Madeupcorp.com is in the process of migrating from a third-party email system to G Suite. The VP of Marketing is concerned that her team already administers the corporate AdSense, AdWords, and YouTube channels using their @madeupcorp.com email addresses, but has not tracked which users have access to which service. You need to ensure that there is no disruption.
What should you do?
- A . Run the Transfer Tool for Unmanaged users.
- B . Use a Google Form to survey the Marketing department users.
- C . Assure the VP that there is no action required to configure G Suite.
- D . Contact Google Enterprise Support to identify affected users.
A
Explanation:
Reference: https://support.google.com/a/answer/6178640?hl=en
Your company has an OU that contains your sales team and an OU that contains your market research team. The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties. The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.
What should you do?
- A . Create a blocked senders list as the Sales OU that contains the mass email sender addresses, but bypass this setting for Constant Contact emails.
- B . Create a blocked senders list at the root level, and then an approved senders list at the Market Research OU, both containing the mass email sender addresses.
- C . Create a blocked senders list at the Sales OU that contains the mass email sender addresses.
- D . Create an approved senders list at the Market Research OU that contains the mass email sender addresses.
Your organization is part of a highly regulated industry with a very high turnover. In order to recycle licenses for new employees and comply with data retention regulations, it has been determined that certain G Suite data should be stored in a separate backup environment.
How should you store data for this situation?
- A . Use routing rules to dual-deliver mail to an on-premises SMTP server and G Suite.
- B . Write a script and use G Suite APIs to access and download user data.
- C . Use a third-party tool to configure secure backup of G Suite data.
- D . Train users to use Google Takeout and store their archives locally.
Your organization is on G Suite Enterprise and allows for external sharing of Google Drive files to facilitate collaboration with other G Suite customers. Recently you have had several incidents of files and folders being broadly shared with external users and groups. Your chief security officer needs data on the scope of external sharing and ongoing alerting so that external access does not have to be disabled.
What two actions should you take to support the chief security officer’s request? (Choose two.)
- A . Review who has viewed files using the Google Drive Activity Dashboard.
- B . Create an alert from Drive Audit reports to notify of external file sharing.
- C . Review total external sharing in the Aggregate Reports section.
- D . Create a custom Dashboard for external sharing in the Security Investigation Tool.
- E . Automatically block external sharing using DLP rules.
Your organization’s Sales Department uses a generic user account (sales@company.com) to manage requests. With only one employee responsible for managing the departmental account, you are tasked with providing the department with the most efficient means to allow multiple employees various levels of access and manage requests from a common email address.
What should you do?
- A . Configure a Google Group as an email list.
- B . Delegate email access to department employees.
- C . Configure a Google Group as a collaborative inbox.
- D . Configure a Google Group, and set the Access Level to Announcement Only.
Your employer, a media and entertainment company, wants to provision G Suite Enterprise accounts on your domain for several world-famous celebrities. Leadership is concerned with ensuring that these VIPs are afforded a high degree of privacy. Only a small group of senior employees must be able to look up contact information and initiate collaboration with the VIPs using G Suite services such as Docs, Chat, and Calendar. You are responsible for configuring to meet these requirements.
What should you do?
- A . In the Users list, find the VIPs and turn off the User setting “Directory Sharing.”
- B . Create a Group for the VIPs and their handlers, and set the Group Access Level to Restricted.
- C . In Directory Settings, disable Contact Sharing.
- D . Create separate Custom Directories for the VIPs and regular employees.
Your Chief Information Security Officer is concerned about phishing. You implemented 2 Factor Authentication and forced hardware keys as a best practice to prevent such attacks. The CISO is curious as to how many such email phishing attempts you’ve avoided since putting the 2FA+Hardware Keys in place last month.
Where do you find the information your CISO is interested in seeing?
- A . Security > Advanced Security Settings > Phishing Attempts
- B . Apps > G Suite > Gmail > Phishing Attempts
- C . Security > Dashboard > Spam Filter: Phishing
- D . Reporting > Reports > Phishing
Your company has received help desk calls from users about a new interface in Gmail that they had not seen before. They determined that it was a new feature that Google released recently. In the future, you’ll need time to review the new features so you can properly train employees before they see changes.
What action should you take?
- A . Company Profile > Profile > New User Features > Enable “Scheduled Release”
- B . Apps > G Suite > Gmail > Uncheck “Enable Gmail Labs for my users”
- C . Company Profile > Profile > New User Features > Enable “Rapid Release”
- D . Device Management > Chrome > Device Settings > Stop auto-updates
Your company frequently hires from five to ten interns for short contract engagements and makes use of the same generically named G Suite accounts (e.g., user1@your-company.com, user2@yourcompany.com, user3@your-company.com). The manager of this program wants all email to these accounts routed to the manager’s mailbox account also.
What should you do?
- A . Setup address forwarding in each account’s GMail setting menu.
- B . Set up recipient address mapping in GMail Advanced Settings.
- C . Configure an Inbound Gateway route.
- D . Give the manager delegated access to the mailboxes.
C
Explanation:
Reference: https://support.google.com/a/answer/2685650?hl=en
Your company has sales offices in Madrid, Tokyo, London, and New York. The outbound email for those offices needs to include the sales person’s signature and a compliance footer. The compliance footer needs to say “Should you no longer wish to receive emails about this offer, please reply with UNSUBSCRIBE.” You are responsible for making sure that users cannot remove the footer.
What should you do?
- A . Send an email to each sales person with the instructions on how to add the footer to their Signature.
- B . Ensure that each sales team is in their own OU, and configure the Append Footer with the signature and footer content translated for each locale.
- C . Ensure that each sales team is in their own OU, and configure the Append Footer with footer content.
- D . Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.
What action should be taken to configure alerting related to phishing attacks?
- A . Set up a Token audit log event alert.
- B . Set up an Admin audit log event alert.
- C . Set up an email settings changed alert.
- D . Set up a suspicious login event alert.
D
Explanation:
Reference: https://support.google.com/a/answer/9104586?hl=en
A company using G Suite has reports of cyber criminals trying to steal usernames and passwords to access critical business data. You need to protect the highly sensitive user accounts from unauthorized access.
What should you do?
- A . Turn on password expiration.
- B . Enforce 2FA with a physical security key.
- C . Use a third-party identity provider.
- D . Enforce 2FA with Google Authenticator app.
B
Explanation:
Reference: https://support.google.com/a/answer/175197?hl=en
After migrating to G Suite, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request.
What should you do?
- A . Add the legal team to the User Management Admin system role.
- B . Add the legal team to the Google Vault Google Group.
- C . Create a custom role with Google Vault access, and add the legal team.
- D . Create a matter in Google Vault, and share with the legal team.
C
Explanation:
Reference: https://gsuite.google.com/products/vault/
Your company’s compliance officer has requested that you apply a content compliance rule that will reject all external outbound email that has any occurrence of credit card numbers and your company’s account number syntax, which is AccNo. You need to configure a content compliance rule to scan email to meet these requirements.
Which combination of attributes will meet this objective?
- A . Name the rule > select Outbound and Internal Sending > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject.
- B . Name the rule > select Outbound > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject
- C . Name the rule > select Outbound and Internal Sending > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.
- D . Name the rule > select Outbound > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.
Your company has decided to change SSO providers. Instead of authenticating into G Suite and other cloud services with an external SSO system, you will now be using Google as the Identity Provider (IDP) and SSO provider to your other third-party cloud services.
What two features are essential to reconfigure in G Suite? (Choose two.)
- A . Apps > add SAML apps to your domain.
- B . Reconfigure user provisioning via Google Cloud Directory Sync.
- C . Replace the third-party IDP verification certificate.
- D . Disable SSO with third party IDP.
- E . Enable API Permissions for Google Cloud Platform.
AC
Explanation:
Reference: https://support.google.com/a/answer/60224?hl=en
On which two platforms can you push WiFi connection information with G Suite? (Choose two.)
- A . Mac OS
- B . Windows
- C . Chrome OS
- D . iOS
- E . Linux
CD
Explanation:
Reference: https://support.google.com/a/answer/2634553?hl=en
Your-company.com recently bought 2500 Chrome devices and wants to distribute them to various teams globally. You decided that enterprise enrollment would be the best way to enforce company policies for managed Chrome devices. You discovered that Chrome devices currently end up in the top-level organization unit, and this needs to change to the organizational unit of the device administrator.
What should you do?
- A . Change Enrollment Permissions to only allow users in this organization to re-enroll existing devices.
- B . Change Enrollment Controls to Place Chrome device in user organization.
- C . Change Enrollment Controls to Keep Chrome device in current location.
- D . Change Enrolment Permissions to not allow users in this organization to enroll new devices.
A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.
You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user’s busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.
What two actions should be taken on this call with the user? (Choose two.)
- A . Ask the user to send an email to you so you can check the headers.
- B . Record a HAR file of the user composing a new email.
- C . Take screenshots of the user’s screen when composing an email.
- D . Use the Email log search in the Admin panel.
- E . Check the Users > App Users Activity report.
Your company recently migrated to G Suite and wants to deploy a commonly used third-party app to all of finance. Your OU structure in G Suite is broken down by department. You need to ensure that the correct users get this app.
What should you do?
- A . For the Finance OU, enable the third-party app in SAML apps.
- B . For the Finance OU, enable the third-party app in Marketplace Apps.
- C . At the root level, disable the third-party app. For the Finance OU, allow users to install any application from the G Suite Marketplace.
- D . At the root level, disable the third-party app. For the Finance OU, allow users to install only whitelisted apps from the G Suite Marketplace.
B
Explanation:
Reference: https://support.google.com/a/answer/6089179?hl=en
The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.
What two actions should you take? (Choose two.)
- A . Obtain the message header and analyze using G Suite Toolbox.
- B . Review the contents of the messages in Google Vault.
- C . Set up a Gmail routing rule to whitelist the sender.
- D . Conduct an Email log search to trace the message route.
- E . Validate that your domain is not on the Spamhaus blacklist.
Security and Compliance has identified that data is being leaked through a third-party application connected to G Suiteю You want to investigate using an audit log.
What log should you use?
- A . Admin audit log
- B . SAML audit log
- C . Drive usage audit log
- D . OAuth Token audit log
D
Explanation:
Reference: https://support.google.com/a/answer/6124308?hl=en
Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using G Suite.
What should you do?
- A . Enable additional security verification via email.
- B . Enable authentication via the Google Authenticator.
- C . Deploy browser or device certificates via G Suite.
- D . Configure USB Yubikeys for all users.
A company wants to distribute iOS devices to only the employees in the Sales OU.
They want to be able to do the following on these devices:
– Control password policies.
– Make corporate apps available to the users.
– Remotely wipe the device if it’s lost or compromised
What two steps are required before configuring the device policies? (Choose two.)
- A . Turn on Advanced Mobile Management for the domain.
- B . Turn on Advanced Mobile Management for Sales OU
- C . Set up Device Approvals.
- D . Set up an Apple Push Certificate.
- E . Deploy Apple Certificate to every device.
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in G Suite Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?
- A . Install Google Cloud Directory Sync on all Domain Controllers.
- B . Install G Suite Sync for Microsoft Outlook on all employees’ computers.
- C . Install Google Cloud Directory Sync on a supported server.
- D . Install Google Apps Manager to automate add-user scripts.
A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.
Where should you enable this in the Chrome management settings?
- A . Randomly scatter auto-updates.
- B . Update over cellular.
- C . Disable Auto update.
- D . Throttle the bandwidth.
A
Explanation:
Reference: https://support.google.com/chrome/a/answer/3168106?hl=en