PROFESSIONAL-COLLABORATION-ENGINEER Online Practice Questions and Answers

Your company has an OU that contains your sales team and an OU that contains your market research team. The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties. The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.

What should you do?

A. Create a blocked senders list as the Sales OU that contains the mass email sender addresses, but bypass this setting for Constant Contact emails.

B. Create a blocked senders list at the root level, and then an approved senders list at the Market Research OU, both containing the mass email sender addresses.

C. Create a blocked senders list at the Sales OU that contains the mass email sender addresses.

D. Create an approved senders list at the Market Research OU that contains the mass email sender addresses.

Your organization is part of a highly regulated industry with a very high turnover. In order to recycle licenses for new employees and comply with data retention regulations, it has been determined that certain G Suite data should be stored in a separate backup environment.

How should you store data for this situation?

A. Use routing rules to dual-deliver mail to an on-premises SMTP server and G Suite.

B. Write a script and use G Suite APIs to access and download user data.

C. Use a third-party tool to configure secure backup of G Suite data.

D. Train users to use Google Takeout and store their archives locally.

Your employer, a media and entertainment company, wants to provision G Suite Enterprise accounts on your domain for several world-famous celebrities. Leadership is concerned with ensuring that these VIPs are afforded a high degree of privacy. Only a small group of senior employees must be able to look up contact information and initiate collaboration with the VIPs using G Suite services such as Docs, Chat, and Calendar. You are responsible for configuring to meet these requirements.

What should you do?

A. In the Users list, find the VIPs and turn off the User setting "Directory Sharing."

B. Create a Group for the VIPs and their handlers, and set the Group Access Level to Restricted.

C. In Directory Settings, disable Contact Sharing.

D. Create separate Custom Directories for the VIPs and regular employees.

Your Chief Information Security Officer is concerned about phishing. You implemented 2 Factor Authentication and forced hardware keys as a best practice to prevent such attacks. The CISO is curious as to how many such email phishing attempts you've avoided since putting the 2FA+Hardware Keys in place last month.

Where do you find the information your CISO is interested in seeing?

A. Security > Advanced Security Settings > Phishing Attempts

B. Apps > G Suite > Gmail > Phishing Attempts

C. Security > Dashboard > Spam Filter: Phishing

D. Reporting > Reports > Phishing

Your company has sales offices in Madrid, Tokyo, London, and New York. The outbound email for those offices needs to include the sales person's signature and a compliance footer. The compliance footer needs to say "Should you no longer wish to receive emails about this offer, please reply with UNSUBSCRIBE." You are responsible for making sure that users cannot remove the footer.

What should you do?

A. Send an email to each sales person with the instructions on how to add the footer to their Signature.

B. Ensure that each sales team is in their own OU, and configure the Append Footer with the signature and footer content translated for each locale.

C. Ensure that each sales team is in their own OU, and configure the Append Footer with footer content.

D. Ensure that each sales team is in their own OU, and configure the Append Footer with the footer content translated for each locale.

After migrating to G Suite, your legal team requests access to search all email and create litigation holds for employees who are involved with active litigation. You need to help the legal team meet this request.

What should you do?

A. Add the legal team to the User Management Admin system role.

B. Add the legal team to the Google Vault Google Group.

C. Create a custom role with Google Vault access, and add the legal team.

D. Create a matter in Google Vault, and share with the legal team.

You recently started an engagement with an organization that is also using G Suite. The engagement will involve highly sensitive data, and the data needs to be protected from being shared with unauthorized parties both internally and externally. You need to ensure that this data is properly secured.

Which configuration should you implement?

A. Turn on external sharing with whitelisted domains, and add the external organization to the whitelist.

B. Provision accounts within your domain for the external users, and turn off external sharing for that Org.

C. Configure the Drive DLP rules to prevent the sharing of PII and PHI outside of your domain.

D. Create a Team Drive for this engagement, and limit the memberships and sharing settings.

HR informs you that a user has been terminated and their account has been suspended. The user is part of a current legal investigation, and HR requires the user's email data to remain on hold. The terminated user's team is actively working on a critical project with files owned by the user. You need to ensure that the terminated user's content is appropriately kept before provisioning their license to a new user.

What two actions should you take? (Choose two.)

A. Extend the legal hold on the user's email data.

B. Move project files to a Team Drive or transfer ownership.

C. Rename the account to the new user starting next week.

D. Delete the account, freeing up a G Suite License.

E. Assign the terminated user account an Archive User license.

The application development team has come to you requesting that a new, internal, domain-owned G Suite app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.

What should you do?

A. Enable all API access for Google Drive.

B. Enable "trust domain owned apps" setting.

C. Add OAuth Client ID to Google Drive Trusted List.

D. Whitelist the app in the G Suite Marketplace.

Several customers have reported receiving fake collection notices from your company. The emails were received from [email protected], which is the valid address used by your accounting department for such matters, but the email audit log does not show the emails in question. You need to stop these emails from being sent.

What two actions should you take? (Choose two.)

A. Change the password for suspected compromised account [email protected].

B. Configure a Sender Policy Framework (SPF) record for your domain.

C. Configure Domain Keys Identified Mail (DKIM) to authenticate email.

D. Disable mail delegation for the [email protected] account.

E. Disable "Allow users to automatically forward incoming email to another address."

Your-company.com finance departments want to create an internal application that needs to read data from spreadsheets. As the collaboration engineer, you suggest using App Maker. The Finance team is concerned about data security when creating applications with App Maker.

What security measures should you implement to secure data?

A. Use Roles, Script, and Owner access permissions for operations on records and data relations.

B. Enable App Maker access only for the Finance department Organization Unit.

C. Use a service account with limited permissions to access each data source.

D. Change owner access permissions to allow internal usage only.

Your company recently decided to use a cloud-based ticketing system for your customer care needs. You are tasked with rerouting email coming into your customer care address, [email protected] to the cloud platform's email address, [email protected]. As a security measure, you have mail forwarding disabled at the domain level.

What should you do?

A. Create a mail contact in the G Suite directory that has an email address of [email protected]

B. Create a rule to forward mail in the [email protected] mailbox to [email protected]

C. Create a recipient map in the G Suite Admin console that maps [email protected] to [email protected]

D. Create a content compliance rule in the G Suite Admin console to change route to [email protected]

Your company has just received a shipment of ten Chromebooks to be deployed across the company, four of which will be used by remote employees. In order to prepare them for use, you need to register them in G Suite.

What should you do?

A. Turn on the Chromebook and press Ctrl+Alt+E at the login screen to begin enterprise enrollment.

B. In Chrome Management | Device Settings, enable Forced Re-enrollment for all devices.

C. Turn on the chromebook and log in as a Chrome Device admin. Press Ctrl+Alt+E to begin enterprise enrollment.

D. Instruct the employees to log in to the Chromebook. Upon login, the auto enrollment process will begin.

The organization has conducted and completed Security Awareness Training (SAT) for all employees. As part of a new security policy, employees who did not complete the SAT have had their accounts suspended. The CTO has requested to be informed of any accounts that have been re-enabled to ensure no one is in violation of the new security policy.

What should you do?

A. Enable "Suspicious login" rule - Other Recipients: CTO

B. Enable "Suspended user made active" rule - Other Recipients: CTO

C. Enable "Email settings changed" rule - -Other Recipients: CTO

D. Enable "Suspended user made active" rule and select "Deliver to" Super Administrator(s)

You have just deployed DMARC to the your-company.com domain. The next day, you start receiving reports that some automated mail from one of your vendors, sending as you, is not being delivered to its recipients. You need to maintain secure email best practices.

You received the following SPF, DKIM and DMARC records:

v=spf1 a mx ip4 64.233.167.99 include:_spf.google.com –all

v=DKIM1;p=MIGfMA0GCSqGSlb3DQEBAQUAA4GNADCBiQKBgQDelhtCv3vUinyhKiKtZ8efjHGGo8gE1T +o7gLrvo6yRtdz9lCe6Fz5sgz0WYFW5nCV4DmaTcS

v=DMARC1;p=rekect;rua=mailto:[email protected] ruf=mailto:[email protected]; fo=1

You need to enable your vendor to resume sending mail on your behalf.

What should you do?

A. Change your DMARC record from p=reject to p=none.

B. Change your SPF record from –all to ~all.

C. Add the vendors mail servers to your SPF record.

D. Instruct your vendor to set up your DKIM signature on their systems.