Google Associate Google Workspace Administrator Exam Practice Test Instant Access

Question 1

An employee is leaving your company and has numerous files stored in My Drive. Their manager wants to retain access to these files. You need to offboard the departing employee's Google Workspace account while ensuring that the manager can still access the files while following Google-recommended practices. What should you do?

AUse Google Vault to establish a retention policy for the organizational unit (OU) of the departing employee. Assign the Google Archived User license.

BInstruct the departing employee to share their My Drive folder with the manager before leaving. Delete the Google Workspace account on the departing employee's last day.

CDownload the departing employee's Drive data by using Google Takeout. Upload the data to the manager's Drive before deleting the departing employee's Google Workspace account.

DTransfer ownership of the departing employee's files to the manager during the user deletion process.

Answer : D

Transferring ownership of the departing employee's files to the manager ensures that the manager retains access to all the files, including those stored in My Drive, without requiring additional steps like downloading or sharing files. This method follows Google-recommended practices and ensures that the files remain under proper management even after the employee's account is deleted. This process can be done efficiently during the offboarding process to ensure continuity of access.

Question 2

Your organization allows employees to use their personal devices for work purposes. You want to ensure these devices follow the company's security policies. You need to choose a mobile management solution that provides minimal passcode enforcement and allows for an admin to remotely wipe a user's account from the device. You also want to avoid having to install agents on employees' personal devices. What should you do?

AImplement Google's advanced management on mobile devices.

BImplement Google's basic management on mobile devices.

CEnforce a strong password policy, and enforce the password policy at the next sign-in.

DDeploy a third-party mobile device management (MDM) solution.

Answer : B

Google's basic management for mobile devices allows administrators to enforce minimal security policies, such as passcode enforcement, without requiring the installation of any agents on employees' personal devices. This solution also allows for remotely wiping a user's account from the device if needed, ensuring data security while maintaining a less intrusive management approach for personal devices.

Question 3

Your company's legal department has issued a litigation hold that requires you to preserve all data related to a specific project. You need to ensure that all data for this project, including emails, documents, and chats, are preserved indefinitely and cannot be deleted by users. What should you do?

ACreate a hold in Google Vault that includes all users and data sources associated with the project.

BAssign an Archived User license to all users involved in the project.

CSet up a retention rule in Google Vault that retains all data from Gmail and Drive indefinitely.

DExport all project related data from Google Workspace and store the data in a separate, secure location.

Answer : A

To preserve all data related to the project, including emails, documents, and chats, and to prevent it from being deleted by users, you should create a hold in Google Vault. A hold ensures that data is preserved indefinitely, regardless of user actions, and applies to the users and data sources (such as Gmail, Drive, and Chats) associated with the project. This is the most efficient and compliant way to meet the litigation hold requirements.

Question 4

Your company is transitioning to Google Workspace from legacy communication and collaboration applications. User accounts are managed in Active Directory and synced to Google Workspace by using Google Cloud Directory Sync (GCDS). Your company is implementing a new security policy for all accounts that requires complex passwords. Passwords must be at least 20 characters long, contain 3 symbols, 4 numbers, and 2 capital letters.

You need to enforce the new password policy in Google Workspace. What should you do?

AShare the instructions for changing a Google account password with your users. Monitor password strength in the Google Admin console as users change their passwords.

BEnable strong password enforcement and require a minimum length of 20 characters at the top-level organizational unit.

CCreate a password policy in Active Directory. Install Password Sync on the global catalog servers for Active Directory and require a password change for your users.

DCreate a password policy in Active Directory. Enable password synchronization in GCDS.

Answer : D

Since user accounts are managed in Active Directory (AD) and synced to Google Workspace via Google Cloud Directory Sync (GCDS), the best approach to enforce the new password policy is to create the password policy within Active Directory and then enable password synchronization in GCDS. This ensures that the complex password requirements are enforced within AD, and when passwords are updated, they will be synchronized with Google Workspace, maintaining consistency across both systems.

Question 5

Your organization wants to prevent a group of users from logging into their Google Drive when they are traveling internationally for business.

You have added these users to an organizational unit (OU). You need to secure the users' access to the Google Drive app to meet this requirement.

What should you do?

ADisable Google Drive for users in the OU.

BDefine location-based access levels. Assign the levels to the Google Drive app for the OU.

CRequire 2-step verification (2SV) when users in the OU sign in.

DDefine user-based access levels. Assign the levels to the Google Drive app for the OU.

Answer : B

To restrict access to Google Drive for users when they are traveling internationally, you can define location-based access levels. By assigning these levels to the Google Drive app for the specific organizational unit (OU), you can control access based on the geographical location of the user. This ensures that users will only be able to access Google Drive from approved locations, effectively preventing access when they are traveling internationally for business.

Question 6

Your company's security team has requested two requirements to secure employees' mobile devices-enforcement of a passcode and remote account wipe functionality. The security team does not want an agent to be installed on the mobile devices or to purchase additional licenses. Employees have a mix of iOS and Android devices. You need to ensure that these requirements are met. What should you do?

AImplement a third-party enterprise mobility management (EMM) provider.

BSet up advanced mobile management for iOS devices and basic mobile management for Android devices.

CSet up basic management for both iOS and Android devices.

DSet up advanced management for both iOS and Android devices.

Answer : D

Advanced mobile management in Google Workspace provides the necessary features for securing mobile devices without the need for third-party apps or additional licenses. This includes enforcing passcodes and enabling remote account wipe functionality for both iOS and Android devices. Advanced management ensures that both security requirements are met while keeping the setup efficient and within the organization's existing licenses.

Question 7

You've received multiple reports about a suspicious email from someone who is pretending to be from your organization's human resources department. The email is prompting employees to click a link for a password update. You want to remediate this sender's emails. What should you do?

AUse the security investigation tool to search for users who received the suspicious email, and select Mark message as phishing.

BUse the security investigation tool to action the suspicious email and select Mark message as spam.

CCreate an activity rule to alert administrators to similar emails from that sender.

DNotify all employees and request that they report this email as spam.

Answer : A

The security investigation tool allows you to search for and take action on suspicious emails within your organization. Marking the email as phishing helps to flag the email as malicious and prevents further emails from the same sender from being delivered to users' inboxes. This also ensures that the email is properly categorized for review and investigation by your security team.