Google Professional Google Workspace Administrator Exam Questions

Question 6 of 151

Your organization has enabled spoofing protection against unauthenticated domains. You are receiving complaints that email from multiple partners is not being received. While investigating this issue, you find that emails are all being sent to quarantine due to the configured safety setting. What should be the next step to allow uses to review these emails and reduce the internal complaints while keeping your environment secure?

Add your partner domains IPs to the Inbound Gateway setting.

Change the spoofing protection to deliver the emails to spam instead of quarantining them.

Add your partner sending IP addresses to an allowlist.

Change the spoofing protection to deliver the emails to inboxes with a custom warning instead of quarantining them.

Correct Answer: B

Changing the spoofing protection to deliver the emails to spam instead of quarantining them allows users to review the emails more easily. Quarantining emails makes it challenging for users to access and determine whether the messages are legitimate or not. Delivering to spam still provides a level of protection by flagging the messages as potentially harmful, but it allows users to quickly check their spam folder and move legitimate emails to their inbox if necessary. This reduces internal complaints while maintaining security.

Question 7 of 151

As the Workspace Administrator, you have been asked to delete a temporary Google Workspace user account in the marketing department. This user has created Drive documents in My Documents that the marketing manager wants to keep after the user is gone and removed from Workspace. The data should be visible only to the marketing manager. As the Workspace Administrator, what should you do to preserve this user's Drive data?

In the user deletion process, select “Transfer” in the data in other apps section and add the manager's email address.

Use Google Vault to set a retention period on the OU where the users reside.

Before deleting the user, add the user to the marketing shared drive as a contributor and move the documents into the new location.

Ask the user to create a folder under MyDrive, move the documents to be shared, and then share that folder with the marketing team manager.

Correct Answer: A

As the Workspace Administrator, the appropriate action to preserve the user's Drive data and ensure that only the marketing manager can access it is to transfer the ownership of the documents during the user deletion process. Specifically, you should select 'Transfer' in the data in other apps section and add the manager's email address. This method ensures that all the user’s Drive documents are transferred directly to the marketing manager, keeping them secure and restricted in visibility as required.

Question 8 of 151

As a Google Workspace administrator for your organization, you are tasked with controlling which third-party apps can access Google Workspace data. Before implementing controls, as a first step in this process, you want to review all the third-party apps that have been authorized to access Workspace data. What should you do?

Open Admin Console > Security > API Controls > App Access Control > Manage Third Party App Access.

Open Admin Console > Security > API Controls > App Access Control > Manage Google Services.

Open Admin Console > Security > Less Secure Apps.

Open Admin Console > Security > API Controls > App Access Control > Settings.

Correct Answer: A

To review all the third-party apps that have been authorized to access Google Workspace data, the correct path is to open Admin Console > Security > API Controls > App Access Control > Manage Third Party App Access. This path allows an administrator to view and manage the access permissions of third-party apps within the organization.

Question 9 of 151

Your organization wants more visibility into actions taken by Google staff related to your data for audit and security reasons. They are specifically interested in understanding the actions performed by Google support staff with regard to the support cases you have opened with Google. What should you do to gain more visibility?

From Google Admin Panel, go to Audit, and select Access Transparency Logs.

From Google Admin Panel, go to Audit, and select Login Audit Log.

From Google Admin Panel, go to Audit, and select Rules Audit Log.

From Google Admin Panel, go to Audit, and select Admin Audit Log.

Correct Answer: A

To gain more visibility into the actions performed by Google support staff with regard to the support cases you have opened, you should access the Access Transparency Logs. These logs provide a detailed record of actions taken by Google staff when accessing your data. This feature is available from the Google Admin Panel under the Audit section.

Question 10 of 151

Your organization recently had a sophisticated malware attack that was propagated through embedded macros in email attachments. As a Workspace administrator, you want to provide an additional layer of anti-malware protection over the conventional malware protection that is built into Gmail. What should you do to protect your users from future unknown malware in email attachments?

Run queries in Security Investigation Tool.

Turn on advanced phishing and malware protection.

Enable Security Sandbox.

Enable Gmail confidential mode.

Correct Answer: C

To protect users from future unknown malware in email attachments, enabling the Security Sandbox is the best approach. The Security Sandbox allows Gmail to scan or run attachments in a virtual environment, identifying threats that might be missed by traditional antivirus programs. This includes scanning file types like Microsoft Office documents, which can contain embedded macros used in sophisticated malware attacks. By providing an additional level of scrutiny beyond conventional malware protection, the Security Sandbox helps prevent potential malware from affecting users' devices and the organization's network.