EMT Practice Test

1. Question Content...


Question List

Question1: The application development team has come to you requesting that a new, internal, domain-owned G Suite app be allowed to access Google Drive APIs. You are currently restricting access to all APIs using approved whitelists, per security policy. You need to grant access for this app.
What should you do?

Question2: Get Cloudy Consulting wants to create a custom team solution that can be used on a custom Loan object.
The Loan custom object must be set to Private in the Org-Wide Defaults, and any user added to the Custom Team object should have Read Only access to the corresponding Loan record. Additionally, if the Custom Team record is marked as "Primary" then the corresponding user should have Read/Edit access to the corresponding Loan record.
What are two methods for fulfilling these requirements? (Choose two.)

Question3: Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using G Suite.
What should you do?

Question4: You have configured your G Suite account on the scheduled release track to provide additional time to prepare for new product releases and determine how they will impact your users. There are some new features on the latest roadmap that your director needs you to test as soon as they become generally available without changing the release track for the entire organization.
What should you do?

Question5: In your organization, users have been provisioned with either G Suite Enterprise, G Suite Business, or no license, depending on their job duties, and the cost of user licenses is paid out of each division's budget. In order to effectively manage the license disposition, team leaders require the ability to look up the type of license that is currently assigned, along with the last logon date, for their direct reports.
You have been tasked with recommending a solution to the Director of IT, and have gathered the following requirements:
* Team leaders must be able to retrieve this data on their own (i.e., self-service).
* Team leaders are not permitted to have any level of administrative access to the G Suite Admin panel.
* Team leaders must only be able to look up data for their direct reports.
* The data must always be current to within 1 week.
* Costs must be mitigated.
What approach should you recommend?

Question6: Cloud Kicks is customizing the security and sharing features of Salesforce Account Teams and has decided to implement a Custom Account Team object. Cloud Kicks wants the new implementation to utilize Apex and Visualforce on the Custom Account Team object, while still including all of the features of the existing account team.
An Architect is considering two different approaches for designing this enhancement.
Which two considerations are valid? (Choose two.)

Question7: A company has reports of users sharing sensitive Google Drive content outside their domain through third-party add-ons. You need to control which third-party apps are allowed to access users' G Suite data. Which security feature should you use to achieve this?

Question8: After making a recent migration to G Suite, you updated your Google Cloud Directory Sync configuration to synchronize the global address list. Users are now seeing duplicate contacts in their global directory in G Suite. You need to resolve this issue.
What should you do?

Question9: A company needs to create a Google group for the customer service team. The members in that group should be able to assign and track received messages, mark a topic as resolved, and add/edit tags to a topic. What group type should you use?

Question10: A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.
Where should you enable this in the Chrome management settings?

Question11: Security and Compliance has identified secure third-party applications that should have access to G Suite data.
You need to restrict third-party access to only approved applications
What two actions should you take? (Choose two.)

Question12: A user does not follow their usual sign-in pattern and signs in from an unusual location.
What type of alert is triggered by this event?

Question13: Security and Compliance has identified secure third-party applications that should have access to G Suite data. You need to restrict third-party access to only approved applications What two actions should you take? (Choose two.)

Question14: All Human Resources employees at your company are members of the "HR Department" Team Drive. The HR Director wants to enact a new policy to restrict access to the "Employee Compensation" subfolder stored on that Team Drive to a small subset of the team.
What should you do?

Question15: What would be the reason for a large number of duplicate Account records and many sharing rules created in Salesforce?

Question16: Get Cloudy Consulting has the following requirements:
- Users should only see Accounts they or their subordinates own.
- All Accounts with the custom field "Key Customer" should be visible to all Senior Account Managers.
- There is a custom field on the Account record that contains sensitive information and should be hidden from all users, except 10 designated users who require view and edit access.
- These 10 users come from different user groups, and will change occasionally.
Which three platform security features are required to support these requirements with the minimum amount of effort? (Choose three.)

Question17: Your employer, a media and entertainment company, wants to provision G Suite Enterprise accounts on your domain for several world-famous celebrities. Leadership is concerned with ensuring that these VIPs are afforded a high degree of privacy. Only a small group of senior employees must be able to look up contact information and initiate collaboration with the VIPs using G Suite services such as Docs, Chat, and Calendar.
You are responsible for configuring to meet these requirements. What should you do?

Question18: Madeupcorp.com is in the process of migrating from a third-party email system to G Suite. The VP of Marketing is concerned that her team already administers the corporate AdSense, AdWords, and YouTube channels using their @madeupcorp.com email addresses, but has not tracked which users have access to which service. You need to ensure that there is no disruption.
What should you do?

Question19: Your organization is concerned with the increasing threat of phishing attacks that may impact users.
Leadership has declined to force-enable 2-Step verification. You need to apply a security measure to prevent unauthorized access to user accounts.
What should you do?

Question20: You recently started an engagement with an organization that is also using G Suite. The engagement will involve highly sensitive data, and the data needs to be protected from being shared with unauthorized parties both internally and externally. You need to ensure that this data is properly secured.
Which configuration should you implement?

Question21: A company wants to distribute iOS devices to only the employees in the Sales OU. They want to be able to do the following on these devices:
* Control password policies.
* Make corporate apps available to the users.
* Remotely wipe the device if it's lost or compromised
What two steps are required before configuring the device policies? (Choose two.)

Question22: Security and Compliance has identified that data is being leaked through a third-party application connected to G Suite You want to investigate using an audit log.
What log should you use?

Question23: Several customers have reported receiving fake collection notices from your company. The emails were received from [email protected], which is the valid address used by your accounting department for such matters, but the email audit log does not show the emails in QUESTION.
You need to stop these emails from being sent.
What two actions should you take? (Choose two.)

Question24: Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in G Suite Admin Panel is time-consuming and prone to error.
You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?

Question25: Your company works regularly with a partner. Your employees regularly send emails to your partner's employees. You want to ensure that the Partner contact information available to your employees will allow them to easily select Partner names and reduce sending errors.
What should you do?

Question26: Your company has just received a shipment of ten Chromebooks to be deployed across the company, four of which will be used by remote employees. In order to prepare them for use, you need to register them in G Suite.
What should you do?

Question27: What action should be taken to configure alerting related to phishing attacks?

Question28: Your Security Officer ran the Security Health Check and found the alert that "Installation of mobile applications from unknown sources" was occurring. They have asked you to find a way to prevent that from happening.
Using Mobile Device Management (MDM), you need to configure a policy that will not allow mobile applications to be installed from unknown sources.
What MDM configuration is needed to meet this requirement?

Question29: A Cloud Kicks IT team member is building an integration within a managed package for their internal org that requires login to an external system. The end point requires basic authentication.
Which three methods should an Architect recommend to secure the credentials, such as username and password, in this scenario? (Choose three.)

Question30: On which two platforms can you push WiFi connection information with G Suite? (Choose two.)

Question31: How can you monitor increases in user reported Spam as identified by Google?

Question32: As part of your organization's security policies, users are not allowed to send credit card details over email. You have configured a content compliance rule using predefined content match set to a medium confidence threshold and a minimum match count of one. When sending emails, users have started receiving custom rejection notices stating that their message includes a credit card number, even though no credit card details were in the email. What should you do to help eliminate false positives?

Question33: Your organization has recently gone Google, but you are not syncing Groups yet. You plan to sync all of your Active Directory group objects to Google Groups with a single GCDS configuration.
Which scenario could require an alternative deployment strategy?

Question34: Your Communications and Training Department has a Google Site that provides updated critical business information to all employees. They want to learn how often the site is being visited and how it is used. What should you do?

Question35: User A is a Basic License holder. User B is a Business License holder. These two users, along with many additional users, are in the same organizational unit at the same company. When User A attempts to access Drive, they receive the following error: "We are sorry, but you do not have access to Google Docs Editors.
Please contact your Organization Administrator for access." User B is not presented with the same error and accesses the service without issues.
How do you provide access to Drive for User A?

Question36: With the help of a partner, you deployed G Suite last year and have seen the rapid pace of innovation and development within the platform. Your CIO has requested that you develop a method of staying up-to-date on all things G Suite so that you can be prepared to take advantage of new features and ensure that your organization gets the most out of the platform.
What should you do?

Question37: DreamHouse Realty wants to implement a Filter-Based Opportunity Territory Assignment.
Which action is required for this goal to be achieved?

Question38: Security and Compliance has identified that data is being leaked through a third-party application connected to G Suite You want to investigate using an audit log.
What log should you use?

Question39: Your organization is part of a highly regulated industry with a very high turnover. In order to recycle licenses for new employees and comply with data retention regulations, it has been determined that certain G Suite data should be stored in a separate backup environment.
How should you store data for this situation?

Question40: Your-company.com recently started using G Suite. The CIO is happy with the deployment, but received notifications that some employees have issues with consumer Google accounts (conflict accounts). You want to put a plan in place to address this concern.
What should you do?

Question41: You are using Google Cloud Directory Sync to manage users. You performed an initial sync of nearly 1,000 mailing lists to Google Groups with Google Cloud Directory Sync and now are planning to manage groups directly from Google. Over half the groups have been configured with incorrect settings, including who can post, who can join, and which groups can have external members. You need to update groups to be configured correctly.
What should you do?

Question42: Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider.
You are responsible for configuring to meet this request.
What should you do?

Question43: Your client is a 5,000-employee company with a high turn-over rate that requires them to add and suspend user accounts. When new employees are onboarded, a user object is created in Active Directory. They have determined that manually creating the users in G Suite Admin Panel is time- consuming and prone to error. You need to work with the client to identify a method of creating new users that will reduce time and error.
What should you do?

Question44: You have configured your G Suite account on the scheduled release track to provide additional time to prepare for new product releases and determine how they will impact your users. There are some new features on the latest roadmap that your director needs you to test as soon as they become generally available without changing the release track for the entire organization.
What should you do?

Question45: One of your users calls in to the support team and reports that they did not receive an email that they were expecting from a customer. While investigating with the user, the support team was unable to locate the message in the inbox, the trash, or spam labels. They have escalated to you for troubleshooting. You navigate to the Email Log Search to determine the cause, and find that it successfully reached G Suite systems. What is the likely cause of this issue?

Question46: External Company is reporting that they are not receiving messages from your users. Your users are reporting that everything is sending fine and they are not receiving bounceback messages or any notifications. You need to determine what could be causing the non-delivery and why they aren't receiving the notifications. What should you do?

Question47: After making a recent migration to G Suite, you updated your Google Cloud Directory Sync configuration to synchronize the global address list. Users are now seeing duplicate contacts in their global directory in G Suite. You need to resolve this issue.
What should you do?

Question48: Your organization deployed G Suite Enterprise within the last year, with the support of a partner.
The deployment was conducted in three stages: Core IT, Google Guides, and full organization.
You have been tasked with developing a targeted ongoing adoption plan for your G Suite organization.
What should you do?

Question49: A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.
Where should you enable this in the Chrome management settings?

Question50: In your organization, users have been provisioned with either G Suite Enterprise, G Suite Business, or no license, depending on their job duties, and the cost of user licenses is paid out of each division's budget. In order to effectively manage the license disposition, team leaders require the ability to look up the type of license that is currently assigned, along with the last logon date, for their direct reports.
You have been tasked with recommending a solution to the Director of IT, and have gathered the following requirements:
- Team leaders must be able to retrieve this data on their own (i.e.,
self-service).
- Team leaders are not permitted to have any level of administrative
access to the G Suite Admin panel.
- Team leaders must only be able to look up data for their direct
reports.
- The data must always be current to within 1 week.
- Costs must be mitigated.
What approach should you recommend?

Question51: Your organization has implemented Single Sign-On (SSO) for the multiple cloud-based services it utilizes.
During authentication, one service indicates that access to the SSO provider cannot be accessed due to invalid information.
What should you do?

Question52: A user does not follow their usual sign-in pattern and signs in from an unusual location.
What type of alert is triggered by this event?

Question53: Cloud Kicks is implementing a community and has the following requirements:
- The Community will have High-Volume Community users.
- Community users should be able to see records associated to their Account or Contact record.
An Architect wants to use a Sharing Set to provide access to the records. However, when setting up the Sharing Set, certain objects are not available in the list of Available Objects.
What are two explanations for why an object would be excluded from the list of Available Objects in a Sharing Set? (Choose two.)

Question54: Cloud Kicks has the following environment:
- Two custom objects named Open Position and Candidate.
- The Candidate object has a lookup relationship to Open Position.
- Both objects are set to Private in sharing settings.
- The Human Resources team will own all Open Position and Candidate records.
Cloud Kicks requests that their Salesforce Architect automatically share the Candidate when the Interviewer (lookup to user record) has been populated. The interviewer can be from any department.
What approach should the Architect use to accomplish this goal?

Question55: Your organization's Sales Department uses a generic user account ([email protected]) to manage requests. With only one employee responsible for managing the departmental account, you are tasked with providing the department with the most efficient means to allow multiple employees various levels of access and manage requests from a common email address.
What should you do?

Question56: Your company recently decided to use a cloud-based ticketing system for your customer care needs. You are tasked with rerouting email coming into your customer care address, [email protected] to the cloud platform's email address, [email protected]. As a security measure, you have mail forwarding disabled at the domain level.
What should you do?

Question57: Your company uses a whitelisting approach to manage third-party apps and add-ons. The Senior VP of Sales
& Marketing has urgently requested access to a new Marketplace app that has not previously been vetted. The company's Information Security policy empowers you, as a G Suite admin, to grant provisional access immediately if all of the following conditions are met:
* Access to the app is restricted to specific individuals by request only.
* The app does not have the ability to read or manage emails.
* Immediate notice is given to the Infosec team, followed by the submission of a security risk analysis report within 14 days.
Which actions should you take first to ensure that you are compliant with Infosec policy?

Question58: What action should be taken to configure alerting related to phishing attacks?

Question59: The CEO of your company has indicated that messages from trusted contacts are being delivered to spam, and it is significantly affecting their work. The messages from these contacts have not always been classified as spam. Additionally, you recently configured SPF, DKIM, and DMARC for your domain. You have been tasked with troubleshooting the issue.
What two actions should you take? (Choose two.)

Question60: Your Security Officer ran the Security Health Check and found the alert that "Installation of mobile applications from unknown sources" was occurring. They have asked you to find a way to prevent that from happening.
Using Mobile Device Management (MDM), you need to configure a policy that will not allow mobile applications to be installed from unknown sources.
What MDM configuration is needed to meet this requirement?

Question61: Your company has an OU that contains your sales team and an OU that contains your market research team.
The sales team is often a target of mass email from legitimate senders, which is distracting to their job duties.
The market research team also receives that email content, but they want it because it often contains interesting market analysis or competitive intelligence. Constant Contact is often used as the source of these messages. Your company also uses Constant Contact for your own mass email marketing. You need to set email controls at the Sales OU without affecting your own outgoing email or the market research OU.
What should you do?

Question62: Your company recently migrated to G Suite and wants to deploy a commonly used third-party app to all of finance. Your OU structure in G Suite is broken down by department. You need to ensure that the correct users get this app.
What should you do?

Question63: Your company (your-company.com) just acquired a new business (new-company.com) that is running their email on-premises. It is close to their peak season, so any major changes need to be postponed. However, you need to ensure that the users at the new business can receive email addressed to them using your- company.com into their on-premises email server. You need to set up an email routing policy to accomplish this.
What steps should you take?

Question64: Your Accounts Payable department is auditing software license contracts companywide and has asked you to provide a report that shows the number of active and suspended users by organization unit, which has been set up to match the Regions and Departments within your company. You need to produce a Google Sheet that shows a count of all active user accounts and suspended user accounts by Org unit.
What should you do?

Question65: Your Accounts Payable department is auditing software license contracts companywide and has asked you to provide a report that shows the number of active and suspended users by organization unit, which has been set up to match the Regions and Departments within your company. You need to produce a Google Sheet that shows a count of all active user accounts and suspended user accounts by Org unit.
What should you do?

Question66: Your company has a broad, granular IT administration team, and you are in charge of ensuring proper administrative control. One of those teams, the Collaboration Team, manages Drive and Sites for all users. IT teams are not allowed to manage services other than their own. You are responsible for ensuring proper administrative control. What should you do?

Question67: Your company's Chief Information Security Officer has made a new policy where third-party apps should not have OAuth permissions to Google Drive. You need to reconfigure current settings to adhere to this policy.
What should you do?

Question68: A company has thousands of Chrome devices and bandwidth restrictions. They want to distribute the Chrome device updates over a period of days to avoid traffic spikes that would impact the low bandwidth network.
Where should you enable this in the Chrome management settings?

Question69: Your company's compliance officer has requested that you apply a content compliance rule that will reject all external outbound email that has any occurrence of credit card numbers and your company's account number syntax, which is AccNo. You need to configure a content compliance rule to scan email to meet these requirements.
Which combination of attributes will meet this objective?