Verified Google Workspace Administrator Exam Dumps Questions: Good Way to Pass Professional Google Workspace Administrator Exam

Eleanor2023-02-09T08:51:39+00:00

ITPrepare offers the most convenient and economical way to help you pass the Professional Google Workspace Administrator exam. We have updated the Google Workspace Administrator exam dumps, and all the questions and answers in the dumps have been verified by the successful candidates and professional team. The best thing is that one can easily download the dumps pdf where ever they want. You can download the pdf file on a PC, laptop, MacBook, or any other device from where one can easily go through the Google Workspace Administrator exam dumps without wasting time. The Google Workspace Administrator dumps questions of ITPrepare help to get success in the Professional Google Workspace Administrator exam.

Free Google Workspace Administrator Demo Questions Below For Learning

Page 1 of 4

1. Your company recently migrated to Google Workspace and wants to deploy a commonly used third-party app to all of finance. Your OU structure in Google Workspace is broken down by department. You need to ensure that the correct users get this app.

What should you do?

For the Finance OU, enable the third-party app in SAML apps.

For the Finance OU, enable the third-party app in Marketplace Apps.

At the root level, disable the third-party app. For the Finance OU, allow users to install any application from the Google Workspace Marketplace.

At the root level, disable the third-party app. For the Finance OU, allow users to install only whitelisted apps from the Google Workspace Marketplace.

2. 1.Your organization is on Google Workspace Enterprise and allows for external sharing of Google Drive files to facilitate collaboration with other Google Workspace customers. Recently you have had several incidents of files and folders being broadly shared with external users and groups. Your chief security officer needs data on the scope of external sharing and ongoing alerting so that external access does not have to be disabled.

What two actions should you take to support the chief security officer's request? (Choose two.)

Review who has viewed files using the Google Drive Activity Dashboard.

Create an alert from Drive Audit reports to notify of external file sharing.

Review total external sharing in the Aggregate Reports section.

Create a custom Dashboard for external sharing in the Security Investigation Tool.

Automatically block external sharing using DLP rules.

3. Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider. You are responsible for configuring to meet this request.

What should you do?

Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Encrypt message if not encrypted”.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.

Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Change route” to send to your third-party encryption provider to encrypt.

4. You are using Google Cloud Directory Sync to manage users. You performed an initial sync of nearly 1,000 mailing lists to Google Groups with Google Cloud Directory Sync and now are planning to manage groups directly from Google. Over half the groups have been configured with incorrect settings, including who can post, who can join, and which groups can have external members. You need to update groups to be configured correctly.

What should you do?

Use the bulk upload with CSV feature in the Google Workspace Admin panel to update all Groups.

Update your configuration file and resync mailing lists with Google Cloud Directory Sync.

Create and assign a custom admin role for all group owners so they can update settings.

Use the Groups Settings API to update Google Groups with desired settings.

5. Your company is using Google Workspace Enterprise Plus, and the Human Resources (HR) department is asking for access to Work Insights to analyze adoption of Google Workspace for all company employees. You assigned a custom role with the work Insights permission set as “view data for all teams” to the HR group, but it is reporting an error when accessing the application.

What should you do?

Allocate the “view data for all teams” permission to all employees of the company.

Confirm that the Work Insights app is turned ON for all employees.

Confirm in Security > API controls > App Access Controls that Work Insights API is set to “unrestricted.”

Confirm in Reports > BigQuery Export that the job is enabled.

6. As the Workspace Administrator, you have been asked to configure Google Cloud Directory Sync (GCDS) in order to manage Google Group memberships from an internal LDAP server. However, multiple Google Groups must have their memberships managed manually. When you run the GCDS sync, you notice that these manually managed groups are being deleted.

What should you do to prevent these groups from being deleted?

In the GCDS configuration manager, update the group deletion policy setting to “don't delete Google groups not found in LDA

”

Use the Directory API to check and update the group’s membership after the GCDS sync is completed.

Confirm that the base DN for the group email address attribute matches the base DN for the user email address attribute.

In the user attribute settings of the GCDS configuration manager options, set the Google domain users deletion/suspension policy to “delete only active Google domain users not found in LDA

”

7. Your organization recently deployed Google Workspace. Your admin team has been very focused on configuring the core services for your environment, which has left you little time to pay attention to other areas. Your security team has just informed you that many users are leveraging unauthorized add-ons, and they are concerned about data exfiltration. The admin team wants you to cut off all add-ons access to Workspace data immediately and block all future add-ons until further notice. However, they approve of users leveraging their Workspace accounts to sign into third-party sites.

What should you do?

Modify your Marketplace Settings to block users from installing any app from the Marketplace.

Set all API services to “restricted access” and ensure that all connected apps have limited access.

Remove all client IDs and scopes from the list of domain-wide delegation API clients.

Block each connected app's access.

8. Your Chief Information Security Officer is concerned about phishing. You implemented 2 Factor Authentication and forced hardware keys as a best practice to prevent such attacks. The CISO is curious as to how many such email phishing attempts you've avoided since putting the 2FA+Hardware Keys in place last month.

Where do you find the information your CISO is interested in seeing?

Security > Advanced Security Settings > Phishing Attempts

Apps > Google Workspace > Gmail > Phishing Attempts

Security > Dashboard > Spam Filter: Phishing

Reporting > Reports > Phishing

9. Your client is a multinational company with a single email domain. The client has compliance requirements and policies that vary by country. You need to configure the environment so that each country has their own administrator and no administrator can manage another country.

What should you do?

Establish a new Google Workspace tenant with their own admin for each region.

Create an OU for each country. Create an admin role and assign an admin with that role per O

Create Admin Alerts, and use the Security Center to audit whether admins manage countries other than their own.

Create a Team Drive per OU, and allow only country-specific administration of each folder.

10. You are the Workspace administrator for an international organization with Enterprise Plus Workspace licensing. A third of your employees are located in the United States, another third in Europe, and the other third geographically dispersed around the world. European employees are required to have their data stored in Europe. The current OU structure for your organization is organized by business unit, with no attention to user location.

How do you configure Workspace for the fastest end user experience while also ensuring that European user data is contained in Europe?

Configure a data region at the top level OU of your organization, and set the value to “Europe”.

Add three additional OU structures to designate location within the current OU structure. Assign the corresponding data region to each.

Configure a configuration group for European users, and set the data region to “Europe”.

Configure three configuration groups within your domain. Assign the appropriate data regions to each corresponding group, but assign no preference to the users outside of the United States and Europe.

Page 2 of 4

11. Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.

What should you do?

Install Google Cloud Directory Sync on all Domain Controllers.

Install Google Workspace Sync for Microsoft Outlook on all employees’ computers.

Install Google Cloud Directory Sync on a supported server.

Install Google Apps Manager to automate add-user scripts.

12. Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.

What should you do?

Change Enrollment Permissions to only allow users in this organization to re-enroll existing devices.

Change Enrollment Controls to Place Chrome device in user organization.

Change Enrollment Controls to Keep Chrome device in current location.

Change Enrolment Permissions to not allow users in this organization to enroll new devices.

13. Your company works regularly with a partner. Your employees regularly send emails to your partner's employees. You want to ensure that the Partner contact information available to your employees will allow them to easily select Partner names and reduce sending errors.

What should you do?

Educate users on creating personal contacts for the Partner Employees.

Add a secondary domain for the Partner Company and create user entries for each Partner user.

Create shared contacts in the Directory using the Directory AP

Create shared contacts in the Directory using the Domain Shared Contacts AP

14. The company's ten most senior executives are to have their offices outfitted with dedicated, standardized video conference cameras, microphones, and screens. The goal is to reduce the amount of technical support they require due to frequent, habitual switching between various mobile and PC devices throughout their busy days. You must ensure that it is easier for the executives to join Meet video conferences with the dedicated equipment instead of whatever device they happen to have available.

What should you do?

Set up unmanaged Chromeboxes and set the executives’ homepage to meet.google.com via Chrome settings.

Set up the executive offices as reservable Calendar Resources, deploy Hangouts Meet Hardware Kits, and associate the Meet hardware with the room calendars.

Deploy Hangouts Meet Hardware Kits to each executive office, and associate the Meet hardware with the executives’ calendars.

Provision managed Chromeboxes and set the executives’ Chrome homepage to meet. google.com via device policy.

15. Your-company.com finance departments want to create an internal application that needs to read data from spreadsheets. As the collaboration engineer, you suggest using App Maker. The Finance team is concerned about data security when creating applications with App Maker.

What security measures should you implement to secure data?

Use Roles, Script, and Owner access permissions for operations on records and data relations.

Enable App Maker access only for the Finance department Organization Unit.

Use a service account with limited permissions to access each data source.

Change owner access permissions to allow internal usage only.

16. You act as the Google Workspace Administrator for a company that has just acquired another organization. The acquired company will be migrated into your Workspace environment in 6 months. Management has asked you to ensure that the Google Workspace users you currently manage can efficiently access rich contact information in Workspace for all users. This needs to occur before the migration, and optimally without additional expenditure.

What step do you take to populate contact information for all users?

Bulk-upload the contact information for these users via CSV into the Google Directory.

Use the Domain Shared Contacts API to upload contact information for the acquired company's users.

Provision and license Google Workspace accounts for the acquired company's users because they will need accounts in the future.

Prepare an uploadable file to be distributed to your end users that allows them to add the acquired company’s user contact information to their personal contacts.

17. With the help of a partner, you deployed Google Workspace last year and have seen the rapid pace of innovation and development within the platform. Your CIO has requested that you develop a method of staying up-to-date on all things Google Workspace so that you can be prepared to take advantage of new features and ensure that your organization gets the most out of the platform.

What should you do?

Develop a cadence of regular roadmap and business reviews with your partner.

Regularly scan the admin console and keep track of any new features you identify.

Create a Feature Release alert in the Alert Center to be alerted to new functionality.

Put half of your organization on the Rapid Release Schedule to highlight differences.

18. Your company's Chief Information Security Officer has made a new policy where third-party apps should not have OAuth permissions to Google Drive. You need to reconfigure current settings to adhere to this policy.

What should you do?

Access the Security Menu> API Reference > disable all API Access.

Access the Security Menu > API Permissions > choose Drive and Disable All Access.

Access the Security Menu > API Permissions > choose Drive and Disable High Risk Access.

Access Apps > Google Workspace > Drive and Docs > Sharing Settings and disable sharing outside of your domain

19. You are in charge of automating and configuring Google Cloud Directory Sync for your organization. Within the config manager, how can you proactively prevent applying widespread deletions within your Workspace environment if your company’s LDAP undergoes a substantial modification?

Manually run Google Cloud Directory Sync only after performing a simulated sync.

Specify the minimum and maximum number of objects to synchronize in each configuration item.

Configure the tool to delete users only when run from the config manager.

Configure limits for the maximum number of deletions on each synchronization.

20. What action should be taken to configure alerting related to phishing attacks?

Set up a Token audit log event alert.

Set up an Admin audit log event alert.

Set up an email settings changed alert.

Set up a suspicious login event alert.

Page 3 of 4

21. A disgruntled employee has left your company and deleted all their email messages and files in Google Drive. The security team is aware that some intellectual property may have surfaced on a public social media site.

What is the first step to start an investigation into this leak?

Delete the user's account in the Admin Console.

Transfer data between end user Workspace accounts.

Instruct a Google Vault admin to create a matter, and place all the user data on ‘hold.’

Use Google Vault to export all the user data and share among the security team.

22. Your company’s compliance officer has requested that you apply a content compliance rule that will reject all external outbound email that has any occurrence of credit card numbers and your company’s account number syntax, which is AccNo. You need to configure a content compliance rule to scan email to meet these requirements.

Which combination of attributes will meet this objective?

Name the rule > select Outbound and Internal Sending > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject.

Name the rule > select Outbound > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject

Name the rule > select Outbound and Internal Sending > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.

Name the rule > select Outbound > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.

23. A retail company has high employee turnover due to the cyclical nature in the consumer space. The increase in leaked confidential content has created the need for a specific administrative role to monitor ongoing employee security investigations.

What step should you take to increase the visibility of such investigations?

Assign the ‘Services Admin’ role to an administrator with ‘Super Admin’ privileges.

Create a ‘Custom Role’ and add all the Google Vault privileges for a new administrator.

Validate that the new administrator has access to Google Vault.

Create a ‘Custom Role’ and add the ability to manage Google Vault matters, holds, searches, and exports.

24. Your organization is using Password Sync to sync passwords from Active Directory to Google Workspace. A user changed their network password and cannot log in to Google Workspace with the new password.

What steps should you take to troubleshoot this issue?

Reinstall Password Sync on all domain controllers.

Reauthorize the Password Sync tool in the Google Workspace Admin Console.

Confirm that the Password Sync service is running on all domain controllers.

Reset the user's password in Active Directory.

25. As the Workspace Administrator, you have been asked to delete a temporary Google Workspace user account in the marketing department. This user has created Drive documents in My Documents that the marketing manager wants to keep after the user is gone and removed from Workspace. The data should be visible only to the marketing manager. As the Workspace Administrator, what should you do to preserve this user's Drive data?

In the user deletion process, select “Transfer” in the data in other apps section and add the manager's email address.

Use Google Vault to set a retention period on the OU where the users reside.

Before deleting the user, add the user to the marketing shared drive as a contributor and move the documents into the new location.

Ask the user to create a folder under MyDrive, move the documents to be shared, and then share that folder with the marketing team manager.

26. Your Finance team has to share quarterly financial reports in Sheets with an external auditor. The external company is not a Workspace customer and allows employees to access public sites such as Gmail and Facebook.

How can you provide the ability to securely share content to collaborators that do not have a Google Workspace or consumer (Gmail) account?

Allow external sharing with the auditor using the ‘Trusted Domains’ feature.

Enable the ‘Visitor Sharing’ feature, and demonstrate it to the Finance team.

Use the ‘Publish’ feature in the Sheets editor to share the contents externally.

Attach the Sheet file to an email message, and send to the external auditor.

27. A recent legal investigation requires all emails and Google Drive documents from a specific user to be retrieved. As the administrator, how can you fulfill the legal team's request?

Use Security Investigation Tool to Search Google Drive events for all of the user's documents, and use Google Admin > Reports > Email Log Search to find their emails.

Search Google Drive for all of the user’s documents, and ask them to forward all of their emails.

Use the Gmail API and Google Drive API to automatically collect and export data.

Utilize Google Vault to hold, search, and export data of interest.

28. The executive team for your company has an extended retention policy of two years in place so that they have access to email for a longer period of time. Your COO has found this useful in the past but when they went to find an email from last year to prove details of a contract in dispute, they were unable to find it. itis no longer in the Trash. They have requested that you recover it.

What should you do?

Using Vault, perform a search for the email and export the content to a standard format to provide for investigation.

Using the Message ID, contact Google Google Workspace support to recover the email, then import with Google Workspace Migration for Microsoft Outlook.

Using the Vault Audit log, perform a search for the email, export the results. then import with Google Workspace Migration for Microsoft Outlook.

29. As the newly hired Admin in charge of Google Workspace, you learn that the organization has been using Google Workspace for months and has configured several security rules for accessing Google Drive. A week after you start your role, users start to complain that they cannot access Google Drive anymore from one satellite office and that they receive an error message that “a company policy is blocking access to this app.” The users have no issue with Gmail or Google Calendar. While investigating, you learn that both this office's Internet Service Provider (ISP) and the global IP address when accessing the internet were changed over the weekend.

What is the most logical reason for this issue?

An access level was defined based on the IP range and applied to Google Drive via Context-Aware Access.

Under Drive and Docs > Sharing Settings, the “Whitelisted domains” list needs to be updated to add the new ISP domain.

The Network Mask defined in Security > Settings > SSO with 3rd Party IdPs should be updated to reflect the new IP range.

You need to raise a ticket to Google Cloud Support to have your new IP ranges registered for Drive API access.

30. Your organization syncs directory data from Active Directory to Google Workspace via Google Cloud Directory Sync. Users and Groups are updated from Active Directory on an hourly basis. A user's last name and primary email address have to be changed. You need to update the user’s data.

What two actions should you take? (Choose two.)

Add the user's old email address to their account in the Google Workspace Admin panel.

Change the user's primary email address in the Google Workspace Admin panel.

Change the user's last name in the Google Workspace Admin panel.

Change the user's primary email in Active Directory.

Change the user's last name in Active Directory.

Page 4 of 4

31. Security and Compliance has identified secure third-party applications that should have access to Google Workspace data. You need to restrict third-party access to only approved applications

What two actions should you take? (Choose two.)

Whitelist Trusted Apps

Disable the Drive SDK

Restrict API scopes

Disable add-ons for Gmail

Whitelist Google Workspace Marketplace apps

32. Your company has acquired a new company in Japan and wants to add all employees of the acquisition to your existing Google Workspace domain. The new company will retain its original domain for email addresses and, due to the very sensitive nature of its work, the new employees should not be visible in the global directory. However, they should be visible within each company's separate directory.

What should you do to meet these requirements?

Create a new Google Workspace domain isolated from the existing one, and create users in the new domain instead.

Under Directory Settings > Contact sharing, disable the contact sharing option and wait for 24 hours to allow the settings to propagate before creating the new employee accounts.

Redesign your OU organization to have 2 child OUs for each company directly under the root. In Directory Settings > Visibility Settings, define custom directories for each company, and set up Visibility according to the O

Create one dynamic group for each company based on a custom attribute defining the company. In Directory Settings > Visibility Settings, define custom directories for each company, and set up Visibility according to the dynamic group.

33. Your company has sales offices in Madrid, Tokyo, London, and New York. The outbound

email for those offices needs to include the sales person's signature and a compliance footer. The compliance footer needs to say “Should you no longer wish to receive emails about this offer, please reply with UNSUBSCRIBE.” You are responsible for making sure that users cannot remove the footer.

What should you do?

Send an email to each sales person with the instructions on how to add the footer to their Signature.

Ensure that each sales team is in their own OU, and configure the Append Footer with the signature and footer content translated for each locale.

Ensure that each sales team is in their own OU, and configure the Append Footer with footer content.

Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.

34. A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.

You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user's busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.

What two actions should be taken on this call with the user? (Choose two.)

Ask the user to send an email to you so you can check the headers.

Record a HAR file of the user composing a new email.

Take screenshots of the user’s screen when composing an email.

Use the Email log search in the Admin panel.

Check the Users > App Users Activity report.

35. Your organization is preparing to deploy Workspace and will continue using your company’s existing identity provider for authentication and single sign-on (SSO). In order to migrate data from an external system, you were required to provision each user’s account in advance. Your IT team and select users (~5% of the organization) have been using Workspace for configuration and testing purposes. The remainder of the organization can technically access their accounts now, but the IT team wants to block their access until the migrations are complete.

What should your organization do?

Remove Google Workspace license to prevent users from accessing their accounts now.

Suspend users that the organization does not wish to have access.

Add the users to the OU with all services disabled.

Use Context-Aware Access to simultaneously block access to all services for all users and allow access to all services for the allowed users.

36. How can you monitor increases in user reported Spam as identified by Google?

Review post-delivery activity in the Email logs.

Review user-reported spam in the Investigation Tool.

Review spike in user-reported spam in the Alert center.

Review post-delivery activity in the BigQuery Export.

37. On which two platforms can you push WiFi connection information with Google Workspace? (Choose two.)

Mac OS

Windows

Chrome OS

iOS

Linux

38. The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain.

You have been tasked with troubleshooting the issue.

What two actions should you take? (Choose two.)

Obtain the message header and analyze using Google Workspace Toolbox.

Review the contents of the messages in Google Vault.

Set up a Gmail routing rule to whitelist the sender.

Conduct an Email log search to trace the message route.

Validate that your domain is not on the Spamhaus blacklist.

39. The organization has conducted and completed Security Awareness Training (SAT) for all employees. As part of a new security policy, employees who did not complete the SAT have had their accounts suspended. The CTO has requested to be informed of any accounts that have been re-enabled to ensure no one is in violation of the new security policy.

What should you do?

Enable “Suspicious login” rule - Other Recipients: CTO

Enable “Suspended user made active” rule - Other Recipients: CTO

Enable “Email settings changed” rule - -Other Recipients: CTO

Enable “Suspended user made active” rule and select “Deliver to” Super Administrator(s)

40. The CEO of your company heard about new security and collaboration features and wants to know how to stay up to date. You are responsible for testing and staying up to date with new features, and have been asked to prepare a presentation for management.

What should you do?

Download the Google Workspace roadmap, and work together with a deployment specialist for new features.

Create a support ticket for the Google Workspace roadmap, and ask to enable the latest release of Google Workspace.

Subscribe to the Google Workspace release calendar, and Join the Google Cloud Connect Community.

Change Google Workspace release track to: Rapid Release for faster access to new features.

Verified Google Workspace Administrator Exam Dumps Questions: Good Way to Pass Professional Google Workspace Administrator Exam