Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?
A. Update the validation certificate.
B. Verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL
C. Run nslookup to confirm that the service exists.
D. Ensure that Microsoft's Active Directory Federation Services 2.0 sends encrypted SAML Responses in default configurations.
A user does not follow their sign-in pattern and signs In from an unusual location As an admin, what should you do in response to this alert for this user during this investigation?
A. Add Two Factor Authentication to the Domain
B. First suspend the account and then investigate
C. Enhance your security alerts for tracking sign-in patterns
D. Investigate the account for unauthorized activity in the Login and Security Audit Log
A disgruntled employee has left your company and deleted all their email messages and files in Google Drive. The security team is aware that some intellectual property may have surfaced on a public social media site. What is the first step to start an investigation into this leak?
A. Delete the user's account in the Admin Console.
B. Transfer data between end user Workspace accounts.
C. Instruct a Google Vault admin to create a matter, and place all the user data on `hold.'
D. Use Google Vault to export all the user data and share among the security team.
After migrating to Google Workspace, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request. What should you do?
A. Add the legal team to the User Management Admin system role.
B. Add the legal team to the Google Vault Google Group.
C. Create a custom role with Google Vault access, and add the legal team.
D. Create a matter in Google Vault, and share with the legal team.
Your company has just acquired a new group of users. They have been provisioned into the Google Workspace environment with your primary domain as their primary email address. These new users still need to receive emails from their previous domain. What is the best way to achieve this for these new users, without updating the information of pre-existing users?
A. Add the acquired domain as an alias to the primary Google Workspace domain.
B. Add the acquired domain as a secondary domain to the primary Google Workspace domain, and then update the email information of all new users with alias emails.
C. Update the Google-provided test domain to be the domain of the acquired company, and then update the email information of all new users with alias emails.
D. Without adding a domain, update each user's email information with the previous domain.
Your organization has noticed several incidents of accidental oversharing inside the organization. Specifically, several users have shared sensitive Google Drive items with the entire organization by clicking `anyone in this group with this link can view'. You have been asked by senior management to help users share more appropriately and also to prevent accidental oversharing to the entire organization. How would you best accomplish this?
A. Create groups, add users accordingly, and educate users on how to share to specific groups of people.
B. Disable sharing to the entire organization so that users must consciously add every person who needs access.
C. Determine sharing boundaries for users that work with sensitive information, and then implement target audiences.
D. Temporarily disable the Google Drive service for individuals who continually overshare.
Your organization recently bought 1.000 licenses for Cloud Identity Premium. The company's development team created an application in the enterprise service bus (ESB) that will read user data in the human resources information system (HRIS) and create accounts via the Google Directory REST API.
While doing the original test before production use, the team observes a 503 error coming from Google API response after a few users are created The team believes the ESB is not the cause, because it can perform 100 requests per second without any problems. What advice would you give the development team in order to avoid the issue?
A. Use the domain-wide delegation API to avoid the limitation per account.
B. Use an exponential back-off algorithm to retry failed requests.
C. Switch from REST API to gRPC protocol for performance improvement
D. Use the batch request architecture, because it can pack 1,000 API calls in one HTTP request.
Your organization wants more visibility into actions taken by Google staff related to your data for audit and security reasons. They are specifically interested in understanding the actions performed by Google support staff with regard to the support cases you have opened with Google. What should you do to gain more visibility?
A. From Google Admin Panel, go to Audit, and select Access Transparency Logs. Most Voted
B. From Google Admin Panel, go to Audit, and select Login Audit Log.
C. From Google Admin Panel, go to Audit, and select Rules Audit Log.
D. From Google Admin Panel, go to Audit, and select Admin Audit Log.
A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.
Where should you enable this in the Chrome management settings?
A. Randomly scatter auto-updates.
B. Update over cellular.
C. Disable Auto update.
D. Throttle the bandwidth.
The organization has conducted and completed Security Awareness Training (SAT) for all employees. As part of a new security policy, employees who did not complete the SAT have had their accounts suspended. The CTO has requested to be informed of any accounts that have been re-enabled to ensure no one is in violation of the new security policy.
What should you do?
A. Enable "Suspicious login" rule-Other Recipients: CTO
B. Enable "Suspended user made active" rule-Other Recipients: CTO
C. Enable "Email settings changed" rule--Other Recipients: CTO
D. Enable "Suspended user made active" rule and select "Deliver to" Super Administrator(s)
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Google exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GOOGLE-WORKSPACE-ADMINISTRATOR exam preparations and Google certification application, do not hesitate to visit our Vcedump.com to find your solutions here.