
100%更新されたのはGoogle Google-Workspace-Administrator限定版PDF問題集
有効な試験問題を試そうGoogle-Workspace-Administratorには無料サイトで限定お試しチャンス
この試験では、ユーザーとグループの管理、セキュリティとコンプライアンス、電子メールルーティングと配信、モバイルデバイス管理、データ移行など、幅広いトピックをカバーしています。候補者は、Google Workspaceサービスと、技術的な問題をトラブルシューティングして解決する機能を深く理解することが期待されています。この認定は、組織向けのGoogle Workspaceサービスの管理と最適化に関する候補者の専門知識を実証するため、雇用主によって高く評価されています。
質問 # 31
Your organization deployed Google Workspace Enterprise within the last year, with the support of a partner. The deployment was conducted in three stages: Core IT, Google Guides, and full organization. You have been tasked with developing a targeted ongoing adoption plan for your Google Workspace organization.
What should you do?
- A. Use a script to monitor Email attachment types and target users that aren't using Drive sharing.
- B. Use Google Guides to deliver ad-hoc training to all of their co-workers and reports.
- C. Use Work Insights to gather adoption metrics and target your training exercises.
- D. Use Reports APIs to gather adoption metrics and Gmail APIs to deliver training content directly.
正解:C
解説:
Access Work Insights: Log into your Google Workspace Admin Console and access Work Insights.
Gather Adoption Metrics: Use Work Insights to gather data on how users are adopting Google Workspace. This includes information on how often they are using different Google Workspace applications and features.
Analyze Data: Analyze the data to identify which teams or departments may need additional training and support.
Targeted Training: Develop targeted training exercises based on the insights gathered. Focus on areas where adoption is low or where users are not taking full advantage of the available features.
Implement Training: Use Google Guides or other training methods to deliver the targeted training sessions.
Monitor Progress: Continue to use Work Insights to monitor adoption and adjust the training plan as necessary.
Reference
Google Support: Work Insights
質問 # 32
A user joined your organization and is reporting that every time they start their computer they are asked to sign in. This behavior differs from what other users within the organization experience. Others are prompted to sign in biweekly. What is the first step you should take to troubleshoot this issue for the individual user?
- A. Reset the user's sign-in cookies
- B. Check the session length duration for the organizational unit the user is provisioned in.
- C. Verify that 2-Step Verification is enforced for this user.
- D. Confirm that this user has their employee ID populated as a sign-in challenge.
正解:B
質問 # 33
When reloading Gmail in Chrome, the web browser returns a 500 Error. As part of the troubleshooting process, Google support asks you to gather logs. How can this be accomplished?
- A. Admin.google.com > Reporting > Reports > Apps Reports > Gmail
- B. Chrome > Window Context Menu > More Tools > Developer Tools > Network Tab > Reload the page to replicate the error > "Export HAR"
- C. Chrome > Window Context Menu > More Tools > Task Manager > Screen Capture List of Running Processes
- D. chrome://net-export > Start Logging to Disk > Confirm validity with https://netlog-viewer.appspot.com
正解:B
解説:
* Open Developer Tools:
* In Chrome, click the three dots menu (More).
* Select "More Tools" > "Developer Tools".
* Replicate the Error:
* Go to the "Network" tab in Developer Tools.
* Reload the Gmail page to replicate the 500 error.
* Export HAR:
* After the error is replicated, right-click on the network log.
* Select "Save all as HAR with content".
* Save the HAR file, which contains detailed logs of the network activity.
This file can then be provided to Google support for further analysis.
References
* Google Workspace Admin Help: Troubleshooting Network Issues
質問 # 34
Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?
- A. Update the validation certificate.
- B. Verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL
- C. Run nslookup to confirm that the service exists.
- D. Ensure that Microsoft's Active Directory Federation Services 2.0 sends encrypted SAML Responses in default configurations.
正解:B
解説:
If a service indicates that access to the SSO provider is not possible due to invalid information, you should verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL. This check ensures that the SAML Response is directed to the correct service, resolving the issue with authentication.
Reference:
Google Workspace Admin Help - Troubleshoot SSO issues
Google Workspace Admin Help - SAML SSO setup
質問 # 35
The CEO of your company heard about new security and collaboration features and wants to know how to stay up to date. You are responsible for testing and staying up to date with new features, and have been asked to prepare a presentation for management.
What should you do?
- A. Subscribe to the Google Workspace release calendar, and Join the Google Cloud Connect Community.
- B. Download the Google Workspace roadmap, and work together with a deployment specialist for new features.
- C. Change Google Workspace release track to: Rapid Release for faster access to new features.
- D. Create a support ticket for the Google Workspace roadmap, and ask to enable the latest release of Google Workspace.
正解:A
解説:
Subscribe to the Google Workspace Release Calendar:
Go to the Google Workspace Updates blog at https://workspaceupdates.googleblog.com/.
Click on "Subscribe to updates" to get real-time notifications about new features, updates, and changes in Google Workspace.
This will ensure you and your team are informed about the latest security and collaboration features as they are announced.
Join the Google Cloud Connect Community:
Visit the Google Cloud Connect Community at https://cloudconnectcommunity.google/.
Join the community to engage with other Google Workspace administrators and users.
Participate in discussions, ask questions, and stay informed about best practices, upcoming features, and insights directly from Google Workspace experts and peers.
Reference
Google Workspace Updates Blog
Google Cloud Connect Community
質問 # 36
A user does not follow their usual sign-in pattern and signs in from an unusual location.
What type of alert is triggered by this event?
- A. User sign-in alert.
- B. Suspicious mobile activity alert.
- C. Leaked password alert.
- D. Suspicious login activity alert.
正解:D
解説:
Identify Suspicious Login Activity:
Google Workspace triggers a suspicious login activity alert when a user signs in from an unusual location or device that is not part of their regular sign-in pattern.
Review Alerts:
Go to the Google Workspace Admin console.
Navigate to "Security" > "Dashboard" > "Suspicious login activity".
Review the details of the alert to determine the nature of the suspicious login.
Take Appropriate Actions:
Investigate the alert to ensure that the login attempt is legitimate.
If the login is deemed suspicious, follow security protocols to secure the user account, such as resetting the password or enabling two-factor authentication.
Reference
Google Workspace Admin Help: Review security alerts
質問 # 37
Your company wants to enable single sign-on (SSO) for its employees to access a newly acquired cloud-based marketing platform. The marketing platform vendor has confirmed SAML 2.0 compatibility and provided the necessary metadata. You need to streamline user access and centralize authentication through Google Workspace. What should you do?
- A. Instruct employees to log in to the marketing platform using the Sign In with Google functionality.
- B. Enable two-factor authentication for all users to enhance security before implementing SSO.
- C. Request an API key from the marketing platform vendor for SAML integration.
- D. Create a new SAML application in the Google Admin console.
正解:D
解説:
To enable single sign-on (SSO) through Google Workspace, you need to create a new SAML application in the Google Admin console. This allows users to authenticate centrally through Google Workspace when accessing the marketing platform, leveraging SAML 2.0 compatibility. You can then upload the metadata provided by the marketing platform vendor to complete the integration. This approach ensures streamlined access and centralized authentication for your employees.
質問 # 38
A user in your organization reported that their internal event recipient is not receiving the Calendar event invites. You need to identify the source of this problem. What should you do?
- A. Check if Calendar service is turned off for the event creator.
- B. Check whether the business hours are set up in the event recipient's Calendar settings.
- C. Check whether the Calendar event has more than 50 guests.
- D. Check whether the event recipient has turned off their email notifications for new events in their Calendar settings.
正解:D
解説:
When an internal user reports not receiving Google Calendar event invites, the most likely immediate cause to investigate on the recipient's end is their notification settings within Google Calendar. Users can customize their notification preferences, and it's possible they have turned off email notifications for new events.
Here's why option D is the most relevant first step and why the other options are less likely to be the primary cause of this specific issue:
D). Check whether the event recipient has turned off their email notifications for new events in their Calendar settings.
Google Calendar allows users to configure various notification settings, including whether they receive email notifications for new events, changes to events, reminders, etc. If the recipient has disabled email notifications for new events, they would not receive the invites in their inbox, even though the event might be correctly added to their Calendar.
Associate Google Workspace Administrator topics guides or documents reference: The official Google Calendar Help documentation for users, such as "Change notification settings," explains how users can customize their event notifications. This includes options to turn off email notifications for new events. While administrators don't directly manage individual user's notification settings, understanding these user-level controls is crucial for troubleshooting. An administrator might guide the user to check these settings.
A). Check whether the business hours are set up in the event recipient's Calendar settings.
Business hours in Google Calendar primarily affect meeting scheduling suggestions and how a user's availability is displayed to others. They do not directly prevent a user from receiving event invitations.
Whether or not a recipient has configured their business hours will not stop the email notification for a new event from being sent (unless perhaps in very specific and unusual edge cases related to resource scheduling, which isn't indicated here).
Associate Google Workspace Administrator topics guides or documents reference: The Google Calendar Help documentation on "Set your working hours and location" explains the purpose of business hours, which is related to availability and scheduling, not the receipt of invitations.
B). Check if Calendar service is turned off for the event creator.
If the Calendar service is turned off for the event creator, they would not be able to create or send any Calendar events in the first place. Since the user created and sent the invite (as mentioned by the recipient not receiving it), the Calendar service must be active for the creator.
Associate Google Workspace Administrator topics guides or documents reference: The Google Workspace Admin Help documentation on "Turn Google Calendar on or off for users" explains how administrators can control access to the Calendar service. If the service is off for a user, they would not have Calendar functionality.
C). Check whether the Calendar event has more than 50 guests.
While there might be limitations on the number of guests that can be added to a single Calendar event, exceeding this limit typically results in an error message for the event creator during the invitation process, not a failure of the recipient to receive the invite. Even if there were such a limit affecting receipt (which is not a common documented issue for internal users within reasonable limits), it wouldn't be the first thing to check.
Associate Google Workspace Administrator topics guides or documents reference: Google Calendar Help documentation might mention limits on the number of guests, but these limits usually pertain to the ability to add guests, send updates, or view responses, not a complete failure of delivery to some recipients within the organization.
Therefore, the most logical first step in troubleshooting why an internal recipient isn't receiving Calendar event invites is to have the recipient check their own Calendar notification settings to ensure that email notifications for new events are enabled.
質問 # 39
Your default Vault retention policy for Gmail is set to 365 days. Your legal department has just informed you that emails sent and received by the customer support department are sensitive, and must be retained for only 30 days. You must enforce this new retention policy in the simplest way. What should you do?
- A. Change the current default retention policy in Vault for Gmail to 30 days, and apply it to the customer support organizational unit (OU). Configure a custom retention policy for Gmail for 365 days for your domain.
- B. Change the current default retention policy for Gmail to 30 days. Configure two custom retention policies in Vault: one for 30 days that is applied to the customer support organizational unit (OU), and one for 365 days that is applied to all other OUs in your directory.
- C. Create two custom retention policies in Vault: one for 30 days that is applied to the customer support organizational unit (OU), and one for 365 days that is applied to all other OUs in your directory.
- D. Create a custom retention policy in Vault for Gmail for 30 days, and apply it to the customer support organizational unit (OU).
正解:D
質問 # 40
Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in Google Workspace Admin Panel is time-consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?
- A. Install Google Cloud Directory Sync on all Domain Controllers.
- B. Install Google Cloud Directory Sync on a supported server.
- C. Install Google Apps Manager to automate add-user scripts.
- D. Install Google Workspace Sync for Microsoft Outlook on all employees' computers.
正解:B
解説:
Prepare Environment: Ensure you have a supported server to install Google Cloud Directory Sync (GCDS).
Download GCDS:
Download Google Cloud Directory Sync from the Google Workspace Downloads page.
Install GCDS:
Follow the installation instructions provided by Google to install GCDS on the server.
Configuration:
Configure GCDS to synchronize user data from Active Directory to Google Workspace.
Set up synchronization rules and schedules to ensure that user data is kept up to date automatically.
Testing and Deployment:
Test the synchronization to ensure that new user accounts are created accurately in Google Workspace.
Deploy GCDS in the production environment after successful testing.
Reference
Google Workspace Admin: About Google Cloud Directory Sync
Google Workspace Admin: Install and Set Up GCDS
質問 # 41
Your organization is concerned with the increasing threat of phishing attacks that may impact users.
Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.
What should you do?
- A. Enable Enforce Strong Password policy.
- B. Revoke token authorizations to external applications.
- C. Enable Employee ID Login Challenge.
- D. Decrease the Maximum User Session Length.
正解:C
解説:
Sign in to the Google Admin console.
From the Admin console Home page, go to "Security" and then "Login challenges." Enable the "Employee ID login challenge" setting.
Configure the challenge by defining the employee IDs that users need to provide during the login process.
Enabling Employee ID login challenges adds an additional layer of security without requiring 2-Step verification. This helps prevent unauthorized access by ensuring that users provide an additional piece of information known only to them.
Reference:
Google Workspace Admin Help - Configure login challenges
"?>>?b GF\]\rom the Admin console Home page, go to "Security."
Under "Security," select "API controls."
In the "API controls" section, click on "Manage Third-Party App Access." Find the Google Drive API in the list.
Choose "Disable All Access" for Google Drive to ensure that no third-party apps have OAuth permissions to Google Drive.
This configuration adheres to the policy set by the Chief Information Security Officer by preventing third-party apps from accessing Google Drive via OAuth.
Google Workspace Admin Help - Manage API client access
質問 # 42
You work at a financial institution with strict security requirements. You have been asked by the head of IT security to enforce the policy that allows access to Google Workspace services only from devices that are within the company's network. What should you do?
- A. Ask everyone to use Chromebooks in your organization and deploy network certificates.
- B. Enable context-aware access (CAA) for all employees, and add the IP subnet as a context condition.
- C. Enable context-aware access (CAA) for all employees, and add the location as a context condition.
- D. Enable client-side encryption (CSE) for all employees.
正解:B
解説:
https://support.google.com/a/answer/12642752?hl=en&ref_topic=9262521&sjid=1370437735239
910488-AP
質問 # 43
Your organization is part of a highly regulated industry with a very high turnover. In order to recycle licenses for new employees and comply with data retention regulations, it has been determined that certain Google Workspace data should be stored in a separate backup environment.
How should you store data for this situation?
- A. Use a third-party tool to configure secure backup of Google Workspace data.
- B. Write a script and use Google Workspace APIs to access and download user data.
- C. Use routing rules to dual-deliver mail to an on-premises SMTP server and Google Workspace.
- D. Train users to use Google Takeout and store their archives locally.
正解:A
解説:
* Evaluate Third-Party Backup Solutions: Identify third-party tools that offer secure backup solutions for Google Workspace. Examples include Backupify, Spanning Backup, and Afi.ai.
* Choose a Suitable Tool: Based on your organization's needs and compliance requirements, select a tool that offers robust data retention, secure storage, and easy recovery options.
* Set Up the Backup Solution:
* Create an Account: Sign up for the chosen third-party backup service.
* Configure Backup Settings: Link your Google Workspace account and configure the backup settings to meet your data retention policies.
* Schedule Backups: Set up regular backup schedules to ensure data is continuously backed up.
* Test Backups and Recovery: Perform initial backups and test the recovery process to ensure data can be retrieved efficiently when needed.
* Monitor and Maintain: Regularly monitor the backup status and maintain the system to comply with your organization's data retention regulations.
References
* Google Workspace Admin Help - Choose a third-party backup tool
* Backupify - Google Workspace Backup
質問 # 44
Your organization has just appointed a new CISO. They have signed up to receive admin alerts and just received an alert for a suspicious login attempt. They are trying to determine how frequently suspicious login attempts occur within the organization. The CISO has asked you to provide details for each user account that has had a suspicious login attempt in the past year and the number of times it occurred for each account.
What action should you take to meet these requirements?
- A. Use the login audit report to export all suspicious login details for analysis.
- B. Create a custom dashboard with the security investigation tool showing suspicious logins.
- C. Create a custom query in BigQuery showing all suspicious login details.
- D. Use the account activity report to export all suspicious login details for analysis.
正解:A
解説:
* Access the Admin Console:
* In the Google Workspace Admin console, navigate to "Reports" > "Audit" > "Login".
* Generate a Login Audit Report:
* Customize the report to include details about suspicious login attempts.
* Set the time frame to the past year and filter the results to show only suspicious logins.
* Export the Report:
* Export the login audit report in a suitable format (e.g., CSV) for further analysis.
* Ensure the report includes user account details and the number of suspicious login attempts for
* each account.
* Analyze the Data:
* Review the exported data to identify patterns and determine how frequently suspicious login attempts occur within the organization.
* Provide the analysis to the CISO with the required details for each user account.
References
* Google Workspace Admin Help: View and analyze login audit logs
質問 # 45
Your organization has a strict requirement that your temporary employees can only send emails to and receive emails from specific external domains You must define a policy in Google Workspace that meets this requirement for users in the temporary employee organizational unit (OU) What should you do?
- A. Add the allowed domains when configuring the restrict delivery setting in Gmail settings, and select the box to bypass for internal emails
- B. Create a policy in Gmail settings that rewrites the recipient for outbound messages and quarantines incoming messages to review before delivery
- C. Configure the restrict delivery setting to limit domains that the temporary employees can communicate with Allow Google Docs sharing
- D. Restrict sending and receiving to Google Groups, and carefully curate the temporary employees" memberships
正解:A
解説:
Access the Admin Console: Sign in to your Google Admin console.
Navigate to Apps: Click on "Apps" and then "Google Workspace."
Select Gmail: In the Google Workspace section, click on "Gmail."
Gmail Settings: Click on "Compliance" under the "Advanced settings" section.
Restrict Delivery Setting: Scroll down to the "Restrict delivery" section and click "Configure." Define Policy: Enter the specific external domains you want to allow the temporary employees to communicate with.
Bypass for Internal Emails: Make sure to select the option to bypass the restriction for internal emails, ensuring internal communication is not affected.
Apply to OU: Apply this setting to the organizational unit (OU) containing the temporary employees.
Save the Configuration: Save the changes and ensure the policy is active.
Reference:
Google Workspace Admin Help: Set up compliance rules for Gmail
質問 # 46
Several employees at your company received messages with links to malicious websites. The messages appear to have been sent by your company's human resources department. You need to identify which users received the emails and prevent a recurrence of similar incidents in the future. What should you do?
- A. Collect a list of users who received the messages. Search the recipients' email addresses in Google Vault. Export and download the malicious emails in PST file format. Add the sender's email address to a quarantine list setting in Gmail to quarantine any future emails from the sender.
- B. Search the sender's email address by using Email Log Search. Identify the users that received the messages. Instruct them to mark them as spam in Gmail, delete the messages, and empty the trash.
- C. Search for the sender's email address by using the security investigation tool. Mark the messages as phishing. Add the sender's email address to the Blocked senders list in the Spam, Phishing and Malware setting in Gmail to automatically reject future messages.
- D. Search for the sender's email address by using the security investigation tool. Delete the messages.
Turn on the safety options for spoofing and authentication protection in Gmail settings.
正解:C
解説:
The security investigation tool in Google Workspace allows you to identify the impacted users and messages.
By marking the messages as phishing, you acknowledge their malicious nature, helping to protect the users.
Adding the sender's email address to the Blocked senders list ensures that future messages from this sender will be automatically blocked, preventing recurrence of similar incidents.
質問 # 47
A disgruntled employee has left your company and deleted all their email messages and files in Google Drive. The security team is aware that some intellectual property may have surfaced on a public social media site. What is the first step to start an investigation into this leak?
- A. Instruct a Google Vault admin to create a matter, and place all the user data on 'hold.'
- B. Delete the user's account in the Admin Console.
- C. Transfer data between end user Workspace accounts.
- D. Use Google Vault to export all the user data and share among the security team.
正解:A
解説:
https://support.google.com/vault/answer/7664657?hl=en#zippy=%2Cwhats-the-difference- between-a-hold-and-a-retention-rule
質問 # 48
......
Google Google-Workspace-Administrator公式認定ガイドPDF:https://jp.fast2test.com/Google-Workspace-Administrator-premium-file.html
無料Workspace Administrator Google-Workspace-Administrator公式認定ガイドPDFダウンロード:https://drive.google.com/open?id=1FvmTwNtNRv2iXCuIWUV4GXLkL60bW02V