The latest Google Professional Google Workspace Administrator certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Google Professional Google Workspace Administrator exam and earn Google Professional Google Workspace Administrator certification.
Table of Contents
- Question 21
- Exam Question
- Correct Answer
- Reference
- Question 22
- Exam Question
- Correct Answer
- Reference
- Question 23
- Exam Question
- Correct Answer
- Explanation
- Reference
- Question 24
- Exam Question
- Correct Answer
- Reference
- Question 25
- Exam Question
- Correct Answer
- Explanation
- Reference
- Question 26
- Exam Question
- Correct Answer
- Reference
- Question 27
- Exam Question
- Correct Answer
- Explanation
- Reference
- Question 28
- Exam Question
- Correct Answer
- Reference
- Question 29
- Exam Question
- Correct Answer
- Reference
- Question 30
- Exam Question
- Correct Answer
- Reference
Question 21
Exam Question
User A is a Basic License holder. User B is a Business License holder. These two users, along with many additional users, are in the same organizational unit at the same company. When User A attempts to access Drive, they receive the following error: “We are sorry, but you do not have access to Google Docs Editors. Please contact your Organization Administrator for access.” User B is not presented with the same error and accesses the service without issues.
How do you provide access to Drive for User A?
A. Select User A in the Directory, and under the Apps section, check whether Drive and Docs is disabled. If so, enable it in the User record.
B. In Apps > Google Workspace > Drive and Docs, select the organizational unit the users are in and enable Drive for the organizational unit.
C. In Apps > Google Workspace, determine the Group that has Drive and Docs enabled as a service. Add User A to this group.
D. Select User A in the Directory, and under the Licenses section, change their license from Basic to Business to add the Drive and Docs service.
Correct Answer
C. In Apps > Google Workspace, determine the Group that has Drive and Docs enabled as a service. Add User A to this group.
Reference
Google Workspace Admin Help > Use groups to customize service access
Question 22
Exam Question
As a team manager, you need to create a vacation calendar that your team members can use to share their time off. You want to use the calendar to visualize online status for team members, especially if multiple individuals are on vacation.
What should you do to create this calendar?
A. Request the creation of a calendar resource, configure the calendar to “Auto-accept invitations that do not conflict,” and give your team “See all event details” access.
B. Create a secondary calendar under your account, and give your team “Make changes to events” access.
C. Request the creation of a calendar resource, configure the calendar to “Automatically add all invitations to this calendar,” and give your team “See only free/busy” access.
D. Create a secondary calendar under your account, and give your team “See only free/busy” access.
Correct Answer
C. Request the creation of a calendar resource, configure the calendar to “Automatically add all invitations to this calendar,” and give your team “See only free/busy” access.
Reference
How To Manage Your Tech Team’s Vacation
Question 23
Exam Question
The company’s ten most senior executives are to have their offices outfitted with dedicated, standardized video conference cameras, microphones, and screens. The goal is to reduce the amount of technical support they require due to frequent, habitual switching between various mobile and PC devices throughout their busy days. You must ensure that it is easier for the executives to join Meet video conferences with the dedicated equipment instead of whatever device they happen to have available.
What should you do?
A. Set up unmanaged Chromeboxes and set the executives’ homepage to meet.google.com via Chrome settings.
B. Set up the executive offices as reservable Calendar Resources, deploy Hangouts Meet Hardware Kits, and associate the Meet hardware with the room calendars.
C. Deploy Hangouts Meet Hardware Kits to each executive office, and associate the Meet hardware with the executives’ calendars.
D. Provision managed Chromeboxes and set the executives’ Chrome homepage to meet.
google.com via device policy.
Correct Answer
C. Deploy Hangouts Meet Hardware Kits to each executive office, and associate the Meet hardware with the executives’ calendars.
Explanation
If the device is for a single user, such as in a home office or other remote location, you can associate the device with their personal calendar. Whenever an organizer adds that user to a Calendar event, the meeting name appears on their device.
Reference
Google Workspace Admin Help > Meet hardware > Set up and deploy Meet hardware > Set up Meet hardware kits (small to large spaces) > Assign a calendar to a device
Question 24
Exam Question
You are the Workspace administrator for an international organization with Enterprise Plus Workspace licensing. A third of your employees are located in the United States, another third in Europe, and the other third geographically dispersed around the world. European employees are required to have their data stored in Europe. The current OU structure for your organization is organized by business unit, with no attention to user location.
How do you configure Workspace for the fastest end user experience while also ensuring that European user data is contained in Europe?
A. Configure a data region at the top level OU of your organization, and set the value to “Europe”.
B. Add three additional OU structures to designate location within the current OU structure. Assign the corresponding data region to each.
C. Configure a configuration group for European users, and set the data region to “Europe”.
D. Configure three configuration groups within your domain. Assign the appropriate data regions to each corresponding group, but assign no preference to the users outside of the United States and Europe.
Correct Answer
A. Configure a data region at the top level OU of your organization, and set the value to “Europe”.
Reference
Google Workspace Admin Help > Security and data protection > Data privacy and protection > Choose the region where data is stored > Data regions: Choose a geographic location for your data
Question 25
Exam Question
Your business partner requests that a new custom cloud application be set up to log in without having separate credentials.
What is your business partner required to provide in order to proceed?
A. Service provider logout URL
B. Service provider ACS URL
C. Identity Provider URL
D. Service provider certificate
Correct Answer
B. Service provider ACS URL
Explanation
We need ACS URL for adding custom SAML App , using Google as the Idp
Reference
Google Workspace Admin Help > Integrate 3rd-party and custom apps > Set up SSO with Google as your identity provider > Set up SAML-based SSO for custom apps > Set up your own custom SAML application
Question 26
Exam Question
The credentials of several individuals within your organization have recently been stolen. Using the Google Workspace login logs, you have determined that in several cases, the stolen credentials have been used in countries other than the ones your organization works in.
What else can you do to increase your organization’s defense-in-depth strategy?
A. Implement an IP block on the malicious user’s IPs under Security Settings in the Admin Console.
B. Use Context-Aware Access to deny access to Google services from geo locations other than the ones your organization operates in.
C. Enforce higher complexity passwords by rolling it out to the affected users.
D. Use Mobile device management geo-fencing to prevent malicious actors from using these stolen credentials.
Correct Answer
B. Use Context-Aware Access to deny access to Google services from geo locations other than the ones your organization operates in.
Reference
- Google Workspace Admin Help > Security and data protection > Login protections and controls > Control access to apps based on user & device context > Protect your business with Context-Aware Access
- Google Workspace Admin Help > Security and data protection > Login protections and controlsControl access to apps based on user & device context > Create Context-Aware access levels
Question 27
Exam Question
Your company has been engaged in a lawsuit, and the legal department has been asked to discover and hold all email for two specific users. Additionally, they have been asked to discover and hold any email referencing “Secret Project 123.”
What steps should you take to satisfy this request?
A. Create a Matter and a Hold. Set the Hold to Gmail, set it to the top level Organization, and set the search terms to “secret project 123.” Create a second Hold. Set the second Hold to Gmail, set it to Accounts, and enter: user1 @your-company.com, [email protected]. Save.
B. Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and set the usernames to: [email protected], user2@your-company. Set the search terms to: (secret project 123). Save.
C. Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and enter: user1@your- company.com AND [email protected]. Set the search terms to: secret AND project AND 123. Save.
D. Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and set the usernames to: [email protected], user2@your-company. Set the search terms to secret OR project OR 123. Save.
Correct Answer
A. Create a Matter and a Hold. Set the Hold to Gmail, set it to the top level Organization, and set the search terms to “secret project 123.” Create a second Hold. Set the second Hold to Gmail, set it to Accounts, and enter: user1 @your-company.com, [email protected]. Save.
Explanation
The correct way to search for the esact term is in quotes (“project 123” and not (project 123)). Also, after doing this you must create the retention rule using comas to separate user from user.
Reference
Google Vault Help > Use operators to refine a search in Vault
Question 28
Exam Question
A user is reporting that external, inbound messages from known senders are repeatedly being incorrectly classified as spam.
What steps should the admin take to prevent this behavior in the future?
A. Modify the SPF record for your internal domain to include the IPs of the external user’s mail servers.
B. Update the spam settings in the Admin Console to be less aggressive.
C. Add the sender’s domain to an allowlist via approved senders in the Admin Console.
D. Instruct the user to add the senders to their contacts.
Correct Answer
A. Modify the SPF record for your internal domain to include the IPs of the external user’s mail servers.
Reference
Google Workspace Admin Help > Advanced Gmail management > Manage spam and allowed-lists > Allowlists, denylists, and approved senders
Question 29
Exam Question
A user reached out to the IT department about a Google Group that they own: [email protected]. The group is receiving mail, and each message is also delivered directly to the user’s Gmail inbox. The user wants to be able to reply to messages directly from Gmail and have them sent on behalf of the group, not their individual account. Currently, their replies come from their individual account.
What would you instruct the user to do?
A. Create a new content compliance rule that matches the user’s outgoing messages with the group copied, and have it modify the sender to be the group address.
B. Add the group as an email address that can be sent from within Gmail, and verify that the user has access. They can then choose to reply from the group.
C. Add the user’s individual account as a delegate to the group’s inbox. They can then toggle between the accounts and use the Gmail interface on behalf of the group.
D. Set the group address to be the default sender within the group’s posting policies.
Correct Answer
B. Add the group as an email address that can be sent from within Gmail, and verify that the user has access. They can then choose to reply from the group.
Reference
Google Cloud Help > How can users send emails using a group address in Gmail?
Question 30
Exam Question
Your organization’s information security team has asked you to determine and remediate if a user ([email protected]) has shared any sensitive documents outside of your organization.
How would you audit access to documents that the user shared inappropriately?
A. Open Security Investigation Tool-> Drive Log Events. Add two conditions: Visibility Is External, and Actor Is [email protected].
B. Have the super administrator use the Security API to audit Drive access.
C. As a super administrator, change the access on externally shared Drive files manually under [email protected].
D. Open Security Dashboard-> File Exposure Report-> Export to Sheet, and filter for [email protected].
Correct Answer
C. As a super administrator, change the access on externally shared Drive files manually under [email protected].
Reference
Google Workspace Admin Help > Security and data protection > Security center: Prevent, detect, and remediate security threats > Security investigation tool > Run a search in the investigation tool > Drive log events > View files shared outside of a domain