Deck 17: Professional Collaboration Engineer

A) Obtain the message header and analyze using G Suite Toolbox.
B) Review the contents of the messages in Google Vault.
C) Set up a Gmail routing rule to whitelist the sender.
D) Conduct an Email log search to trace the message route.
E) Validate that your domain is not on the Spamhaus blacklist.

A) Use the bulk upload with CSV feature in the G Suite Admin panel to update all Groups.
B) Update your configuration file and resync mailing lists with Google Cloud Directory Sync.
C) Create and assign a custom admin role for all group owners so they can update settings.
D) Use the Groups Settings API to update Google Groups with desired settings.

A) Contact Google Enterprise Support to provide a list of all accounts on your domain(s) that access non-G Suite Google services and have them blocked.
B) Use the Transfer Tool for Unmanaged Accounts to send requests to the former users to transfer their account to your domain as a managed account.
C) Provide a list of all active employees to the managers of your company's Analytics, AdSense, etc. accounts, so they can clean up the respective access control lists.
D) Provision former user accounts with Cloud Identity licenses, generate a new Google password, and place them in an OU with all G Suite and Other Google Services disabled.

A) Randomly scatter auto-updates.
B) Update over cellular.
C) Disable Auto update.
D) Throttle the bandwidth.

A) Verify the NameID Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.
B) Verify the Audience Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.
C) Verify the Subject attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.
D) Verify the Recipient attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.

A) For the Finance OU, enable the third-party app in SAML apps.
B) For the Finance OU, enable the third-party app in Marketplace Apps.
C) At the root level, disable the third-party app. For the Finance OU, allow users to install any application from the G Suite Marketplace.
D) At the root level, disable the third-party app. For the Finance OU, allow users to install only whitelisted apps from the G Suite Marketplace.

A) Setup address forwarding in each account's GMail setting menu.
B) Set up recipient address mapping in GMail Advanced Settings.
C) Configure an Inbound Gateway route.
D) Give the manager delegated access to the mailboxes.

A) In the Admin Console, select the devices in Meeting Room Hardware, select Call, and Enter the meeting code.
B) Room participants will need to start the meeting from the remote in the room.
C) By adding the rooms to the Calendar invite, they will all auto-join at the scheduled time.
D) Select Add Live Stream to the Calendar invite; all rooms added to the event will auto-join at the scheduled time.

A) Company Profile > Profile > New User Features > Enable "Scheduled Release"
B) Apps > G Suite > Gmail > Uncheck "Enable Gmail Labs for my users"
C) Company Profile > Profile > New User Features > Enable "Rapid Release"
D) Device Management > Chrome > Device Settings > Stop auto-updates

A) Change Enrollment Permissions to only allow users in this organization to re-enroll existing devices.
B) Change Enrollment Controls to Place Chrome device in user organization.
C) Change Enrollment Controls to Keep Chrome device in current location.
D) Change Enrolment Permissions to not allow users in this organization to enroll new devices.

A) From the Admin Console Billing Menu, turn off auto-assign, and then click into Assigned Users and export the data to Sheets.
B) From the Admin Console Users Menu, download a list of all Users to Google Sheets, and join that with a list of ORGIDs pulled from the Reports API.
C) From the G Suite Reports Menu, run and download the Accounts Aggregate report, and export the data to Google Sheets.
D) From the Admin Console Users Menu, download a list of all user info columns and currently selected columns.

A) Enable all API access for Google Drive.
B) Enable "trust domain owned apps" setting.
C) Add OAuth Client ID to Google Drive Trusted List.
D) Whitelist the app in the G Suite Marketplace.

A) Create a blocked senders list as the Sales OU that contains the mass email sender addresses, but bypass this setting for Constant Contact emails.
B) Create a blocked senders list at the root level, and then an approved senders list at the Market Research OU, both containing the mass email sender addresses.
C) Create a blocked senders list at the Sales OU that contains the mass email sender addresses.
D) Create an approved senders list at the Market Research OU that contains the mass email sender addresses.

A) Using Vault, perform a search for the email and export the content to a standard format to provide for investigation.
B) Using the Gmail Audit log, perform a search for the email, export the results, then import with G Suite Migration for Microsoft Outlook.
C) Using the Message ID, contact Google G Suite support to recover the email, then import with G Suite Migration for Microsoft Outlook.
D) Using the Vault Audit log, perform a search for the email, export the results. then import with G Suite Migration for Microsoft Outlook.

A) Admin audit log
B) SAML audit log
C) Drive usage audit log
D) OAuth Token audit log

A) Move the user to their own Organization Unit, and set a custom retention policy
B) Create a matter using Google Vault, and share the matter with the litigation team members.
C) Create a hold on the user's mailbox in Google Vault
D) Reset the user's password, and share the new password with the litigation team.
E) Copy the user's data to a secondary account.

A) Create a new OU and tum on the rapid release track just for this OU.
B) Create a new Google Group with test users and enable the rapid release track.
C) Establish a separate Dev environment, and set it to rapid release.
D) Ask Google for a demo account with beta access to the new features.

A) Export log data to BigQuery with custom scopes.
B) Use a third-party tool.
C) Use App Script and filter views within a Google Sheet.
D) Create an app using AppMaker and App Script.

A) Use the Data Export Tool to export admin audit data to your existing SIEM system
B) Use Apps Script and the Reports API to export admin audit data to your existing SIEM system.
C) Use Apps Script and the Reports API to export drive audit data to the existing SIEM system
D) Use the BigQuery export to send admin audit data to the existing SIEM system via custom code
E) Use the BigQuery export to send drive audit data to the existing SIEM system via custom code.

A) Review the authorized applications for each user via the G Suite Admin panel.
B) Create a survey via Google forms, and collect the application data from users.
C) Review the token audit log, and compile a list of all the applications and their scopes.
D) Review the API permissions installed apps list, and export the list.

A) Service provider logout URL
B) Service provider ACS URL
C) Identity Provider URL
D) Service provider certificate

A) Create a report using the OAuth Token Audit Activity logs.
B) Create a report using the Calendar Audit Activity logs.
C) Create a report using the Drive Audit Activity logs.
D) Create a reporting using the API Permissions logs for Installed Apps.

A) Disable access to all "Other Services" in the G Suite Admin Console.
B) Use the Transfer Tool for unmanaged accounts to invite users into the domain.
C) Use the Data Migration Service to transfer the data to a managed account.
D) Open a support ticket to have Google transfer unmanaged accounts into your domain.

A) Enable "Suspicious login" rule - Other Recipients: CTO
B) Enable "Suspended user made active" rule - Other Recipients: CTO
C) Enable "Email settings changed" rule - -Other Recipients: CTO
D) Enable "Suspended user made active" rule and select "Deliver to" Super Administrator(s)

A) Disable Guest Mode and Public Sessions.
B) Enable a Device Policy of Sign In Screen and add the employee email address.
C) Enroll a 2-Factor hardware key on the device using the employee email address.
D) Enable a User Policy of Multiple Sign In Access and add just the employee email address.
E) Enable a Device Policy of Restrict Sign In to List of Users, and add the employee email address.

A) Use routing rules to dual-deliver mail to an on-premises SMTP server and Google Worspace.
B) Write a script and use Google Worspace APIs to access and download user data.
C) Use a third-party tool to configure secure backup of Google Worspace data.
D) Train users to use Google Takeout and store their archives locally.

A) Create a custom Apps Script to reset passwords.
B) Use a third-party tool for password recovery.
C) Enable non-admin password recovery.
D) Create a Google form to submit reset requests.

A) Some of your Active Directory groups have sensitive group membership.
B) Some of the Active Directory groups do not have owners.
C) Some of the Active Directory groups have members external to organization.
D) Some of the Active Directory groups do not have email addresses.

A) Add the user's old email address to their account in the G Suite Admin panel.
B) Change the user's primary email address in the G Suite Admin panel.
C) Change the user's last name in the G Suite Admin panel.
D) Change the user's primary email in Active Directory.
E) Change the user's last name in Active Directory.

A) Configure objectionable content to reject messages with the words "wire transfer."
B) Verify that DMARC, DKIM, and SPF records are configured correctly for your domain.
C) Create a rule requiring secure transport for all messages regarding wire transfers.
D) Add the sender of the wire transfer email to the blocked senders list.
E) Enable all admin settings in Gmail's safety > spoofing and authentication.

A) Use the Drive API to modify the permissions of the Employee Compensation subfolder.
B) Use the Drive API to modify the permissions of the individual files contained within the subfolder.
C) Move the contents of the subfolder to a new Team Drive with only the relevant team members.
D) Move the subfolder to the HR Director's MyDrive and share it with the relevant team members.

A) Access the Security Menu> API Reference > disable all API Access.
B) Access the Security Menu > API Permissions > choose Drive and Disable All Access.
C) Access the Security Menu > API Permissions > choose Drive and Disable High Risk Access.
D) Access Apps > G Suite > Drive and Docs > Sharing Settings and disable sharing outside of your domain

A) Turn on the Chromebook and press Ctrl+Alt+E at the login screen to begin enterprise enrollment.
B) In Chrome Management | Device Settings, enable Forced Re-enrollment for all devices.
C) Turn on the chromebook and log in as a Chrome Device admin. Press Ctrl+Alt+E to begin enterprise enrollment.
D) Instruct the employees to log in to the Chromebook. Upon login, the auto enrollment process will begin.

A) Select User A in the Directory, and under the Apps section, check whether Drive and Docs is disabled. If so, enable it in the User record.
B) In Apps > G Suite > Drive and Docs, select the organizational unit the users are in and enable Drive for the organizational unit.
C) In Apps > G Suite, determine the Group that has Drive and Docs enabled as a service. Add User A to this group.
D) Select User A in the Directory, and under the Licenses section, change their license from Basic to Business to add the Drive and Docs service.

A) Create a mail contact in the G Suite directory that has an email address of your-company@cloudprovider.com
B) Create a rule to forward mail in the customercare@your-company.com mailbox to your-company@cloudprovider.com
C) Create a recipient map in the G Suite Admin console that maps customercare@your-company.com to your-company@cloudprovider.com
D) Create a content compliance rule in the G Suite Admin console to change route to your-company@cloudprovider.com

A) Review who has viewed files using the Google Drive Activity Dashboard.
B) Create an alert from Drive Audit reports to notify of external file sharing.
C) Review total external sharing in the Aggregate Reports section.
D) Create a custom Dashboard for external sharing in the Security Investigation Tool.
E) Automatically block external sharing using DLP rules.

A) Review post-delivery activity in the Email logs.
B) Review user-reported spam in the Investigation Tool.
C) Review spike in user-reported spam in the Alert center.
D) Review post-delivery activity in the BigQuery Export.

A) Use Google Guides to deliver ad-hoc training to all of their co-workers and reports.
B) Use Work Insights to gather adoption metrics and target your training exercises.
C) Use Reports APIs to gather adoption metrics and Gmail APIs to deliver training content directly.
D) Use a script to monitor Email attachment types and target users that aren't using Drive sharing.

A) In the Application Management menu, configure the whitelist of apps that Android and iOS devices are allowed to install.
B) In the Application Management menu, configure the whitelist of apps that Android, iOS devices, and Active Sync devices are allowed to install.
C) In Android Settings, ensure that "Allow non-Play Store apps from unknown sources installation" is unchecked.
D) In Device Management > Setup > Device Approvals menu, configure the "Requires Admin approval" option.

A) Turn on password expiration.
B) Enforce 2FA with a physical security key.
C) Use a third-party identity provider.
D) Enforce 2FA with Google Authenticator app.

A) Company Profile > Profile > New User Features > Enable "Scheduled Release"
B) Apps > Google Workspace > Gmail > Uncheck "Enable Gmail Labs for my users"
C) Company Profile > Profile > New User Features > Enable "Rapid Release"
D) Device Management > Chrome > Device Settings > Stop auto-updates

A) For the Finance OU, enable the third-party app in SAML apps.
B) For the Finance OU, enable the third-party app in Marketplace Apps.
C) At the root level, disable the third-party app. For the Finance OU, allow users to install any application from the Google Workspace Marketplace.
D) At the root level, disable the third-party app. For the Finance OU, allow users to install only whitelisted apps from the Google Workspace Marketplace.

A) Educate users on creating personal contacts for the Partner Employees.
B) Add a secondary domain for the Partner Company and create user entries for each Partner user.
C) Create shared contacts in the Directory using the Directory API.
D) Create shared contacts in the Directory using the Domain Shared Contacts API.

A) Ask the user to send an email to you so you can check the headers.
B) Record a HAR file of the user composing a new email.
C) Take screenshots of the user's screen when composing an email.
D) Use the Email log search in the Admin panel.
E) Check the Users > App Users Activity report.

A) Mac OS
B) Windows
C) Chrome OS
D) iOS
E) Linux

A) In the Users list, find the VIPs and turn off the User setting "Directory Sharing."
B) Create a Group for the VIPs and their handlers, and set the Group Access Level to Restricted.
C) In Directory Settings, disable Contact Sharing.
D) Create separate Custom Directories for the VIPs and regular employees.

A) Turn on external sharing with whitelisted domains, and add the external organization to the whitelist.
B) Provision accounts within your domain for the external users, and turn off external sharing for that Org.
C) Configure the Drive DLP rules to prevent the sharing of PII and PHI outside of your domain.
D) Create a Team Drive for this engagement, and limit the memberships and sharing settings.

A) Use the Data Export Tool to export admin audit data to your existing SIEM system
B) Use Apps Script and the Reports API to export admin audit data to your existing SIEM system.
C) Use Apps Script and the Reports API to export drive audit data to the existing SIEM system
D) Use the BigQuery export to send admin audit data to the existing SIEM system via custom code
E) Use the BigQuery export to send drive audit data to the existing SIEM system via custom code.

A) Configure a Google Group as an email list.
B) Delegate email access to department employees.
C) Configure a Google Group as a collaborative inbox.
D) Configure a Google Group, and set the Access Level to Announcement Only.

A) Send an email to each sales person with the instructions on how to add the footer to their Signature.
B) Ensure that each sales team is in their own OU, and configure the Append Footer with the signature and footer content translated for each locale.
C) Ensure that each sales team is in their own OU, and configure the Append Footer with footer content.
D) Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.

A) Set up a Token audit log event alert.
B) Set up an Admin audit log event alert.
C) Set up an email settings changed alert.
D) Set up a suspicious login event alert.

A) Obtain the message header and analyze using Google Workspace Toolbox.
B) Review the contents of the messages in Google Vault.
C) Set up a Gmail routing rule to whitelist the sender.
D) Conduct an Email log search to trace the message route.
E) Validate that your domain is not on the Spamhaus blacklist.

A) Name the rule > select Outbound and Internal Sending > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject.
B) Name the rule > select Outbound > select If ANY of the following match > add two expressions: one for Simple Content Match to find AccNo, and one for predefined content match to select Credit Card Numbers > choose Reject
C) Name the rule > select Outbound and Internal Sending > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.
D) Name the rule > select Outbound > select If ALL of the following match > add two expressions: one for Advanced Content Match to find AccNo in the Body, and one for predefined content match to select Credit Card Numbers > choose Reject.

A) Create a new OU and tum on the rapid release track just for this OU.
B) Create a new Google Group with test users and enable the rapid release track.
C) Establish a separate Dev environment, and set it to rapid release.
D) Ask Google for a demo account with beta access to the new features.

A) Use the Directory API to upload a .csv file containing the contacts.
B) Configure GCDS to populate a Group with external members.
C) Use the People API to upload a .csv file containing the contacts.
D) Develop a custom application to call the Domain Shared Contacts API.
E) Configure GCDS to synchronize shared contacts.

A) Install Google Cloud Directory Sync on all Domain Controllers.
B) Install Google Workspace Sync for Microsoft Outlook on all employees' computers.
C) Install Google Cloud Directory Sync on a supported server.
D) Install Google Apps Manager to automate add-user scripts.

A) Add the legal team to the User Management Admin system role.
B) Add the legal team to the Google Vault Google Group.
C) Create a custom role with Google Vault access, and add the legal team.
D) Create a matter in Google Vault, and share with the legal team.

A) Apps > add SAML apps to your domain.
B) Reconfigure user provisioning via Google Cloud Directory Sync.
C) Replace the third-party IDP verification certificate.
D) Disable SSO with third party IDP.
E) Enable API Permissions for Google Cloud Platform.

A) Whitelist Trusted Apps
B) Disable the Drive SDK
C) Restrict API scopes
D) Disable add-ons for Gmail
E) Whitelist Google Workspace Marketplace apps

A) Change your DMARC record from p=reject to p=none.
B) Change your SPF record from -all to ~all.
C) Add the vendors mail servers to your SPF record.
D) Instruct your vendor to set up your DKIM signature on their systems.

A) Create a Matter and a Hold. Set the Hold to Gmail, set it to the top level Organization, and set the search terms to "secret project 123." Create a second Hold. Set the second Hold to Gmail, set it to Accounts, and enter: user1 @your-company.com, user2@your-company.com. Save.
B) Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and set the usernames to: user1@your-company.com, user2@your-company. Set the search terms to: (secret project 123). Save.
C) Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and enter: user1@your-company.com AND user2@your-company.com. Set the search terms to: secret AND project AND 123. Save.
D) Create a Matter and a Hold. Set the Hold to Gmail, set it to Accounts, and set the usernames to: user1@your-company.com, user2@your-company. Set the search terms to secret OR project OR 123. Save.

A) Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
B) Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check "Encrypt message if not encrypted".
C) Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
D) Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check "Change route" to send to your third-party encryption provider to encrypt.

A) Download the Google Workspace roadmap, and work together with a deployment specialist for new features.
B) Create a support ticket for the Google Workspace roadmap, and ask to enable the latest release of G Suite.
C) Subscribe to the Google Workspace release calendar, and Join the Google Cloud Connect Community.
D) Change Google Workspace release track to: Rapid Release for faster access to new features.

A) Create a Google Group that has the two auditors as members, and then create a Drive DLP Rule that is assigned to that Group.
B) Create a Content Compliance rule that looks for outbound share notifications from those two users, and Bcc the Director on those emails.
C) Create two Drive Audit Alerts, one for each user, where the Visibility is "Shared Externally," and email them to the Director.
D) Check the Admin Console Dashboard Insights page periodically for external shares, and notify the Director of any changes.

A) Change the password for suspected compromised account accounts.receivable@yourcompany.com.
B) Configure a Sender Policy Framework (SPF) record for your domain.
C) Configure Domain Keys Identified Mail (DKIM) to authenticate email.
D) Disable mail delegation for the accounts.receivable@yourcompany.com account.
E) Disable "Allow users to automatically forward incoming email to another address."

A) Enable all API access for Google Drive.
B) Enable "trust domain owned apps" setting.
C) Add OAuth Client ID to Google Drive Trusted List.
D) Whitelist the app in the Google Workspace Marketplace.

A) Move the Senior VP to a sub-OU before enabling Marketplace Settings > "Allow Users to Install Any App from G Suite Marketplace."
B) Confirm that the Senior VP's OU has the following Gmail setting disabled before whitelisting the app: "Let users delegate access to their mailbox."
C) Add the Marketplace app, then review the authorized scopes in Security > Manage API client access.
D) Search the G Suite support forum for feedback about the app to include in the risk analysis report.

A) Extend the legal hold on the user's email data.
B) Move project files to a Shared Drive or transfer ownership.
C) Rename the account to the new user starting next week.
D) Delete the account, freeing up a Google Workspace License.
E) Assign the terminated user account an Archive User license.

A) Use Roles, Script, and Owner access permissions for operations on records and data relations.
B) Enable App Maker access only for the Finance department Organization Unit.
C) Use a service account with limited permissions to access each data source.
D) Change owner access permissions to allow internal usage only.

A) The Apps Script will need to run as a Google Workspace admin.
B) You will need a Cloud SQL instance to store "G-Team' data.
C) The Google Form will need to be limited to internal users only.
D) The Apps Script will need to run on a timed interval to process new entries.
E) The Google Form will need to enforce Group naming conventions.