Your default Vault retention policy for Gmail is set to 365 days Your legal department has just informed you that emails sent and received by the customer support department are sensitive and must be retained for only 30 days You must enforce this new retention policy in the simplest way What should you do?
Step by Step Comprehensive Detailed Explanation:
Access Google Vault: Sign in to Google Vault.
Retention Policies: Navigate to 'Retention' from the side menu.
Create New Retention Rule: Click on 'Create retention rule.'
Set Duration: Set the retention period to 30 days.
Apply to OU: Apply this retention rule specifically to the organizational unit (OU) for the customer support department.
Exclude Default Rule: Ensure that this custom rule overrides the default 365-day retention policy for the customer support OU.
Save and Activate: Save the rule and ensure it is activated.
Google Vault Help: Set retention rules
Several users in your organization reported an issue with receiving emails from one particular external sender You want to troubleshoot the issue and determine whether Google received these emails What should you do?
Step by Step Comprehensive Detailed Explanation:
Access Email Log Search: Sign in to the Google Admin console and navigate to 'Reports' then 'Audit' and select 'Email Log Search.'
Perform a Search: Enter the details of the external sender and the date range to search for the missing emails.
Analyze Results: Review the search results to see if the emails were received, bounced, or filtered.
Determine Cause: Identify any issues such as delivery errors or spam filtering that might have affected the emails.
Google Workspace Admin Help: Email Log Search
You are configuring a customer relationship management (CRM) solution to integrate with Google Workspace services for the sales department at your organization The CRM solution is in the Google Workspace Marketplace and you deploy the specific CRM solution Employees report that there are no contacts and documents visible in the CRM solution You must identify and fix the problem What should you do?
Access the Admin Console: Sign in to your Google Admin console.
Navigate to Security Settings: Click on 'Security' and then 'API controls.'
Manage Third-Party App Access: Click on 'Manage third-party app access.'
Check OAuth Scopes: Locate the CRM solution and ensure that it has the necessary OAuth scopes, particularly for Google Drive and Gmail.
Grant Access: If necessary, adjust the settings to grant the required scopes.
Verify Integration: Confirm that the CRM solution now has access to the necessary data and that employees can see contacts and documents.
Google Workspace Admin Help: Manage third-party app access
You have implemented a data loss prevention (DLP) policy for a specific finance organizational unit. You want to apply the same security policy to a shared drive owned by the finance department in the most efficient manner. What should you do?
Access the Admin Console: Sign in to your Google Admin console.
Navigate to DLP Settings: Click on 'Security' and then 'Data protection' to access Data Loss Prevention (DLP) settings.
Create New DLP Policy: Click on 'Create policy' and configure the policy specifically for shared drive data.
Define Rules: Set up the necessary rules and conditions to match the existing DLP policy for the finance organizational unit.
Apply to Shared Drive: Apply this new policy to the shared drive used by the finance department.
Save and Activate: Save the policy and ensure it is active and enforced for the shared drive.
Google Workspace Admin Help: Set up and manage DLP
Your organization has a group of users who interact with sensitive information and their accounts contain valuable files You need to protect these users from targeted online attacks What should you do?
Understanding the Requirement:
The scenario involves a group of users who handle sensitive information and have valuable files in their accounts.
The goal is to protect these users from targeted online attacks.
Options Analysis:
Option A: Enable 2-Step Verification for those users and recommend they use Google Authenticator
2-Step Verification (2SV) enhances security by adding an extra layer of authentication. Google Authenticator is a reliable method, but it may not be sufficient against highly targeted attacks.
Option B: Enable 2-Step Verification for those users and recommend they use SMS codes
While SMS codes are a form of 2SV, they are considered less secure than other methods due to potential vulnerabilities like SIM swapping.
Option C: Disable password recovery for end users
Disabling password recovery can prevent unauthorized access through recovery options but does not provide active protection against targeted attacks.
Option D: Enroll all accounts for those users in the Advanced Protection Program
The Advanced Protection Program (APP) is designed specifically to protect users at high risk of targeted attacks. It includes strong measures such as requiring a physical security key for login, blocking unauthorized access attempts, and restricting access to sensitive data.
Recommended Solution:
Enrolling users in the Advanced Protection Program (APP):
Step 1: Identify High-Risk Users:
Identify users who handle sensitive information and have valuable files.
Step 2: Enroll in APP:
Go to the Google Admin console.
Navigate to the Security section and find the Advanced Protection Program.
Enroll the identified high-risk users in APP.
Step 3: Implement Security Keys:
Ensure users have security keys (e.g., Titan Security Keys) for login.
Guide users through the process of setting up and using security keys.
Step 4: User Education:
Educate users on the importance of APP and how it protects their accounts.
Provide training on recognizing phishing attempts and other security best practices.
Benefits of APP:
Enhanced Security:
APP provides the highest level of security for Google accounts, requiring security keys for authentication.
Protection Against Phishing:
Security keys are highly resistant to phishing attacks, which are common in targeted online attacks.
Limited Access:
APP restricts access to sensitive data, ensuring that only trusted apps and services can interact with the protected accounts.
Google Workspace Admin Help: Advanced Protection Program
Google Workspace Security: Advanced Protection Program
Google Security Blog: Advanced Protection Program
Sabrina
6 days agoCheryl
15 days agoMarge
19 days agoOzell
20 days agoKristofer
1 months agoKerry
1 months agoFrance
1 months agoKris
2 months agoCarlee
3 months agoTayna
4 months agoJerry
4 months agoVicky
4 months agoCasie
4 months agoNichelle
4 months agoStevie
5 months agoZana
5 months ago