Here you have the best Google Professional Google Workspace Administrator practice exam questions
As the Workspace Administrator, you have been asked to configure Google Cloud Directory Sync (GCDS) in order to manage Google Group memberships from an internal LDAP server. However, multiple Google Groups must have their memberships managed manually. When you run the GCDS sync, you notice that these manually managed groups are being deleted. What should you do to prevent these groups from being deleted?
To prevent manually managed Google Groups from being deleted during a GCDS sync, you should configure the GCDS settings to avoid deleting groups that are not found in the LDAP directory. This can be done by updating the group deletion policy setting to 'don't delete Google groups not found in LDAP' within the GCDS configuration manager. This setting ensures that groups managed outside of LDAP are retained even if they are not present in the LDAP server.
Your marketing department needs an easy way for users to share items more appropriately. They want to easily link-share Drive files within the marketing department, without sharing them with your entire company. What should you do to fulfil this request? (Choose two.)
To fulfill the request for the marketing department to easily share Drive files within the department without sharing them with the entire company, you should create a shared drive that is specifically for internal marketing use. This allows all marketing team members to access and share files conveniently within the group. Additionally, by setting up a target audience in the admin panel that includes all marketing team members, you can further ensure that the shared drive and its link shares are confined to the marketing department. This setup restricts access and shares appropriately within the desired group.
Your company has a broad, granular IT administration team, and you are in charge of ensuring proper administrative control. One of those teams, the security team, requires access to the Security Investigation Tool. What should you do?
To ensure the security team has access to the Security Investigation Tool, you need to create a Custom Admin Role with the Security Center privileges. This approach allows you to tailor the access to the specific needs of the security team without granting unnecessary permissions. Creating a custom role is the most precise method to ensure they have the required capabilities for their tasks.
Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to prevent users from copying data from work to non-work apps on iOS devices?
To prevent users from copying data from work apps to personal or third-party apps on iOS devices, the correct step is to clear the 'Allow items created with managed apps to open in unmanaged apps' checkbox. This setting is found in the Google Admin Console under Devices > Mobile and endpoints > iOS settings > Data sharing. This action ensures that managed app data cannot be opened or shared with unmanaged apps, effectively preventing data exfiltration.
Your organization recently implemented context-aware access policies for Google Drive to allow users to access Drive only from corporate managed desktops. Unfortunately, some users can still access Drive from non-corporate managed machines. What preliminary checks should you perform to find out why the Context-Aware Access policy is not working as intended? (Choose two.)
To investigate why the Context-Aware Access policy for Google Drive isn't working as intended, it’s essential to verify that the user has the correct license and to ensure the endpoint verification is operative. First, confirm that the user has a Google Workspace Enterprise Plus license, as this license tier is necessary for implementing context-aware access policies. Additionally, check whether Endpoint Verification is installed on users’ desktops. Endpoint Verification is crucial for identifying and verifying managed devices, enabling the application of the predefined access policies.