A customer has a mission-critical workload running on ChromeOS and needs devices configured to reduce ChromeOS changes. How can an admin reduce the risk of an unexpected change in an OS update affecting the customer's entire ChromeOS device domain while maintaining security and minimizing admin workload?
A. Force auto reboot after update
B. Enable variations
C. Move to a Long-term Support channel
D. Add an update rollout plan
You are asked why ChromeOS devices do not require additional antivirus software. How should you respond?
A. Every time ChromeOS updates, it automatically updates the antivirus software on the device
B. Every ChromeOS device is pre-installed with antivirus software which automatically updates during the life of the device
C. As part of a multi-layered security approach ChromeOS uses a read-only operating system which cannot be affected by viruses
D. The Admin console automatically deploys antivirus software to enrolled ChromeOS devices and is included in the Chrome Enterprise/Education Upgrade
You need to create a recovery image on a USB stick. Which two steps should you take? Choose 2 answers
A. Go to Device Settings
B. Go lo google com/chromebooks
C. Go to Google Play store
D. Go to Chrome Web Store on a Chrome device
E. Install Chrome Recovery Utility and download the image for the coned device model to a USB stick
What are two methods for signing in to a Chrome OS device? Choose 2 answers
A. SMS code sent to mobile phone
B. Single sign-on
C. Google Friend Connect
D. Facebook Connect
To use Verified Access in your organization, you need to have a Chrome extension that calls Verified Access API on the client devices. Where can you go to get this extension?
A. Google Play Store
B. Independent software vendor (ISV) or Google Verified Access API
C. Independent software vendor (ISV) repository
D. Software API Key store
How would you deploy your "Terms of Services" page to all managed ChromeOS devices?
A. Navigate to "Chrome Verified Access" and enable the policy for content protection
B. Go to "User & Browser and "Managed Guest Session' settings to upload your terms of service
C. ln "User & Browser Settings" upload the "Terms of Service" as a wallpaper
D. Navigate to "User & Browser" and "Managed Guest Session" settings to upload your custom avatar
What is the recommended way to provision users from an on-prem Active Directory environment into the Google Admin console?
A. Upload via CSV
B. Admin SDK Directory API
C. Azure AD Google Cloud/G Suite Connector
D. Google Cloud Directory Sync
You want to enterprise enroll a device that has existing consumer accounts. What should you do first?
A. Contact Google support to convert the device into an enterprise device
B. Delete all consumer accounts, and then follow the same steps for enrolling a brand new device
C. follow the same steps for enrolling a brand new device
D. Wipe the device
You are using a third-party service for SSO. Users are confused when signing onto a Chrome device because they are asked for Google account details before being redirected to the sign-In screen for your SSO provider Which setting must be changed so managed devices open the SSO provider login page by default?
A. SAML single sign-on login frequency
B. SAML single sign-on password synchronization flows
C. Single sign-on cookie behavior
D. Single sign-on IdP redirection
Explanation: TheSingle sign-on IdP redirectionsetting controls whether managed devices
directly open the login page of the third-party SSO provider (Identity Provider) or first
prompt for Google account credentials. By enabling this setting, you streamline the login
process for users and eliminate the confusion caused by the extra Google account prompt.
Option A is incorrectbecause it controls the frequency of re-authentication for SAML SSO,
not the initial login page.
Option B is incorrectbecause it relates to password synchronization between Google and
the IdP, not the login page redirection.
Option C is incorrectbecause it deals with how cookies are handled for SSO, not the login
page redirection.
A customer deploys a large number of ChromeOS devices and would like to start the
process of turning on Zero-Touch Enrollment (ZTE) to streamline their deployment process.
As an administrator, what would be required to enable ZTE?
A. Identify OU to place devices during enrollment
B. Grant partner admin access
C. Create a pre-provisioning token
D. Create a zero-touch token
Explanation:
To enableZero-Touch Enrollment (ZTE)for ChromeOS devices, an administrator must
firstcreate a pre-provisioning token. This token allows devices to automatically enroll
when they are first powered on and connected to the internet. The pre-provisioning token
links the device to the correct organization and management policies.
Verified Answer from Official Source:
The correct answer is verified from theGoogle Zero-Touch Enrollment Guide, which
outlines the process of setting up pre-provisioning tokens for automated enrollment.
"To set up Zero-Touch Enrollment, generate a pre-provisioning token in the Admin console
and configure it with the device provider."
Creating the token ensures that new devices are automatically configured and enrolled
without manual intervention, saving time during mass deployments.
Objectives:
Automate ChromeOS device enrollment.
Simplify large-scale deployments.
Your security team asks you to deploy on ChromeOS only a specific Android app for your security department. As a ChromeOS Administrator, you need to find a way to block all other Android apps except the one that you need. How are you going to proceed?
A. From the "Apps & extensions" page add the Android app on the security team user OU
B. On the "Users & Browser Settings'' tab. for the Play Store, use the "Block all apps, admin manages allowlist" policy and allow only the
C. Android app that you want from "Apps & extensions " On the "Users & Browser Settings'' tab. for the Chrome Web Store use the "Block all apps, admin manages allowlist" policy and allow only the Android app that you want on "Apps & extensions "
D. From trio "Apps & extensions" page add the Android app on the security team user OU and select "Force Install * pin to ChromeOS taskbar"
Explanation:
Access Google Admin Console: Sign in to your Google Admin console.
Navigate to Device Management: Go to Devices > Chrome > Settings > Users &
browsers.
Locate Play Store Settings: Find the section related to the Play Store.
Enable Allowlist Policy: Activate the policy "Block all apps, admin manages
allowlist."
Add the Security App: Go to the "Apps & extensions" section and add the specific
Android app that you want to allow for the security team's organizational unit (OU).
This configuration ensures that all other Android apps are blocked from installation on
ChromeOS devices, except the specified security app. This provides granular control over
app deployment and enhances security by preventing unauthorized app usage.
The Finance Department is concerned about frequent Chromebook updates and asks you to explore a 6-month update cycle. Which update release option should you configure for these devices?
A. Stable
B. Beta
C. LTS
D. Canary
Explanation:
TheLong-Term Support (LTS) channelon ChromeOS is designed for environments that
require extended stability with less frequent updates. It provides feature updates every6
months, making it suitable for departments like Finance that prefer a stable, predictable
update schedule without frequent changes.
Verified Answer from Official Source:
The correct answer is verified from theGoogle ChromeOS Update Management Guide,
which explains that the LTS channel delivers updates on a 6-month cycle, focusing on
stability rather than the latest features.
"The Long-Term Support (LTS) channel is updated approximately every 6 months, allowing
organizations to minimize disruptions caused by frequent updates."
Using the LTS channel reduces the frequency of feature changes, which is beneficial for
finance and other critical operations that prioritize stability over new features.
Objectives:
Manage update frequency to suit organizational needs.
Maintain stability in critical business functions.
References:
Google ChromeOS Update Management Guide
| Page 3 out of 10 Pages |
| Previous |