Google-Workspace-Administrator問題集合格保証付きの合格できるGoogle-Workspace-Administrator試験2025年更新 [Q44-Q68]

Share

Google-Workspace-Administrator問題集合格保証付きの合格できるGoogle-Workspace-Administrator試験2025年更新

Google-Workspace-Administrator試験問題集を試そう!ベストGoogle-Workspace-Administrator試験問題トレーニングを提供していますFast2test


試験を受験するには、候補者はGoogle Workspaceとその管理についての徹底的な理解を持っている必要があります。また、自分の組織のGoogle Workspaceを管理および管理する実践的な経験も必要です。試験は、複数選択肢やシナリオベースの問題から構成されており、候補者の知識とその知識を現実の状況に適用する能力を試すものです。


Google Cloud Certified-Professional Google Workspace Administrator Examは、複数選択と複数選択の質問で構成されています。この試験では、ユーザーとグループ管理、セキュリティとコンプライアンス、モバイルデバイス管理など、さまざまなトピックをカバーしています。試験には2時間の時間制限があり、合格スコアは80%です。試験はオンラインで撮影でき、テストを受けるために200ドルの料金がかかります。


認定を受けるためには、受験者は複数選択肢とシナリオに基づいた問題からなる 2 時間の試験に合格する必要があります。試験はオンラインで実施され、世界中のどこからでも受験することができます。合格すると、受験者はデジタルバッジと証明書を受け取ることができ、Google Workspace 管理者としての専門知識と信頼性をアピールすることができます。この認定は、Google Workspace を扱う IT プロフェッショナルや、クラウドベースの生産性ツールを管理する専門知識が必要な役割を追求することに興味がある人にとって貴重なものです。

 

質問 # 44
Your company is using Google Workspace Business Plus edition, and the security team has reported several unsuccessful attempts to sign in to your Google Workspace domain from countries where you have no local employees. The affected accounts are from several executives in the main office.
You are asked to take measures to mitigate this security risk. Although budget is not a concern, your company prefers a minimal financial outlay to fix the issue, which you are tasked with managing. Which two solutions would help you mitigate the risk at minimal cost?
Choose 2 answers

  • A. Deploy Google Cloud Armor on a dedicated project, and create a rule to allow access to Google Workspace only from specific locations.
  • B. For all executives, create new accounts with random characters to match Google best practices, migrate
  • C. Upgrade to Google Workspace Enterprise Plus for all accounts, and define Context-Aware Access levels to only a list of countries where the company has employees.
  • D. Subscribe to Cloud Identity Premium for all accounts, and define Context-Aware Access levels to only a list of countries where the company has employees.
  • E. Deploy 2-Step Verification for all users who have security keys.

正解:C、E

解説:
data from the former accounts, and then delete them.


質問 # 45
Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?

  • A. Update the validation certificate.
  • B. Ensure that Microsoft's Active Directory Federation Services 2.0 sends encrypted SAML Responses in default configurations.
  • C. Run nslookup to confirm that the service exists.
  • D. Verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL

正解:D


質問 # 46
A company wants to distribute iOS devices to only the employees in the Sales OU. They want to be able to do the following on these devices:
Control password policies.
Make corporate apps available to the users.
Remotely wipe the device if it's lost or compromised
What two steps are required before configuring the device policies? (Choose two.)

  • A. Turn on Advanced Mobile Management for Sales OU
  • B. Deploy Apple Certificate to every device.
  • C. Turn on Advanced Mobile Management for the domain.
  • D. Set up an Apple Push Certificate.
  • E. Set up Device Approvals.

正解:A、D

解説:
Admin Console: Log into the Google Admin console at admin.google.com.
Enable Advanced Mobile Management for Sales OU:
Navigate to Devices > Mobile & endpoints > Settings.
Select the Sales OU and turn on Advanced Mobile Management.
Set Up an Apple Push Certificate:
Go to Devices > Mobile & endpoints > Apple certificates.
Follow the instructions to obtain and upload an Apple Push Certificate.
Device Policies:
After setting up the Apple Push Certificate, configure the desired device policies such as password policies, app distribution, and remote wipe capabilities.
Reference
Google Workspace Admin: Set up advanced mobile management
Google Workspace Admin: Set up an Apple Push Certificate


質問 # 47
Your organization is planning to remove any dependencies on Active Directory (AD) from all Cloud applications they are using You are currently using Google Cloud Directory Sync (GCDS) with on-premises AD as a source to provision user accounts in Google Workspace. Your organization is also using a software-as-a-service (SaaS) human resources information system (HRIS) that offers integration via CSV export and Open API standard.
Additional requirements for the solution include:
* It should not require a subscription to any additional third-party service.
* The process must be automated from beginning to end.
You are tasked with the design and implementation of a solution to address user provisioning with these requirements.
What solution should you implement?

  • A. Build an application that will fetch updated data from the HRIS system via Open API. and then update Google Workspace with the Directory API accordingly.
  • B. Modify the GCDS configuration to use the HRIS application as the data source and complete any necessary adjustments
  • C. Export HRIS data to a CSV file every day. and build a solution to define the delta with the previous day; import the result as a CSV file via the Admin console.
  • D. Set up Azure AD and federate on-premises AD with it. Provision user accounts from Azure AD with the Google-recommended process.

正解:A


質問 # 48
Your CISO is concerned about third party applications becoming compromised and exposing Google Workspace data you have made available to them. How could you provide granular insight into what data third party applications are accessing?
What should you do?

  • A. Create a report using the Drive Audit Activity logs.
  • B. Create a report using the Calendar Audit Activity logs.
  • C. Create a reporting using the API Permissions logs for Installed Apps.
  • D. Create a report using the OAuth Token Audit Activity logs.

正解:D

解説:
* Access Admin Console: Log into your Google Workspace Admin Console.
* Navigate to Reports: Go to the Reports section within the Admin Console.
* OAuth Token Audit Log: Access the OAuth Token Audit Activity logs. This log provides detailed information about third-party applications that have been granted access to your Google Workspace data.
* Review Data Access: Review the logs to see which applications have accessed what type of data. This includes details on the scopes of access requested by the applications.
* Generate Report: Create a report from these logs to provide granular insight into the data accessed by third-party applications. This report can be used to assess and mitigate any potential risks.
References
* Google Support: Token audit log


質問 # 49
A user is reporting that external, inbound messages from known senders are repeatedly being incorrectly classified as spam. What steps should the admin take to prevent this behavior in the future?

  • A. Instruct the user to add the senders to their contacts.
  • B. Modify the SPF record for your internal domain to include the IPs of the external user's mail servers.
  • C. Add the sender's domain to an allowlist via approved senders in the Admin Console.
  • D. Update the spam settings in the Admin Console to be less aggressive.

正解:C

解説:
https://support.google.com/a/answer/60752?hl=en#:~:text=Approved%20senders%20list%E2%8
0%94,settings%20in%20Google%20Workspace


質問 # 50
Your company is using Google Workspace Enterprise Plus, and the Human Resources (HR) department is asking for access to Work Insights to analyze adoption of Google Workspace for all company employees. You assigned a custom role with the work Insights permission set as "view data for all teams" to the HR group, but it is reporting an error when accessing the application.
What should you do?

  • A. Confirm in Reports > BigQuery Export that the job is enabled.
  • B. Confirm that the Work Insights app is turned ON for all employees.
  • C. Confirm in Security > API controls > App Access Controls that Work Insights API is set to
    "unrestricted."
  • D. Allocate the "view data for all teams" permission to all employees of the company.

正解:B


質問 # 51
Your organization has upgraded to a Google Workspace edition with Vault and has hired a new audit team You are configuring access for this audit team with these privileges
* Chief legal executive - reporting privileges
* Legal audit manager - full Vault privileges
* Data reviewer - searching privileges
You must enable access for these three roles What should you do?

  • A. Assign Google Vault licenses to these users that allow all privileges required for access
  • B. Set up three different Admin roles with specific privileges that match the audit teams responsibilities Assign these Admin roles to the respective users.
  • C. Set up an Admin role with minimal Vault privileges and assign the rote to all Vault users Approve additional privileges that are requested through a formal approval process
  • D. Set up Google Vault service as On for these specific users.

正解:B

解説:
Navigate to Admin Roles: Go to the Google Admin console and navigate to the 'Admin roles' section.
Create Admin Roles: Create three separate admin roles:
Chief Legal Executive: Assign reporting privileges only.
Legal Audit Manager: Assign full Vault privileges.
Data Reviewer: Assign searching privileges.
Assign Roles to Users: Assign the created roles to the respective users (Chief Legal Executive, Legal Audit Manager, Data Reviewer).
Set Up Google Vault Access: Ensure the Google Vault service is turned on for these users by navigating to 'Apps' > 'Google Workspace' > 'Google Vault' and verifying that the service is enabled for their organizational unit.
Reference
Manage admin roles
Google Vault permissions


質問 # 52
Your organization has a new security requirement around data exfiltration on iOS devices. You have a requirement to prevent users from copying content from a Google app (Gmail, Drive, Docs, Sheets, and Slides) in their work account to a Google app in their personal account or a third-party app. What steps should you take from the admin panel to prevent users from copying data from work to non-work apps on iOS devices?

  • A. Clear the "Allow items created with managed apps to open in unmanaged apps" checkbox.
  • B. Navigate to Devices > Mobile and endpoints > Universal Settings > General and turn on Basic Mobile Management.
  • C. Disable "Open Docs in Unmanaged Apps" setting in Google Admin Console's Device management section.
  • D. Navigate to "Data Protection" setting in Google Admin Console's Device management section and disable the "Allow users to copy data to personal apps" checkbox.

正解:D

解説:
https://support.google.com/a/answer/6328700?hl=en&ref_topic=6079327#managed_apps&zippy
=%2Cdata-actions
Allow users to copy Google Workspace items to personal apps
Allows users to copy content from a Google app (such as Gmail, Drive, Docs, Sheets, Slides, Chat, and Meet) to a Google app in their personal account or a third-party app. Also allows users to drag content between Google apps, for any account.
To prevent users from copying or dragging information from their work account, or using the All inboxes feature (which combines messages from multiple Gmail accounts into one inbox), uncheck the box.


質問 # 53
Your company recently migrated to Google Workspace and wants to deploy a commonly used third-party app to all of finance. Your OU structure in Google Workspace is broken down by department. You need to ensure that the correct users get this app.
What should you do?

  • A. At the root level, disable the third-party app. For the Finance OU, allow users to install only whitelisted apps from the Google Workspace Marketplace.
  • B. At the root level, disable the third-party app. For the Finance OU, allow users to install any application from the Google Workspace Marketplace.
  • C. For the Finance OU, enable the third-party app in SAML apps.
  • D. For the Finance OU, enable the third-party app in Marketplace Apps.

正解:D


質問 # 54
Your organization is in the process of deploying Google Drive for desktop so that your users can access Drive files directly from their desktops. For security reasons, you want to restrict Drive for desktop to only company-owned devices. What two steps should you take from the admin panel to restrict Drive for desktop to only company-owned devices?
Choose 2 answers

  • A. Create a company-owned device inventory using an asset tag.
  • B. Apps > Google Workspace > Drive and Docs > Features and Applications > Google Drive for Desktop > Only Allow Google Drive for desktop on authorized devices
  • C. Devices > Endpoints > Add a filter-> Management Type > Drive for desktop > Apply
  • D. Install the Google Endpoint Verification extension on machines using Drive for Desktop.
  • E. Create a company-owned device inventory using serial numbers of devices.

正解:B、C


質問 # 55
The CFO just informed you that one of their team members wire-transferred money to the wrong account because they received an email that appeared to be from the CFO. The CFO has provided a list of all users that may be responsible for sending wire transfers. The CFO also provided a list of banks the company sends wire transfers to. There are no external users that should be requesting wire transfers. The CFO is working with the bank to resolve the issue and needs your help to ensure that this does not happen again.
What two actions should you take? (Choose two.)

  • A. Configure objectionable content to reject messages with the words "wire transfer."
  • B. Enable all admin settings in Gmail's safety > spoofing and authentication.
  • C. Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.
  • D. Add the sender of the wire transfer email to the blocked senders list.
  • E. Create a rule requiring secure transport for all messages regarding wire transfers.

正解:C、D


質問 # 56
Your organization deployed Google Workspace Enterprise within the last year, with the support of a partner. The deployment was conducted in three stages: Core IT, Google Guides, and full organization. You have been tasked with developing a targeted ongoing adoption plan for your Google Workspace organization.
What should you do?

  • A. Use Google Guides to deliver ad-hoc training to all of their co-workers and reports.
  • B. Use Reports APIs to gather adoption metrics and Gmail APIs to deliver training content directly.
  • C. Use Work Insights to gather adoption metrics and target your training exercises.
  • D. Use a script to monitor Email attachment types and target users that aren't using Drive sharing.

正解:A

解説:
[https://static.googleusercontent.com/media/www.google.com/en//support/enterprise/static/gapps/docs/admin/en/gapps_transition/gapps_transition_guide.pdf] identifies Google Guides as early adopters and champions that can help co-workers get up to speed quickly


質問 # 57
Your company moved to Google Workspace last month and wants to install Hangouts Meet Hardware in all of their conference rooms. This will allow employees to walk into a room and use the in-room hardware to easily join their scheduled meeting. A distributed training session is coming up, and the facilitator wants to make remote room joining even easier. Participants in remote rooms should walk into their room and begin receiving the training without having to take any actions to join the session.
How should you accomplish this?

  • A. In the Admin Console, select the devices in Meeting Room Hardware, select Call, and Enter the meeting code.
  • B. Room participants will need to start the meeting from the remote in the room.
  • C. Select Add Live Stream to the Calendar invite; all rooms added to the event will auto-join at the scheduled time.
  • D. By adding the rooms to the Calendar invite, they will all auto-join at the scheduled time.

正解:A

解説:
https://support.google.com/meethardware/answer/6069329


質問 # 58
The security team for your organization is concerned about phishlng attacks against your end user base. What two actions should you take to configure the strongest possible preventative measure against phishing attacks?
Choose 2 answers

  • A. Enforce confidents mode for all messages sent and received from your Workspace domain
  • B. Configure spoofing and authentication controls to quarantine messages that are perceived as threats
  • C. Force encryption on all inbound and outbound emails from your Workspace domain.
  • D. Train end users to mark messages as spam when they see something suspicious.
  • E. Configure spoofing and authentication controls to warn end users about messages that are perceived as threats.

正解:B、E

解説:
Access Admin Console: Go to admin.google.com and sign in with your admin account.
Navigate to Gmail Settings: In the Admin console, go to Apps > Google Workspace > Gmail > Safety.
Configure Spoofing and Authentication Controls:
Set up email authentication policies such as SPF, DKIM, and DMARC to verify incoming emails.
Enable options to quarantine messages that fail authentication checks and are perceived as threats.
Configure warnings for users to alert them about potentially harmful messages.
Create Compliance Rules: Under the Gmail settings, create rules that quarantine suspicious emails and notify users when they receive messages that might be phishing attempts.
Train Users: Educate users on how to recognize phishing attempts and the importance of marking suspicious emails as spam.
By configuring these settings, you enhance the security against phishing attacks by both automatically handling suspected threats and making users aware of potential dangers.
Reference
Protect against spam and phishing with Gmail
Set up email authentication (SPF, DKIM, DMARC)


質問 # 59
HR informs you that a user has been terminated and their account has been suspended. The user is part of a current legal investigation, and HR requires the user's email data to remain on hold. The terminated user's team is actively working on a critical project with files owned by the user. You need to ensure that the terminated user's content is appropriately kept before provisioning their license to a new user.
What two actions should you take? (Choose two.)

  • A. Rename the account to the new user starting next week.
  • B. Move project files to a Team Drive or transfer ownership.
  • C. Assign the terminated user account an Archive User license.
  • D. Delete the account, freeing up a Google Workspace License.
  • E. Extend the legal hold on the user's email data.

正解:B、C

解説:
https://support.google.com/vault/answer/2473591?hl=en


質問 # 60
You are using Google Cloud Directory Sync to manage users. You performed an initial sync of nearly 1,000 mailing lists to Google Groups with Google Cloud Directory Sync and now are planning to manage groups directly from Google. Over half the groups have been configured with incorrect settings, including who can post, who can join, and which groups can have external members. You need to update groups to be configured correctly.
What should you do?

  • A. Use the Groups Settings API to update Google Groups with desired settings.
  • B. Create and assign a custom admin role for all group owners so they can update settings.
  • C. Update your configuration file and resync mailing lists with Google Cloud Directory Sync.
  • D. Use the bulk upload with CSV feature in the Google Workspace Admin panel to update all Groups.

正解:A

解説:
Enable the Groups Settings API:
In the Google Workspace Admin console, enable the Groups Settings API under "Security" > "API controls" > "Manage Domain Wide Delegation".
Authorize API Access:
Set up OAuth 2.0 authorization for your application to access the Groups Settings API.
Update Group Settings Programmatically:
Use the Groups Settings API to programmatically update settings for the Google Groups.
You can set parameters such as who can post, who can join, and external member settings.
Automate and Validate Updates:
Develop scripts or use tools to automate the update process for all groups.
Validate the changes to ensure that all groups have the correct settings as per your requirements.
Reference
Google Workspace Admin Help: Google Groups Settings API
Google Workspace Admin Help: Manage Groups for Business
.


質問 # 61
Your organization has noticed several incidents of accidental oversharing inside the organization.
Specifically, several users have shared sensitive Google Drive items with the entire organization by clicking 'anyone in this group with this link can view'. You have been asked by senior management to help users share more appropriately and also to prevent accidental oversharing to the entire organization. How would you best accomplish this?

  • A. Temporarily disable the Google Drive service for individuals who continually overshare.
  • B. Disable sharing to the entire organization so that users must consciously add every person who needs access.
  • C. Create groups, add users accordingly, and educate users on how to share to specific groups of people.
  • D. Determine sharing boundaries for users that work with sensitive information, and then implement target audiences.

正解:D

解説:
https://support.google.com/a/answer/9934697?hl=en#zippy=:~:text=Why%20use%20target,for%2
0broad%20sharing


質問 # 62
A user named Alice is leaving your organization You need to transfer all of Alice's data from her Drive to Bob's Drive in the most simple and efficient manner possible What should you do?

  • A. Use the Google Takeout service to export Alice's data to a zip file and instruct Bob to import the zip file into his Drive
  • B. Instruct Alice to download all of her files from her Drive and upload them to Bob's Drive
  • C. Use the Google Drive API to programmatically transfer the files from Alice's Drive to Bob's Drive
  • D. Use the Google Admin console to move the files from Alice's Drive to Bob's Drive

正解:D

解説:
To transfer all of Alice's data from her Drive to Bob's Drive in the most simple and efficient manner, follow these steps:
* Sign in to the Google Admin console: Use an account with super administrator privileges.
* Navigate to the Data Transfer tool:
* Go to Apps > Google Workspace > Drive and Docs.
* Click on "Transfer ownership."
* Initiate the transfer:
* Enter Alice's email address as the current owner.
* Enter Bob's email address as the new owner.
* Select the option to transfer all files and folders from Alice's Drive to Bob's Drive.
* Click on "Transfer files" to initiate the process.
* Verify the transfer:
* Once the transfer is complete, confirm that all files and folders are now owned by Bob and accessible in his Drive.
References:
* Google Workspace Admin Help - Transfer Drive files


質問 # 63
A retail company has high employee turnover due to the cyclical nature in the consumer space. The increase in leaked confidential content has created the need for a specific administrative role to monitor ongoing employee security investigations. What step should you take to increase the visibility of such investigations?

  • A. Assign the 'Services Admin' role to an administrator with 'Super Admin' privileges.
  • B. Create a 'Custom Role' and add all the Google Vault privileges for a new administrator.
  • C. Validate that the new administrator has access to Google Vault.
  • D. Create a 'Custom Role' and add the ability to manage Google Vault matters, holds, searches, and exports.

正解:D


質問 # 64
All Human Resources employees at your company are members of the "HR Department" Team Drive. The HR Director wants to enact a new policy to restrict access to the "Employee Compensation" subfolder stored on that Team Drive to a small subset of the team.
What should you do?

  • A. Use the Drive API to modify the permissions of the individual files contained within the subfolder.
  • B. Move the subfolder to the HR Director's MyDrive and share it with the relevant team members.
  • C. Move the contents of the subfolder to a new Team Drive with only the relevant team members.
  • D. Use the Drive API to modify the permissions of the Employee Compensation subfolder.

正解:C

解説:
"Inherited permissions can't be removed from a file or folder in a shared drive". ref: https://developers.google.com/drive/api/v3/manage-sharing


質問 # 65
You are the administrator of a domain that requires iOS mobile device management. What initial steps should be taken to ensure that you can properly manage end-user iOS devices?

  • A. Follow the prompts under "company owned devices," and select "iOS Management." Select the option to "enforce management on iOS devices."
  • B. Configure an Apple Push Certificate, and select "certificate never expires."
  • C. Configure an Apple Push Certificate, and be sure to use a work address that can be accessed in the future.
  • D. In the Admin console, navigate to iOS management, and enable the Apple Push Certificate connector.

正解:C


質問 # 66
You have configured SSO using a third-party IDP with your Google Workspace domain. An end user has reported that they cannot sign in to Google Workspace after their username was changed in the third-party SSO product. They can sign in to their other internal applications that use SSO. and no other users are experiencing issues signing in. What could be causing the sign-in issue?

  • A. The SAML assertion provided by the third-party IDP is presenting a username that conflicts with the current username configured in Google Workspace.
  • B. The SAML assertion is providing the user's previous password attached to their old username.
  • C. The user's Google password was changed administratively, which is causing a sign-in failure.
  • D. The issued certificate for that user has been revoked and must be updated before the user can have another successful sign in.

正解:A


質問 # 67
You need to protect your users from untrusted senders sending encrypted attachments via email. You must ensure that these messages are not delivered to users' mailboxes. What step should be taken?

  • A. Use Google Vault to remove these messages from users mailboxes.
  • B. Enable a safety rule to send these types of messages to spam.
  • C. Use the security center to remove the messages from users' mailboxes
  • D. Enable a safety rule to send these types of messages to a quarantine.

正解:D


質問 # 68
......

最新100%合格率保証付きの素晴らしいGoogle-Workspace-Administrator試験問題PDF:https://jp.fast2test.com/Google-Workspace-Administrator-premium-file.html

実践サンプルと問題集指導には2025年最新のGoogle-Workspace-Administrator有効なテスト問題集:https://drive.google.com/open?id=1XcLLFEnGhs8rIMqX4mR9cNpAxOnF6lfK


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어