A.  

Create separate top-level organizational units for each department.

B.  

Create an Access group for each department. Configure the applicable policies.

C.  

Add all managed users and devices in the top-level organizational unit.

D.  

Create a child organizational unit for each department.

A.  

Create a separate Google Calendar resource for the room. Manually manage booking requests from both teams.

B.  

Create a Google Group for the innovation team and another Google Group for sales directors. Share the room's calendar with both groups.

C.  

Create a Google Calendar event for the room. Share the event with the innovation team and sales directors.

D.  

Edit the Google Calendar settings for the room resource. Adjust the permission settings so only the innovation team and sales director group can view and book time on this calendar.

A.  

Configure the allowed list of apps in the Devices page in the apps and extensions settings.

B.  

Configure the Chrome user setting to require users to sign in to use Chrome apps and extensions.

C.  

Configure the Policy Precedence to override the domain-wide policy applied for apps and extensions.

D.  

Require 2SV for user logins.

A.  

Use a data loss prevention (DLP) solution to control external sharing based on user groups.

B.  

Create separate shared drives for each department with different external sharing settings.

C.  

Create organizational units (OUs) for each department. Configure different external sharing settings for each OU.

D.  

Configure Drive trust rules to restrict the engineering department from sharing externally.

A.  

Change the Mail Exchange (MX) records in your current email domain’s DNS settings to point to Google’s mail servers.

B.  

Set up email forwarding from your on-premises email provider to Gmail.

C.  

Create a content compliance rule to filter and route incoming emails.

D.  

Configure SPF, DKIM, and DMARC records in your current email domain’s DNS settings.

A.  

Disable Google Drive for users in the OU.

B.  

Define location-based access levels. Assign the levels to the Google Drive app for the OU.

C.  

Require 2-step verification (2SV) when users in the OU sign in.

D.  

Define user-based access levels. Assign the levels to the Google Drive app for the OU.

A.  

Add terramearth.com as a primary, secondary, or alias domain in Google Workspace. Update the Mail Exchange (MX) records with your domain registrar to direct mail flow to Google’s mail servers.

B.  

Establish a Transport Layer Security (TLS) connection between your company’s existing mail servers and Google’s mail servers

C.  

Configure an email address in Google Workspace to capture emails sent to unverified domains, including terramearth.com.

D.  

Create a domain alias for terramearth.com in Google Workspace. Configure email forwarding to redirect emails to the new Google Workspace accounts.

A.  

Create a data loss prevention (DLP) rule that uses the predefined credit card number detector, sets the action to “block external sharing”, and enables the “Log event” option.

B.  

Enable Gmail content compliance, and create a rule to block email attachments containing credit card numbers from being sent to external recipients.

C.  

Implement a third-party data loss prevention solution to integrate with Drive and provide advanced content detection capabilities.

D.  

Configure a data retention policy to automatically delete files containing credit card numbers after a specified period.

A.  

Create a folder inside the shared drive. Share the files with the group by using the share function.

B.  

Create a folder inside the shared drive. Share the folder link with the group.

C.  

In the Admin console, assign Contributor access for the shared drive to each user. Assign Content Manager access for the shared drive to the single user.

D.  

In the Admin console, assign Contributor access for the shared drive to the group. Assign Content Manager access for the shared drive to the single user.

A.  

Conduct a Vault search to find this email and identify if additional users were affected.

B.  

Conduct a search to find all emails sent by the sender by using the Gmail API.

C.  

Conduct an Email reports search to find this email and all of the email's recipients.

D.  

Conduct a search in the security investigation tool to find this email, and identify whether additional users were affected.

A.  

Create a Google Group, enable collaborative inbox settings, set posting permissions to “Anyone on the web”, and add the customer support agents as group members.

B.  

Use delegated access for a specific email address that represents the customer support group, and add the customer support team as delegates for that email address.

C.  

Create a Google Group, add the support agents to the group, and set the posting permissions to “Public.”

D.  

Set up an inbox for the customer support team. Provide the login credentials to the customer support team.

A.  

Create a hold in Google Vault that includes all users and data sources associated with the project.

B.  

Assign an Archived User license to all users involved in the project.

C.  

Set up a retention rule in Google Vault that retains all data from Gmail and Drive indefinitely.

D.  

Export all project related data from Google Workspace and store the data in a separate, secure location.

A.  

Enable YouTube for all users in the company. Individually restrict access to Merchant Center for specific Groups or organizational units (OUs).

B.  

Create YouTube and Merchant Center as custom web apps. Apply access policies at the Group or organizational unit (OU) level.

C.  

Contact Google Support and request that they enable YouTube access for the specific set of users and restrict their access to Merchant Center.

D.  

Enable access to YouTube at the Group or organizational unit (OU) level for the subset of users. Disable access to Merchant Center.

A.  

Check the user’s browser settings to ensure that Meet is not blocked.

B.  

Instruct the user to clear their browser’s cache and cookies.

C.  

Restart the user’s computer to refresh their network connection.

D.  

Verify that Meet is enabled as a service for the user’s account in the Admin console.

A.  

Force ephemeral mode in Chrome. Disable offline access for sensitive Workspace apps like Docs, Sheets, and Drive.

B.  

Enable the Manage Guest Session functionality, and set the maximum user session length.

C.  

Force ephemeral mode in Chrome. Allow offline access for all Workspace apps with strict expiration times.

D.  

Disable offline access for all Workspace apps. Enable incognito mode for Chrome browsing sessions.

A.  

Grant the super admin role to a delegate from the security team.

B.  

Create a pre-built reporting role. Assign the role to the security team alias.

C.  

Share the Drive audit log with the security team.

D.  

Create a custom admin role with security center privileges. Assign the role to the individual security team members.

A.  

Open the HAR file in a text editor and delete sensitive information. Upload the HAR file to Google Drive and share the file only with the Google support representative

B.  

Ask the Google support representative for access to a Google Drive folder used by the Google support team. Upload the HAR file.

C.  

Share your screen with the Google support representative so they can view the file without having a copy of the file.

D.  

Upload the HAR file to Google Drive and share the file with the Google support representative.

A.  

Suspend their account in the Admin console.

B.  

Purchase an Archived User license and assign the license to the employee.

C.  

Export the account data by using Takeout, and remove the user license in the Admin console.

D.  

Copy the employee’s emails, and transfer their file ownership to a teammate. Delete the user account.

A.  

Configure the Drive sharing options for the domain to internal only.

B.  

Restrict the Drive sharing options for the domain to allowlisted domains.

C.  

Create a Drive DLP rule, and use the sensitive internal Project name as the detector.

D.  

Turn off the Drive sharing setting from the Team dashboard.

A.  

In the reporting section of the Admin console, review the Gmail, Drive, and Calendar reports.

B.  

In the alert center, review all of the alerts.

C.  

In each individual organizational unit (OU), review the security settings.

D.  

In the Google Admin console, review the security health page.

A.  

Use Google Vault to establish a retention policy for the organizational unit (OU) of the departing employee. Assign the Google Archived User license.

B.  

Instruct the departing employee to share their My Drive folder with the manager before leaving. Delete the Google Workspace account on the departing employee’s last day.

C.  

Download the departing employee’s Drive data by using Google Takeout. Upload the data to the manager’s Drive before deleting the departing employee’s Google Workspace account.

D.  

Transfer ownership of the departing employee’s files to the manager during the user deletion process.

A.  

Set up Transport Layer Security (TLS) compliance for inbound and outbound messages with a list of the banks’ email domains. Validate the TLS connections.

B.  

Configure Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication for your email domains.

C.  

Enable Protect against unauthenticated emails in Gmail Safety.

D.  

Enable confidential mode for Gmail. Instruct employees to use confidential mode when sending messages to the banks.

A.  

Disable password recovery options to prevent unauthorized individuals from accessing user accounts.

B.  

Implement a strong password policy and enable text messages as the 2-Step Verification (2SV) using text messages.

C.  

Enforce the use of physical security keys as the 2-Step Verification (2SV) method for all users.

D.  

Enforce a strong password policy that requires users to include special characters, numbers, and uppercase letters.

A.  

Create an application by using App Engine. Connect the application to your Workspace environment

B.  

Copy the external data to BigQuery. Use a Connected Sheet to interact with the data.

C.  

Create an AppSheet application to connect the different data sources. Set up the mobile application.

D.  

Create an automation process by using Apps Script. Run the process through Google Sheets.

A.  

Enable Gemini for the department’s organizational unit and assign Gemini licenses to users in the department.

B.  

Monitor Gemini adoption through the administrator console and wait for wider user adoption before assigning licenses.

C.  

Enable Gemini for non-licensed users in that department so they have immediate access to the free service.

D.  

Enable Alpha features for the organization and assign Gemini licenses to all users.  

A.  

Purchase and assign Archived User licenses to the former employees.

B.  

Transfer the former employees' files and data to active user accounts. Delete the former employees' Workspace accounts.

C.  

Purchase additional user licenses and suspend the former employees' accounts.

D.  

Move the former employees to their own organizational unit (OU) and disable access to Google services for that OU.

A.  

Assign the trusted employees as moderators for the relevant Chat spaces.

B.  

Create a data loss prevention (DLP) rule that blocks inappropriate content from being shared

C.  

Use the security investigation tool to audit and monitor Chat messages.

D.  

Disable all Chat spaces except those specifically approved by management.