Google Cloud Certified - Associate Google Workspace Administrator (PR000299)

You are a Workspace Administrator with a mix of Business Starter and Standard Licenses for your users. A Business Starter User in your domain mentions that they are running out of Drive Storage Quota. Without deleting data from Drive, what two actions can you take to alleviate the quota concerns for this user? (Choose two.)

Your organization is preparing to deploy Workspace and will continue using your company’s existing identity provider for authentication and single sign-on (SSO). In order to migrate data from an external system, you were required to provision each user’s account in advance. Your IT team and select users (~5% of the organization) have been using Workspace for configuration and testing purposes. The remainder of the organization can technically access their accounts now, but the IT team wants to block their access until the migrations are complete. What should your organization do?

Your company has acquired a new company in Japan and wants to add all employees of the acquisition to your existing Google Workspace domain. The new company will retain its original domain for email addresses and, due to the very sensitive nature of its work, the new employees should not be visible in the global directory. However, they should be visible within each company's separate directory. What should you do to meet these requirements?

Your organization is using Password Sync to sync passwords from Active Directory to Google Workspace. A user changed their network password and cannot log in to Google Workspace with the new password. What steps should you take to troubleshoot this issue?

A recent legal investigation requires all emails and Google Drive documents from a specific user to be retrieved. As the administrator, how can you fulfill the legal team's request?

You are in the middle of migrating email from on-premises Microsoft Exchange to Google Workspace. Users that you have already migrated are complaining of messages from internal users going into spam folders. What should you do to ensure that internal messages do not go into Gmail spam while blocking spoofing attempts?

Your organization recently deployed Google Workspace. Your admin team has been very focused on configuring the core services for your environment, which has left you little time to pay attention to other areas. Your security team has just informed you that many users are leveraging unauthorized add-ons, and they are concerned about data exfiltration. The admin team wants you to cut off all add-ons access to Workspace data immediately and block all future add-ons until further notice. However, they approve of users leveraging their Workspace accounts to sign into third-party sites. What should you do?

As the newly hired Admin in charge of Google Workspace, you learn that the organization has been using Google Workspace for months and has configured several security rules for accessing Google Drive. A week after you start your role, users start to complain that they cannot access Google Drive anymore from one satellite office and that they receive an error message that “a company policy is blocking access to this app.” The users have no issue with Gmail or Google Calendar. While investigating, you learn that both this office's Internet Service Provider (ISP) and the global IP address when accessing the internet were changed over the weekend. What is the most logical reason for this issue?

An end user informs you that they are having issues receiving mail from a specific sender that is external to your organization. You believe the issue may be caused by the external entity’s SPF record being incorrectly configured. Which troubleshooting step allows you to examine the full message headers for the offending message to determine why the messages are not being delivered?

Your company’s Google Workspace primary domain is “mycompany.com,” and it has acquired a startup that is using another cloud provider with a domain named “mystartup.com.” You plan to add all employees from the startup to your Google Workspace domain while preserving their current mail addresses. The startup CEO's email address is andrea@mystartup.com, which also matches your company CEO's email address as andrea@mycompany.com, even though they are different people. Each must keep the usage of their email. In addition, your manager asked to have all existing security policies applied for the new employees without any duplication. What should you do to implement the migration?

Your company is using Google Workspace Enterprise Plus, and the Human Resources (HR) department is asking for access to Work Insights to analyze adoption of Google Workspace for all company employees. You assigned a custom role with the work Insights permission set as “view data for all teams” to the HR group, but it is reporting an error when accessing the application. What should you do?

A subset of users from the finance and human resources (HR) teams need to share documents with an external vendor. However, external content sharing is prohibited for the entire finance team. What would be the most secure method to enable external sharing for this set of users?

You have been asked to support an investigation that your litigation team is conducting. The current default retention policy for mail is 180 days, and there are no custom mail retention policies in place. The litigation team has identified a user who is central to the investigation, and they want to investigate the mail data related to this user without the user's awareness. What two actions should you take? (Choose two.)

Your sales team, which is organized as its own organizational unit, is prone to receiving malicious attachments. What action should you take, as an administrator, to apply an additional layer of protection in the admin console for your sales team without disrupting business operation?

Your organization does not allow users to share externally. The security team has recently approved an exemption for specific members of the marketing team and sales to share documents with external customers, prospects, and partners. How best would you achieve this?

As a Workspace Administrator, you want to keep an inventory of the computers and mobile devices your company owns in order to track details such as device type and who the device is assigned to. How should you add the devices to the company-owned inventory?

When reloading Gmail in Chrome, the web browser returns a 500 Error. As part of the troubleshooting process, Google support asks you to gather logs. How can this be accomplished?

Your organization is about to expand by acquiring two companies, both of which are using Google Workspace. The CISO has mandated that strict ‘No external content sharing’ policies must be in place and followed. How should you securely configure sharing policies to satisfy both the CISO’s mandate while allowing external sharing with the newly acquired companies?

A disgruntled employee has left your company and deleted all their email messages and files in Google Drive. The security team is aware that some intellectual property may have surfaced on a public social media site. What is the first step to start an investigation into this leak?

Your company recently acquired an organization that was not leveraging Google Workspace. Your company is currently using Google Cloud Directory Sync (GCDS) to sync from an LDAP directory into Google Workspace. You want to deploy a second instance of GCDS and apply the same strategy with the newly acquired organization, which also has its users in an LDAP directory. How should you change your GCDS instance to ensure that the setup is successful? (Choose two.)

Your IT team is being asked to fulfill a query by your organization's legal department that requires an MBOX file that will be shared to a third-party partner for eDiscovery. The query must be run on multiple users. Legal has no admin rights to Google Vault. What should you do to fulfil the request?

You received this email from the head of marketing:

Hello Workspace Admin:

Next week, a new consultant will be starting on the “massive marketing mailing” project. We want to ensure that they can view contact details of the rest of the marketing team, but they should not have access to view contact details of anyone else here at our company. Is this something that you can help with?

What are two of the steps you need to perform to fulfill this request? (Choose two.)

You are in charge of automating and configuring Google Cloud Directory Sync for your organization. Within the config manager, how can you proactively prevent applying widespread deletions within your Workspace environment if your company’s LDAP undergoes a substantial modification?

You act as the Google Workspace Administrator for a company that has just acquired another organization. The acquired company will be migrated into your Workspace environment in 6 months. Management has asked you to ensure that the Google Workspace users you currently manage can efficiently access rich contact information in Workspace for all users. This needs to occur before the migration, and optimally without additional expenditure. What step do you take to populate contact information for all users?

A retail company has high employee turnover due to the cyclical nature in the consumer space. The increase in leaked confidential content has created the need for a specific administrative role to monitor ongoing employee security investigations. What step should you take to increase the visibility of such investigations?

Your organization uses a third-party product to filter mail before it arrives at your Workspace Domain. How should you configure Gmail to ensure that inbound messages are not seen as a spam attack due to the volume of mail being received from this product?

You are configuring a shared drive for the financial department of your organization. The financial team wants to allow members of the shared drive to add, edit, and move documents into the shared drive. It's important that the same users cannot remove or delete files. How can you configure access for these users to match the team's request?

You have configured Secure Transport (TLS) Compliance for all messages coming to and from an external domain, altostrat.com, that your end users communicate with via Gmail. What will your end users experience when messages are delivered to them from altostrat.com without TLS enabled?

As a Google Workspace administrator for your organization, you are tasked with identifying how users are reporting their messages – whether spam, not spam, or phishing – for a specific time period. How do you find this information?

Your default Vault retention policy for Gmail is set to 365 days. Your legal department has just informed you that emails sent and received by the customer support department are sensitive, and must be retained for only 30 days. You must enforce this new retention policy in the simplest way. What should you do?

A user has reported that they did not receive an email from one of their normal correspondents. What information do you need to collect from the user to investigate the cause of the issue?

An employee at your company does not need access to their Workspace account while they are on leave for a year. When they return, you need to ensure they have access to their account and that all their data and current emails remain intact. Also, their shared documents must be available to other users. You must accomplish this goal in the most cost-effective way. What should you do?

Your organization is moving from a legacy mail system to Google Workspace. This move will happen in phases. During the first phase, some of the users in the domain are set up to use a different identity provider (IdP) for logging in. You need to set up multiple IdPs for various users. What should you do?

You work at a large global holding firm with multiple companies that are united under one Google Workspace deployment. You must ensure that employees can only access documents at the company in which they are employed. What should you do?

An employee at your organization is experiencing video call issues in Google Meet, and they were unable to resolve the issues by themselves.

You need to troubleshoot the issue. What should you do first?

Your organization has been using Google Workspace for almost a year, and your annual security and risk assessment initiative is approaching. In preparation for the risk assessment, you want to quickly review all the security-related settings for Gmail, Drive, and Calendar, and identify the ones that may be posing risk. What should you do?

The compliance team at your organization is conducting a legal investigation into some concerning sales activities of an employee eight months ago. The compliance team contacted you for assistance on the situation. You set up the default Google Vault retention rules so all data is retained only for one year. You must assist the compliance team with the investigation. What should you do?

Your organization has a group of users who interact with sensitive information and their accounts contain valuable files. You need to protect these users from targeted online attacks. What should you do?

An employee has been leaking confidential salary information to an external party. You must use Vault to preserve the messages for an investigation. What should you do?

Your organization has a strict requirement that your temporary employees can only send emails to and receive emails from specific external domains. You must define a policy in Google Workspace that meets this requirement for users in the temporary employee organizational unit (OU). What should you do?

Your organization is working on a confidential project with details that cannot be shared through email with anyone outside your organization. You want to add controls in Gmail that prevent any mention of the project from being sent by employees. Only the CEO and the CFO can send information about the project over email and without a delay. What should you do?

The helpdesk at your organization reports that many users in multiple locations are not able to access Gmail, but can access other Workspace services. You must troubleshoot the issue. What should you do first?

An employee at your organization is resigning. They are in charge of organizing and maintaining recurring team events. You want to preserve the existing meetings and transfer ownership to the resigning employee's manager. What should you do?

Your organization has confidential internal content for which only authorized employees are allowed to access. Access to this content is managed by using Google Groups. Only administrators can create and manage membership. You need to provide only the necessary functionality and follow the principle of least privilege. What should you do?

By using Account Activity reports, you have flagged several users who are uploading large files. You want to ensure you don't run out of pooled storage and you want to stop the abuse. What should you do first?