Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Google
  5. GOOGLE-WORKSPACE-ADMINISTRATOR

Free Google GOOGLE-WORKSPACE-ADMINISTRATOR Exam Braindumps (page: 7)

Page 7 of 51
PDF with 199 Questions

Security and Compliance has identified that data is being leaked through a third-party application connected to Google Workspace. You want to investigate using an audit log.

What log should you use?

  1. Admin audit log
  2. SAML audit log
  3. Drive usage audit log
  4. OAuth Token audit log

Answer(s): D

Explanation:

Admin Console: Log into the Google Admin console at admin.google.com. Security Settings: Navigate to Security > Access and Data Control > API controls.
Audit Log:
Click on "OAuth Token Audit Log".
Review the log entries for any suspicious third-party applications that have access to your Google Workspace data.
Investigate:
Identify and investigate any suspicious activities or applications listed in the audit log. Revoke access to any untrusted third-party applications.


Reference:

Google Workspace Admin: View OAuth Token audit log



Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using Google Workspace.

What should you do?

  1. Enable additional security verification via email.
  2. Enable authentication via the Google Authenticator.
  3. Deploy browser or device certificates via Google Workspace.
  4. Configure USB Yubikeys for all users.

Answer(s): B

Explanation:

2-Step Verification (2SV):
2-Step Verification adds an extra layer of security by requiring users to verify their identity using a second factor in addition to their password. This helps protect against unauthorized access, even if the password is compromised.
Google Authenticator:
Google Authenticator is a mobile app that generates time-based one-time passcodes (TOTP) for 2SV. It works even when the device is offline, providing a secure and reliable second factor for authentication.
Implementation Steps:
Enable 2-Step Verification:
Go to the Google Admin console (admin.google.com).
Navigate to Security > Authentication > 2-Step Verification.
Turn on 2-Step Verification for the organization.
Deploy Google Authenticator:
Instruct users to download the Google Authenticator app from their respective app stores (iOS or Android).
Provide guidance on setting up Google Authenticator with their Google Workspace accounts. Users will scan a QR code provided during the setup process to link their account with the Authenticator app.

Advantages of Google Authenticator:
Security: It provides a highly secure method of 2-step verification as the codes are generated on the user's device and change every 30 seconds.
Ease of Use: It's easy to set up and use, with a straightforward user interface. Offline Functionality: Codes can be generated even without internet access, ensuring consistent access to 2SV codes.
Why Other Options Are Less Suitable:
A . Enable additional security verification via email:
Email-based verification is less secure than app-based 2SV because email accounts can be more easily compromised.
C . Deploy browser or device certificates via Google Workspace:
While device certificates add security, they are typically used for device management and access control rather than for 2-step verification purposes.
D . Configure USB Yubikeys for all users:
USB Yubikeys are highly secure and suitable for 2SV, but they require physical distribution and management of hardware tokens, which can be logistically complex and costly. Given the context of disabled peripheral access, this option might contradict the policy of the Chief Information Security Officer.


Reference:

Google Workspace Admin Help: Set up 2-Step Verification Google Workspace Security: 2-Step Verification



A company wants to distribute iOS devices to only the employees in the Sales OU. They want to be able to do the following on these devices:

Control password policies.
Make corporate apps available to the users.
Remotely wipe the device if it's lost or compromised

What two steps are required before configuring the device policies? (Choose two.)

  1. Turn on Advanced Mobile Management for the domain.
  2. Turn on Advanced Mobile Management for Sales OU
  3. Set up Device Approvals.
  4. Set up an Apple Push Certificate.
  5. Deploy Apple Certificate to every device.

Answer(s): B,D

Explanation:

Admin Console: Log into the Google Admin console at admin.google.com.
Enable Advanced Mobile Management for Sales OU:
Navigate to Devices > Mobile & endpoints > Settings.
Select the Sales OU and turn on Advanced Mobile Management.

Set Up an Apple Push Certificate:
Go to Devices > Mobile & endpoints > Apple certificates. Follow the instructions to obtain and upload an Apple Push Certificate.
Device Policies:
After setting up the Apple Push Certificate, configure the desired device policies such as password policies, app distribution, and remote wipe capabilities.


Reference:

Google Workspace Admin: Set up advanced mobile management Google Workspace Admin: Set up an Apple Push Certificate



Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts.
When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.

What should you do?

  1. Install Google Cloud Directory Sync on all Domain Controllers.
  2. Install Google Workspace Sync for Microsoft Outlook on all employees' computers.
  3. Install Google Cloud Directory Sync on a supported server.
  4. Install Google Apps Manager to automate add-user scripts.

Answer(s): C

Explanation:

Prepare Environment: Ensure you have a supported server to install Google Cloud Directory Sync (GCDS).
Download GCDS:
Download Google Cloud Directory Sync from the Google Workspace Downloads page.
Install GCDS:
Follow the installation instructions provided by Google to install GCDS on the server.
Configuration:
Configure GCDS to synchronize user data from Active Directory to Google Workspace.

Set up synchronization rules and schedules to ensure that user data is kept up to date automatically.
Testing and Deployment:
Test the synchronization to ensure that new user accounts are created accurately in Google Workspace.
Deploy GCDS in the production environment after successful testing.


Reference:

Google Workspace Admin: About Google Cloud Directory Sync Google Workspace Admin: Install and Set Up GCDS



Viewing page 7 of 51
Viewing questions 25 - 28 out of 199 questions



Post your Comments and Discuss Google GOOGLE-WORKSPACE-ADMINISTRATOR exam prep with other Community members:

GOOGLE-WORKSPACE-ADMINISTRATOR Exam Discussions & Posts