google Workspace. You need to resolve this issue.
What should you do?
"To resolve this issue, correct your shared contact search rules to exclude users in your own domain. On the next sync, GCDS attempts to delete the redundant contacts. You might need to adjust the shared contact deletion limit for that first sync.
You are in charge of automating and configuring Google Cloud Directory Sync for your organization. Within the config manager, how can you proactively prevent applying widespread deletions within your Workspace environment if your company’s LDAP undergoes a substantial modification?
You can use limits with Google Cloud Directory Sync (GCDS) to set the maximum number of deletions permitted on each simulation or synchronization. If it reaches this limit, GCDS stops and does not sync any changes. https://support.google.com/a/answer/9520714?fl=1