ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Associate Google Workspace Administrator All Questions

View all questions & answers for the Associate Google Workspace Administrator exam
Go to Exam

Exam Associate Google Workspace Administrator topic 1 question 8 discussion

Actual exam question from Google's Associate Google Workspace Administrator
Question #: 8
Topic #: 1
[All Associate Google Workspace Administrator Questions]

Several employees at your company received messages with links to malicious websites. The messages appear to have been sent by your company’s human resources department. You need to identify which users received the emails and prevent a recurrence of similar incidents in the future. What should you do?

  • A. Search the sender’s email address by using Email Log Search. Identify the users that received the messages. Instruct them to mark them as spam in Gmail, delete the messages, and empty the trash.
  • B. Search for the sender’s email address by using the security investigation tool. Mark the messages as phishing. Add the sender’s email address to the Blocked senders list in the Spam, Phishing and Malware setting in Gmail to automatically reject future messages.
  • C. Collect a list of users who received the messages. Search the recipients’ email addresses in Google Vault. Export and download the malicious emails in PST file format. Add the sender’s email address to a quarantine list setting in Gmail to quarantine any future emails from the sender.
  • D. Search for the sender’s email address by using the security investigation tool. Delete the messages. Turn on the safety options for spoofing and authentication protection in Gmail settings.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by SteveSJSResearch at March 3, 2025, 11:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Akunator
3 weeks, 3 days ago
Selected Answer: B
To address the phishing incident, immediately contain the damage, identify affected users, investigate the root cause, and implement preventative measures including enhanced security awareness training and technical safeguards.
upvoted 1 times
...
SteveSJSResearch
1 month, 4 weeks ago
Selected Answer: D
Question is not 100% clear if the sender's email is external and only has the HR department as a fraudulent display name. If so, B will work. But if emails are actually from the internal HR address, you can't block the HR email address since it presumably is needed for legitimate internal emailing. In that (more likely the question's intent) case, spoofing and authentication protection settings will need tuning.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago