Security and Compliance has identified that data is being leaked through a third-party application connected to Google Workspace. You want to investigate using an audit log.What log should you use?
Answer(s): D
Admin Console: Log into the Google Admin console at admin.google.com. Security Settings: Navigate to Security > Access and Data Control > API controls.Audit Log:Click on "OAuth Token Audit Log".Review the log entries for any suspicious third-party applications that have access to your Google Workspace data.Investigate:Identify and investigate any suspicious activities or applications listed in the audit log. Revoke access to any untrusted third-party applications.ReferenceGoogle Workspace Admin: View OAuth Token audit log
Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using Google Workspace.What should you do?
Answer(s): B
2-Step Verification (2SV):2-Step Verification adds an extra layer of security by requiring users to verify their identity using a second factor in addition to their password. This helps protect against unauthorized access, even if the password is compromised.Google Authenticator:Google Authenticator is a mobile app that generates time-based one-time passcodes (TOTP) for 2SV. It works even when the device is offline, providing a secure and reliable second factor for authentication.Implementation Steps:Enable 2-Step Verification:Go to the Google Admin console (admin.google.com).Navigate to Security > Authentication > 2-Step Verification.Turn on 2-Step Verification for the organization.Deploy Google Authenticator:Instruct users to download the Google Authenticator app from their respective app stores (iOS or Android).Provide guidance on setting up Google Authenticator with their Google Workspace accounts. Users will scan a QR code provided during the setup process to link their account with the Authenticator app.Advantages of Google Authenticator:Security: It provides a highly secure method of 2-step verification as the codes are generated on the user's device and change every 30 seconds.Ease of Use: It's easy to set up and use, with a straightforward user interface.Offline Functionality: Codes can be generated even without internet access, ensuring consistent access to 2SV codes.Why Other Options Are Less Suitable:A . Enable additional security verification via email:Email-based verification is less secure than app-based 2SV because email accounts can be more easily compromised.C . Deploy browser or device certificates via Google Workspace:While device certificates add security, they are typically used for device management and access control rather than for 2-step verification purposes.D . Configure USB Yubikeys for all users:USB Yubikeys are highly secure and suitable for 2SV, but they require physical distribution and management of hardware tokens, which can be logistically complex and costly. Given the context of disabled peripheral access, this option might contradict the policy of the Chief Information Security Officer.
Google Workspace Admin Help: Set up 2-Step Verification Google Workspace Security: 2-Step Verification
A company wants to distribute iOS devices to only the employees in the Sales OU. They want to be able to do the following on these devices:Control password policies.Make corporate apps available to the users.Remotely wipe the device if it's lost or compromisedWhat two steps are required before configuring the device policies? (Choose two.)
Answer(s): B,D
Admin Console: Log into the Google Admin console at admin.google.com.Enable Advanced Mobile Management for Sales OU:Navigate to Devices > Mobile & endpoints > Settings.Select the Sales OU and turn on Advanced Mobile Management.Set Up an Apple Push Certificate:Go to Devices > Mobile & endpoints > Apple certificates.Follow the instructions to obtain and upload an Apple Push Certificate.Device Policies:After setting up the Apple Push Certificate, configure the desired device policies such as password policies, app distribution, and remote wipe capabilities.ReferenceGoogle Workspace Admin: Set up advanced mobile management Google Workspace Admin: Set up an Apple Push Certificate
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.What should you do?
Answer(s): C
Prepare Environment: Ensure you have a supported server to install Google Cloud Directory Sync (GCDS).Download GCDS:Download Google Cloud Directory Sync from the Google Workspace Downloads page.Install GCDS:Follow the installation instructions provided by Google to install GCDS on the server.Configuration:Configure GCDS to synchronize user data from Active Directory to Google Workspace.Set up synchronization rules and schedules to ensure that user data is kept up to date automatically.Testing and Deployment:Test the synchronization to ensure that new user accounts are created accurately in Google Workspace.Deploy GCDS in the production environment after successful testing.ReferenceGoogle Workspace Admin: About Google Cloud Directory Sync Google Workspace Admin: Install and Set Up GCDS
A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.Where should you enable this in the Chrome management settings?
Answer(s): A
Admin Console: Log into the Google Admin console at admin.google.com. Devices Management: Navigate to Devices > Chrome > Settings.Configuration:Under the "Chrome management" section, select "User & browser settings". Choose the organizational unit where you want to apply this setting.Auto-Updates Settings:Scroll down to the "Auto-update settings" section.Enable the "Randomly scatter auto-updates" option. This setting will spread out the updates over a period of time, reducing the load on your network.Save Changes: Click "Save" to apply the changes.ReferenceGoogle Workspace Admin: Manage automatic updates
Share your comments for Google GOOGLE-WORKSPACE-ADMINISTRATOR exam with other users:
well explained.
i need the pdf, please.
a good source for exam preparation
nice questions
i need ielts general training audio guide questions
please make this content available
content is good
latest dumps please
aside from pdf the test engine software is helpful. the interface is user-friendly and intuitive, making it easy to navigate and find the questions.
questions and options are correct, but the answers are wrong sometimes. so please check twice or refer some other platform for the right answer
90% of questions was there but i failed the exam, i marked the answers as per the guide but looks like they are not accurate , if not i would have passed the exam given that i saw about 45 of 50 questions from dump
answer to this question "what administrative safeguards should be implemented to protect the collected data while in use by manasa and her product management team? " it should be (c) for the following reasons: this administrative safeguard involves controlling access to collected data by ensuring that only individuals who need the data for their job responsibilities have access to it. this helps minimize the risk of unauthorized access and potential misuse of sensitive information. while other options such as (a) documenting data flows and (b) conducting a privacy impact assessment (pia) are important steps in data protection, implementing a "need to know" access policy directly addresses the issue of protecting data while in use by limiting access to those who require it for legitimate purposes. (d) is not directly related to safeguarding data during use; it focuses on data transfers and location.
password lockout being the correct answer for question 37 does not make sense. it should be geofencing.
for question 4, the righr answer is :recover automatically from failures
question number 4s answer is 3, option c. i
very good questions
i am confused about the answers to the questions. are the answers correct?
very usefull
need certification.
great exam prep
i require dump
good morning, could you please upload this exam again,
hi can you please upload the dumps for sap contingent module. thanks
good questions
looking forward to the real exam
good ones for exam preparation
this is a good experience
hi everyone
waiting for the dump. please upload.
upload cks exam questions
awesome training material
where is dump
q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.
please i need if possible h12-831,