2023 – 2024 Coursera Google Workspace Security – Quiz Answers
Google Workspace Security Quiz Answers
Week 1 Quiz Answers
Quiz 1: Common Security Settings
Q1. What are some best practices for reinforcing and monitoring the security of your domain?
- Disable access to less secure apps
- View and manage your users’ security settings
- Set up 2-step verification
- All of the above
Q2. The IT manager at your organization wants to know the advantages of using 2-step verification for your organization. What should you say? (Choose 2)
- It’ll greatly reduce the risk of unauthorized access if a user’s password is compromised
- We wouldn’t have to manage individual user IDs and passwords for each user
- It would be a great opportunity to make sure everyone is the organization has a security key
- It’ll reinforce our domain’s password security by requiring our users to enter an additional code or use a security key to sign in
Q3. The IT manager at your organization hasn’t had a chance to explore the admin console yet but wants to know what individual security settings he can manage for a user. What are some examples you could give him? (Choose 3)
- Require a password change
- Determine if the user is enrolled in 2-step verification
- Review a user’s administrative access
- Temporarily disable the user’s login challenge for 10 minutes
Q4. Where do you go to manage your users’ password strength?
- Security > Password monitoring
- Security > Password management
- Users > Account
- Reports > Security
Q5. Your organization has decided to enforce 2-step verification in 2 weeks. What actions should you keep in mind when enforcing 2-step verification? (Choose 3)
- You’ll want to provide a lead time for users to enroll before enforcement
- You’ll want to confirm that all of your users are enrolled before enforcement
- When you create new user accounts after enforcement, you will want to allow them a grace period before they need to enroll otherwise they will be locked out of their accounts
- Enforcing 2-step verification will not affect your users as they can still opt-out.
Quiz 2: SSO Quiz Answers
Q1. Your IT manager has just informed you that your organization has an account now with Asana and would like you to enable Single Sign On with the application. Where in the admin console would you go to configure a third-party pre-integrated cloud application, like Asana, as your service provider?
- Apps > Web and mobile apps > plus sign (+) > SETUP MY OWN CUSTOM APP from the Enable SSO for SAML Application window
- Security > Set up single sign-on (SSO) for SAML applications and provide the necessary information
- Apps > Web and mobile apps > Add App > Search for apps. Then search for Asana from the list of predefined applications
Q2. What of the following are true of the Secure LDAP service? (Choose 3)
- User’s authenticate against a local directory to gain access to Google Workspace services
- It allows you to connect your LDAP-based applications and services to Google Workspace
- It reduces maintenance as directory information is consolidated into one directory
- Users authenticate against the Google Workspace directory to gain access to LDAP compliant applications and services
Q3. When adding a pre-integrated SAML application to your Google Workspace account, which of the following must you add/upload the Service Provider’s configuration? (Choose 3)
- Google Certificate
- SSO URL
- Change Password URL
- Entity ID URL
Q4. When using a third party IdP which of the following is disabled/hidden in Google Workspace?
- Password monitoring
- Password reuse policy
- Require password change
- Password recovery
Quiz 3: Application Security Quiz Answers
Q1. Your organization wants to prevent any external application from accessing Gmail and Drive data. How would you ensure such access is prevented?
- Disable API access from the Gmail and Drive service settings
- From Security > API Permissions, ensure Trust domain owned apps is disabled. From Security > API Permissions > MANAGE GOOGLE SERVICES, restrict access to the Gmail and Drive services.
- Disable Gmail and Drive API access from the top level organization settings
- From Security > API Permissions, ensure Trust domain owned apps is enabled. From Security > API Permissions > MANAGE GOOGLE SERVICES, restrict access to the Gmail and Drive services.
Q2. You have been asked to create an allowlist of Marketplace apps to restrict which apps a user can install onto their devices. What must you do first?
- Get your users to Install the Marketplace allowlist app onto each device
- Add the names of all the trusted applications to each user’s device policy
- Change the Marketplace settings to allow users to install only allowed applications from Google Workspace Marketplace
- Complete a Domain install for each application that you want to allow
Q3. What is the expected behavior when a user tries to install a Marketplace app that has not been allowed?
- Users can not attempt to install an application that is not on the allowlist because they only see allowed apps in the Marketplace
- User’s can install an app that is not in the allowlist but they cannot grant it access to their data so it will not work
- When the user attempts to install the app they will see a message advising that the app cannot be installed because it has not been allowed
Q4. What happens to already installed applications if you block API access from the Security > API Permissions section?
- Already installed applications that use the blocked API will continue to work indefinitely
- Already installed applications that use the blocked API will continue to work until the user next signs in to Google Workspace
- Already installed applications that use the blocked API will continue to work until the application needs a new OAuth token
- Already installed applications will stop working and OAuth tokens will be revoked
Quiz 4: Security Tools Quiz Answers
Q1. Where would you go to review security recommendations for your organization?
- Security investigation tool
- Security dashboard
- Alert center
- Security health page
Q2. Which of the following statements is NOT TRUE about the alert center?
- The alert center includes additional in-depth details that enable you to take action to resolve numerous issues that might affect your organization
- The alert center enables you to view alerts and alert details directly in the admin console
- The alert center consolidates all admin created email alerts into one place
Q3. When examining messages in the security investigation tool what actions can you apply to a message? (Choose 3)
- Delete message
- Mark message as spam
- Forward to self
- View header
Q4. You have been asked by your CEO to provide a list of users who have not yet enrolled into 2-step Verification. Where can you find that information?
- Users Account Activity Report
- The Admin Audit log
- Users Security log
- Access Transparency Audit log