Google Professional-Collaboration-Engineer 問題集

質問 1：
A member of your security team is in the Google Admin Console examining the Security Dashboards. In the hat does external file sharing look like for the domain??chart, they notice a large spike in file Share Events.?
When they click into View Report,?they notice that the spike can be attributed to xternal Sharing,?and they want to understand more and be able to quickly take action in case this is a malicious exposure.
What should you do?
A. In Apps>GSuite>Drive and Docs>Sharing Settings, change Sharing Options to for outside the domain.
B. In the Report, unclick all file visibility except xternal,?click on the New Investigation icon, and then use Search to display all externally shared files for that dashboard.
C. In Reports, go to Security and create a filter to find users with External Shares greater than 1.
D. Go to Reports>Audit>Drive, select tem Visibility Change,?change it to nternal to External,?and click Search.
正解：B

質問 2：
Your company uses a whitelisting approach to manage third-party apps and add-ons. The Senior VP of Sales & Marketing has urgently requested access to a new Marketplace app that has not previously been vetted. The company's Information Security policy empowers you, as a G Suite admin, to grant provisional access immediately if all of the following conditions are met:
- Access to the app is restricted to specific individuals by request
only.
- The app does not have the ability to read or manage emails.
- Immediate notice is given to the Infosec team, followed by the
submission of a security risk analysis report within 14 days.
Which actions should you take first to ensure that you are compliant with Infosec policy?
A. Add the Marketplace app, then review the authorized scopes in Security > Manage API client access.
B. Confirm that the Senior VP's OU has the following Gmail setting disabled before whitelisting the app:
"Let users delegate access to their mailbox."
C. Search the G Suite support forum for feedback about the app to include in the risk analysis report.
D. Move the Senior VP to a sub-OU before enabling Marketplace Settings > "Allow Users to Install Any App from G Suite Marketplace."
正解：D

質問 3：
Your chief compliance officer is concerned about API access to organization data across different cloud vendors. He has tasked you with compiling a list of applications that have API access to G Suite data, the data they have access to, and the number of users who are using the applications.
How should you compile the data being requested?
A. Review the token audit log, and compile a list of all the applications and their scopes.
B. Review the authorized applications for each user via the G Suite Admin panel.
C. Create a survey via Google forms, and collect the application data from users.
D. Review the API permissions installed apps list, and export the list.
正解：B

質問 4：
The executive team for your company has an extended retention policy of two years in place so that they have access to email for a longer period of time. Your COO has found this useful in the past but when they went to find an email from last year to prove details of a contract in dispute, they were unable to find it. It is no longer in the Trash. They have requested that you recover it.
What should you do?
A. Using the Gmail Audit log, perform a search for the email, export the results, then import with G Suite Migration for Microsoft Outlook.
B. Using the Vault Audit log, perform a search for the email, export the results. then import with G Suite Migration for Microsoft Outlook.
C. Using the Message ID, contact Google G Suite support to recover the email, then import with G Suite Migration for Microsoft Outlook.
D. Using Vault, perform a search for the email and export the content to a standard format to provide for investigation.
正解：D

質問 5：
The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.
What two actions should you take? (Choose two.)
A. Obtain the message header and analyze using G Suite Toolbox.
B. Review the contents of the messages in Google Vault.
C. Conduct an Email log search to trace the message route.
D. Validate that your domain is not on the Spamhaus blacklist.
E. Set up a Gmail routing rule to whitelist the sender.
正解：A,E

質問 6：
Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third- party encryption provider. You are responsible for configuring to meet this request.
What should you do?
A. Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check "Encrypt message if not encrypted".
B. Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check "Change route" to send to your third-party encryption provider to encrypt.
C. Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
D. Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
正解：B

質問 7：
Your client is a multinational company with a single email domain. The client has compliance requirements and policies that vary by country. You need to configure the environment so that each country has their own administrator and no administrator can manage another country.
What should you do?
A. Create a Team Drive per OU, and allow only country-specific administration of each folder.
B. Establish a new GSuite tenant with their own admin for each region.
C. Create Admin Alerts, and use the Security Center to audit whether admins manage countries other than their own.
D. Create an OU for each country. Create an admin role and assign an admin with that role per OU.
正解：D

質問 8：
Your company works regularly with a partner. Your employees regularly send emails to your partner's employees. You want to ensure that the Partner contact information available to your employees will allow them to easily select Partner names and reduce sending errors.
What should you do?
A. Create shared contacts in the Directory using the Directory API.
B. Create shared contacts in the Directory using the Domain Shared Contacts API.
C. Educate users on creating personal contacts for the Partner Employees.
D. Add a secondary domain for the Partner Company and create user entries for each Partner user.
正解：B

質問 9：
In your organization, users have been provisioned with either G Suite Enterprise, G Suite Business, or no license, depending on their job duties, and the cost of user licenses is paid out of each division's budget. In order to effectively manage the license disposition, team leaders require the ability to look up the type of license that is currently assigned, along with the last logon date, for their direct reports.
You have been tasked with recommending a solution to the Director of IT, and have gathered the following requirements:
- Team leaders must be able to retrieve this data on their own (i.e.,
self-service).
- Team leaders are not permitted to have any level of administrative
access to the G Suite Admin panel.
- Team leaders must only be able to look up data for their direct
reports.
- The data must always be current to within 1 week.
- Costs must be mitigated.
What approach should you recommend?
A. Use App Script and filter views within a Google Sheet.
B. Export log data to BigQuery with custom scopes.
C. Create an app using AppMaker and App Script.
D. Use a third-party tool.
正解：A