Google-Workspace-Administrator Exam Dumps - Google Cloud Certified - Professional Google Workspace Administrator

To restrict access to the "Employee Compensation" subfolder within a Team Drive (now known as a shared drive), you should move the contents to a new shared drive with restricted membership.

Current Setup: All HR employees have access to the "HR Department" Team Drive, but only a subset should access the "Employee Compensation" subfolder.

New Shared Drive:

Create a New Shared Drive: This shared drive will be specifically for sensitive documents like employee compensation.

Move Contents: Transfer the files and folders from the "Employee Compensation" subfolder to this new shared drive.

Manage Membership: Add only the relevant team members to this new shared drive, ensuring that only authorized personnel can access the sensitive information.

Steps:

In the Google Admin console, navigate to Drive and Docs > Manage shared drives.

Create a new shared drive and name it appropriately.

Move the necessary files and folders into this new shared drive.

Set the membership and permissions to include only the relevant users.

References:

Manage shared drives

Control access to files and folders in shared drives

To identify whether the Google Voice issues are affecting just your organization or if it's a global issue, follow these steps:

Check the Google Workspace Status Dashboard:

Go to the Google Workspace Status Dashboard.

Look for any reported outages or issues specifically for Google Voice.

The status dashboard provides real-time information on service availability and any ongoing issues affecting Google Workspace services.

References:

Google Workspace Status Dashboard

To export data for a large number of users efficiently, follow these steps:

Contact Google Cloud Support: Since your organization has more than 1,000 users, you need to request access to the Data Export tool. This tool is not automatically available for large domains.

Enable the Data Export tool: Google Cloud Support will enable the tool for your organization.

Use the Data Export tool:

Once enabled, sign in to the Google Admin console with super administrator privileges.

Navigate to the Data Export tool under Tools.

Initiate the export process, selecting the data for the 1,200 users.

Manage the exported data: After the export is complete, review the data and remove any unnecessary user data to streamline the results.

References:

Google Workspace Admin Help - Data Export

Google Workspace Admin Help - Contact support

Create a Configuration Group:

Navigate to the Google Admin console.

Go to Directory > Groups.

Click "Create Group" and enter the group details.

Add the approved users from the marketing and sales teams as members of this group.

Enable External Sharing for the Group:

Go to Apps > Google Workspace > Drive and Docs > Sharing settings.

Scroll down to "Sharing options for specific groups".

Select the newly created group.

Enable external sharing for this group.

Save the changes.

This ensures that only the specified users can share documents externally, while the rest of the organization remains restricted.

References

Google Workspace Admin Help: Share Drive and Docs with Specific Groups

Update Active Directory: Since your organization syncs directory data from Active Directory to Google Workspace, any changes to user data need to be made in Active Directory first.

Change Primary Email in AD: Change the user's primary email address in Active Directory. This will ensure that the new email address is synchronized with Google Workspace.

Change Last Name in AD: Similarly, change the user's last name in Active Directory. This ensures the updated name is synchronized correctly.

Sync Changes: Wait for the next synchronization cycle of Google Cloud Directory Sync (GCDS) to update the changes in Google Workspace.

Verify Changes in Google Workspace: After the sync is complete, verify that the changes to the user's email address and last name have been successfully updated in Google Workspace.

References

Google Support: Google Cloud Directory Sync

To audit if user1@example.com has shared any sensitive documents outside the organization, use the Security Investigation Tool in the Google Admin console. This tool allows administrators to investigate and take action on security issues within the organization.

Open Security Investigation Tool:

Go to the Google Admin console.

Navigate to Security > Investigation tool.

Set Conditions in Drive Log Events:

In the Investigation Tool, select the data source as "Drive Log Events".

Add the following conditions:

Visibility Is External: This filters the events to show only documents that have been shared externally.

Actor Is user1@example.com: This specifies that the actions performed by the user1@example.com should be displayed.

Run the Investigation:

Click on “Search” to run the investigation with the specified conditions.

Review the results to identify any documents that have been shared externally by the user.

Remediate:

For any documents that were shared inappropriately, you can take corrective actions such as changing permissions or removing external sharing.

References:

Security Investigation Tool

Audit Drive log events

Access Admin Console: Go to admin.google.com and sign in with your admin account.

Navigate to Reports: In the Admin console, go to Reports > Audit > Login.

Review Login Activity: Look for any unusual or suspicious login attempts, such as logins from unknown IP addresses or locations.

Investigate Further:

Check the user’s activity for any signs of unauthorized access or unusual behavior.

Use the Security Audit Log to find more details about the login attempts and other security events.

Take Appropriate Actions:

If unauthorized activity is confirmed, consider resetting the user’s password and enabling two-factor authentication (2FA).

Notify the user and possibly suspend the account if the threat level is high until the issue is resolved.

By investigating the login and security logs, you can identify and mitigate potential security threats effectively.

References

View and analyze security reports and logs

Audit and investigation page

Create Calendar Resources:

In the Google Workspace Admin console, navigate to "Directory" > "Buildings and resources" > "Manage resources".

Create new resources for each executive office and name them appropriately.

Deploy Hangouts Meet Hardware Kits:

Set up the Hangouts Meet Hardware Kits in each executive office.

Connect the hardware kits to the network and ensure they are configured correctly.

Associate Meet Hardware with Room Calendars:

Link each Hangouts Meet Hardware Kit to the corresponding room calendar resource.

This allows meetings scheduled in the room to automatically connect to the Meet hardware.

Set Up and Test:

Ensure that the hardware is functioning correctly by testing video conferences.

Train executives on how to use the dedicated equipment for joining Meet video conferences.

References

Google Workspace Admin Help: Manage buildings and resources

Google Workspace: Hangouts Meet hardware setup