Android Enterprise Professional Answers 2021 (Updated)

Below you will find answers to the Pre-Assessment, Lesson Exercises, Lesson Quizzes and the Post-Assessment.

Course URLhttps://googlepartnertraining.fathomed.com/plans/5d42f01fe922dc0907bc3227

Android Enterprise Professional (Updated) Pre-Exam

Q.1 – What are the provisioning options supported for company-owned devices during initial setup?

(A) QR Code

(B) Zero Touch

(C) DPC Identifier

(D) None of the above

Q.2 – What are the two benefits that you would highlight for a customer looking to deploy applications via Managed Google Play?

(A) Prevents Admins from setting permissions to ensure app safety

(B) Allows Admins to create allow and block lists for public apps

(C) Safeguards devices by preventing private app deployment

(D) Removes the need for App wrapping

Q.3 – What are the identities that you can use for Managed Google Play?

(A) Managed Google Account

(B) Google Account

(C) My Company Account

(D) Managed Google Play Account

Q.4 – Identify the features that are related to Managed Google Play accounts.

(A) Easy to register and available immediately

(B) Obfuscated

(C) Only for Managed Google Play, and cannot be used for other Google services

(D) Auto Account provisioning upon EMM enrollment

Q.5 – Which is NOT an Android Enterprise Recommended program core requirement?

(A) It validates advanced features across multiple management sets.

(B) It demonstrates technical leadership.

(C) Ensures enterprise level support.

(D) It ensures support for Device Admin support remains in tact for customers.

Module 1 – OS Platform and Security Lesson 6 – Activity: Hardware backed security Quiz Answers

Q.1 – __________________ ensures key generation, key import, signing and verification services are kept separate from the OS.

(A) Pin verification process

(B) Trusted execution environment (TEE)

(C) Version binding

(D) Rollback prevention

(E) Key ejection

Q.2 – Android 8.0+ includes ___________ to not allow downgrading OS to an older less secure version or patch level.

(A) Version binding

(B) Key ejection

(C) Trusted execution environment (TEE)

(D) Pin verification process

(E) Rollback prevention

Q.3 – ____________ ensures keys created with a newer OS cannot be used by older OS versions.

(A) Version binding

(B) Pin verification process

(C) Rollback prevention

(D) Trusted execution environment (TEE)

(E) Key ejection

Q.4 – Using a pin + hardware key to derive encryption keys is called ________________.

(A) Rollback prevention

(B) Trusted execution environment (TEE)

(C) Key ejection

(D) Pin verification process

(E) Version binding

Module 1 – OS Platform And Security Lesson 8 – Let’s Review Answers

Q.1 – As it pertains to shared device use cases, support for _____________ was added in Android Pie (9.0) kiosk mode.

(A) Multiple Apps

(B) Work profile

(C) Multiple DPC’s

(D) Multiple containers

Q.2 – During the ____________  process, each bootstage cryptographically verifies the integrity and authenticity of the next stage before executing it.

(A) Verified Boot

(B) Kernel checking

(C) Hashtagging

(D) System check

Q.3 – Android Enterprise Recommended ensures devices are up to date with regular security patches delivered within _________. Android Enterprise Recommended devices are also guaranteed to get at least ______________.

(A) 90 days, 1 additional major OS update

(B) 90 days, 2 additional major OS updates

(C) 60 days, 1 additional major OS update

(D) 45 days, 2 additional major OS updates

Q.4 – All Android OEM’s that opt to use Google Mobile Services (GMS) must adhere to a _________ and successfully pass ____________.

(A) Enterprise Recommended Document (ERD) and Compatibility Test Suite (CTS)

(B) Compatibility Definition Document (CDD), Compatibility Test Suite (CTS)

(C) Compatibility Definition Document (CDD), Android Device Test (ADT)

(D) Compatibility Definition Document (CDD), Android Test Suite (ATS)

Q.5 – Android devices utilize a __________, to run privileged or security-sensitive operations such as PIN verification, secure storage of encryption keys and Verified Boot.

(A) Tamper Resistant Zone

(B) Trusted Encryption Zone

(C) Trusted Execution Environment

(D) Secure Execution Environment

Q.6 – Restricting applications from communicating directly to each other is an example of what Android security principle:

(A) Safety Net

(B) Application Sandboxing

(C) Verified Boot

(D) Address Space Layout Randomization (ASLR)

Q.7 – ___________ is a collection of Google applications and APIs that help support functionality across devices and a requirement for Android Enterprise.

(A) Compatibility Test Suite (CTS)

(B) Android Compatibility Services (ACS)

(C) Android Managed Services (AMS)

(D) Google Mobile Services (GMS)

Q.8 – Google Play Protect scans ___________ apps that are installed onto a device:

(A) Only Google Play store

(B) Only sideloaded

(C) Third party

(D) All

Q.9 – To make Android even safer, Google shares source code for security fixes every ______ days with partners and publish updates for Nexus and Pixel devices.

(A) 180

(B) Dessert release

(C) 30

(D) 90

Q.10 – As users are the first line of defense against any mobile threat, EMM’s can employ policies that can force:

(A) Continuous SMS and call monitoring

(B) Verified Boot

(C) Passphrase to recover lost email accounts

(D) Strong PIN, pattern or password lock

Module 2 – Managed Google Play Lesson 4 Activity Match Cards Answers

No need to sign in, user never sees the actual account –  Managed Google Play Account

Need to verify ownership of the domain –  G Suite or Cloud Identity account

Appropriate for G suite and Chrome OS customers – G Suite or Cloud Identity account

Additional steps required for API integration – G Suite or Cloud Identity account

Automatically generates a random service account at enrollment –  Managed Google Play Account

Need a public facing IDP for SSO – G Suite or Cloud Identity account

It is not possible to bind your domain to more than one EMM – G Suite or Cloud Identity account

Employees may have signed up for a Google Account using @mycompany.com email – G Suite or Cloud Identity account

Register your organization in a few seconds from your EMM console – Managed Google Play Account

Accounts from Google console must be manually pasted into EMM console – G Suite or Cloud Identity account

Supports multiple EMMs in same organization – Managed Google Play Account

Module 2 – Managed Google Play Lesson 7 Let’s Review Answers

Q.1 – Google recommends which of the following methods to securely manage, deploy or host in-house company applications?

(A) Sideloading

(B) Android admin console

(C) Zero Touch Portal

(D) Managed Google Play Store

Q.2 – What are the are two identities that can be used with Android Enterprise?

(A) Gmail & Managed Google Account

(B) Managed Google Play Account & Gmail

(C) Managed EMM Account

(D) G Suite or Cloud Identity account & Managed Google Play Account

Q.3 – How many Managed Google Play accounts can a customer get for free from Google for use with their EMM?

(A) 35

(B) 5

(C) As many as needed

(D) 20

Q.4 – Please select the most accurate statement as it pertains to Managed Google Play accounts:

(A) Managed Google Play accounts are quick and easy to attain obfuscated identities that can be claimed for as many users as needed

(B) Managed Google Play accounts are quick and easy to claim and require organizations to register their actual name with Google

(C) Manage Google Play accounts provide end users with identities that allows them to sign in to Google services such as G-Suite

(D) Managed Google Play accounts are easy to claim but require a 1 week approval period from Google

Q.5 – Managed Google Play provides organizations complete control over app visibility and distribution by:

(A) Allowing whitelisting and silent app push

(B) Making full Google Play store available to all user

(C) Easy sideloading of select apps

(D) Providing application user data to admins

Q.6 – Some of the advantages of hosting private apps on Managed Google Play are:

(A) Security, cross platform application support and competitive pricing

(B) Application scanning, delta upgrades, free app hosting

(C) Hosting private apps on Google Play is not recommended

(D) Security, easy administration and being able to host apps from any platform

Module 3 – Deployment Lesson 4 Activity Match Them Answers

“Saving the enterprise money is important, as is providing our employees privacy.” – BYOD

“Full control over apps and data on devices is most important.” – Fully Managed

“Flexibility of using full device management with a work profile.” – Fully Managed, Personally Enabled

“Remote updates and a locked mode for a specific tasks.” – Dedicated Device

Module 3 – Deployment Lesson 6 Activity Match Enrollment Answers

Google Account – User enters Google Account username & password. Availability: all versions the EMM support  

Hashtag ID – User or admin afw#<EMMcode>. Availability 6.0+

QR code – User or admin scans. Availability 7.0+

NFC  – Admin bump. Availability 5.1+ NFC support

 Zero-touch enrollment – Device driven flow. Availability 7.0+ Pixel only, 8.0+ selected devices

Module 3 – Deployment Lesson 7 Let’s Review Answers

Q.1 – When enrolling devices using the NFC method, organizations can use __________ to transfer configurations to a new device:

(A) A pre-programmed master device

(B) Android Enterprise does not support NFC enrollment

(C) Either a pre-programmed master device or NFC tag

(D) Only a pre-programmed NFC tag

Q.2 – Devices with a work profile differentiate work apps from personal apps by a:

(A) Badged hashtag

(B) Badged star

(C) Badged briefcase

(D) Badged dot

Q.3 – The following enrollment methods are supported with Android Enterprise:

(A) NFC

(B) QR Code

(C) Zero-Touch

(D) All of the above

Q.4 – Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:

(A) Device Admin API’s have been marked deprecated and will eventually not be supported

(B) Device Admin API’s provided an outdated security model and management approach

(C) Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.

(D) All of the above

Q.5 – The newest enrollment method with the launch of  __________ is ___________:

(A) Android 8.0, Zero Touch

(B) Android 6.0, Managed Deployment

(C) Android 9.0, Single Touch

(D) Android 7.0, Easy Scale

Q.6 – ________________  can add IMEI or serial numbers to the zero-touch portal.

(A) End-Users

(B) Resellers

(C) Resellers and carrier partners

(D) Customers

Q.7 – What is the proper method a user should follow in order to add a work profile to their personal device?

(A) Enroll device in Zero Touch portal, inform IT so they can configure, follow the setup wizard.

(B) Hard reset the device, send it into IT department for set up, retrieve device when ready.

(C) Download EMM app from Google Play, enter corporate credentials, follow the setup wizard to complete.

(D) Clear all personal data from device, download EMM app from Play Store, follow the setup wizard to complete.

Module 4 – Deployment Best Practices Lesson 7 Let’s Review Answers

Q.1 – In order to gain user buy in for work profiles, explain to users that IT cannot monitor ____________ . (select all that apply)

(A) Call Logs

(B) SMS

(C) Personal App Installs

(D) Personal Photos

Q.2 – True or false: During deployment planning, it is important to determine scope of testing and timelines for different stages of the deployment.

(A) JA

(B) NEIN

Q.3 – _____________ establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google.

(A) Zero-touch

(B) Android Enterprise Recommended

(C) Managed Google Play

(D) Android profiles

Q.4 – Before deploying Android in a no connectivity environment, you should strongly consider:

(A) Android Enterprise devices must be able to access the Managed Google Play store to get apps and updates, and Google Play Protect security services.

(B) Android Enterprise devices require special permissions and policies to run in such environments

(C) The devices running in these environments must be running Android Oreo (8.0) or higher

(D) None of the above

Android Enterprise Professional (Updated) Post-exam

Q.1 – Verified Boot has been on Android devices since version 4.4. Mark, an attacker, installs a custom bootloader on a stolen device with Android version 8. When it boots up, Mark sees an error on the screen that the device cannot boot. What is preventing the device from booting up?

(A) Mark needs to boot the device from safeboot by using hard buttons at boot time

(B) The root of trust stored in hardware does not match the newly installed bootloader

(C) Rate limiting has prevented mark from being able to enter in a passcode

(D) Mark simply just needs to restart the bootloader one more time after installing

Q.2 – A customer has a requirement to enroll Android tablets with no carrier connectivity. Additionally, they do not want use an open WiFi with a simple pre-shared password for the enrollment. Is there a solution to help the customer?

(A) Tell the customer to use a QR code based provisioning method that can pass WIFI EAP credentials including Certificates.

(B) Tell the customer to upload their WiFi certificates to the Zero-Touch portal for automatic delivery during enrollment.

(C) Provide SD card’s with the certificate.

(D) Tell the customer that they must set up an open WiFi due to restrictions on how enrollment works.

Q.3 – What are the steps to setup Closed Testing track for your Enterprise applications?

(A) Assign your applications to your organization(s) for it to appear in Managed Google Play.

(B) Use the EMM to assign the testing app to the users.

(C) Assign it to countries/regions.

(D) Create a closed testing release, upload your APK file, and rollout.

Q.4 – Which deployment method is not supported for work profile company owned devices during initial setup?

(A) QR Code

(B) DPC Identifier

(C) Zero Touch

(D) NFC

Q.5 – Which two statements given here are correct regarding the Compatibility Test Suite (CTS)?

(A) The Compatibility Test Suite is a free, commercial-grade test suite that is used during device development and is designed to evaluate and reveal incompatibilities with the CDD.

(B) The CTS is only valid for modern Android devices and was designed to help ensure all devices were able to use Android Enterprise APIs.

(C) The Compatibility Test Suite is for application developers building financial apps to ensure they use approved SSL modules for connecting to servers.

(D) A valid CTS result must be maintained in order for a device to move to the next level, obtaining a Google Mobile Service (GMS) Certification and License.

Q.6 – What are some of the advantages of TLS 1.3 over previous versions? (Select 2)

(A) Prevents certificates signed with SHA1 hashes.

(B) It allows users to change their devices DNS settings.

(C) It prevents a user from browsing known bad websites.

(D) It’s up to 40% faster.

Q.7 – What are the provisioning options supported for company-owned devices during initial setup?

(A) QR Code

(B) Zero Touch

(C) DPC Identifier

(D) None of the above

Q.8 – Who can use Managed Google Accounts?

(A) Organizations that use Cloud Identity or Google Workspace

(B) Organizations that use Google Workspace

(C) Organizations that are on the allow list for Google Play

(D) Organizations that use Cloud Identity

Q.9 – Which of the following is correct for Default update behaviour?

(A) Apps are updated when the device is:

– Connected to a Wi-Fi network

– User manually press update

– Not actively used

(B) Apps are updated when the device is:

– Connected to a Wi-Fi network

– Charging

– Not actively used

(C) Apps are updated when the device is:

– Connected to a Wi-Fi network

– Charging

– At night time

(D) Apps are updated when the device is:

– At home based on GPS location

– Charging

– Not actively used

Q.10 – Mike, Head of Mobility Security at Bank Ltd, wants to disable all fingerprint authentication from devices. He believes that an image of the biometric data is extracted from the devices and stored in Google Cloud. Which of the following facts would you use to easy Mike’s concern? (Select 2)

(A) The device does not take an image of the print but a biometric model that then uses an algorithm to create a mathematical template.

(B) Fingerprint images are stored in a database on the users filesystem. That makes them inaccessible to Google.

(C) A biometric template cannot be copied to another device because it is signed with a device specific key when stored in the TEE.

(D) You assure Mike that it’s a common practice for all cloud companies to store biometric data for compliance.

Q.11 – After an internal review of a potentially compromised BYOD device, it’s determined that the user side-loaded a malicious app on the personal profile that harvested their contacts. Why was none of the data in the work profile accessible?

(A) Work profile sandboxing and app isolation prevented any access to the work data.

(B) The user detected unusual activity before the app had time to infect the work profile and turned off the phone.

(C) The IT admin noticed unusual activity in the personal profile and asked the user to bring IT the phone in for review.

(D) The device had a weak 4 digit device passcode policy so the app was able to access all information.

Q.12 – Identify the features of Managed Google Play Application Management.

(A) Managed Apps permission pre-acceptance

(B) Mandatory install and optional apps

(C) Blocklist – all apps except the ones blocked by IT are displayed

(D) Allowlist – only IT approved apps are displayed

Q.13 – What are the identities that you can use for Managed Google Play?

(A) Managed Google Account

(B) Google Account

(C) My Company Account

(D) Managed Google Play Account

Q.14 – Which of the following are NOT processes that the TEE performs? (Select 2)

(A) Lock screen passcode verification.

(B) Biometric template matching.

(C) DRM – Dedicated RAM Monitoring.

(D) Data loss protection.

Q.15 – Which of the following types of applications can you push to users from Managed Google Play?

(A) Public Applications

(B) Web Applications

(C) Debug Applications

(D) Private Applications

Q.16 – What are the three update modes available for Enterprise?

(A) Postponed

(B) High Priority

(C) Default

(D) Partial

Q.17 – Which of the following files do you upload to Managed Google Play while publishing a self-hosted application?

(A) .txt file that contains Application’s metadata

(B) .csv file that contains application’s metadata

(C) .apk file – Google will read application metadata, then will delete the actual .apk file

(D) App’s JSON metadata file

Q.18 – Which of the following statements is incorrect about Private Applications?

(A) You can publish self-hosted private applications from Managed Play iframe or Custom App Publishing API.

(B) You can publish both Self-Hosted and Google Hosted private applications from Play Publishing console.

(C) You can test private applications with Closed Testing Track. However, it is only applicable for Google Hosted private apps.

(D) The easiest way to publish private application is from Managed Play iframe – upload .apk file and give it a title.

Q.19 – What is managed Google Play?

(A) It is an online gaming platform, where you can blocklist people you don’t like to play with.

(B) It is a generic application distribution platform that is available on any modern OS to distribute Enterprise Applications to any devices.

(C) It is an application distribution platform in Android for Enterprise, where the IT admin can manage and distribute public and private enterprise applications.

(D) It is the largest application distribution platform, where you can download and install an application on your Android devices.

Q.20 – Phone Ltd. is building a new device with Android 11. Which of the following accurately describes the steps needed for them to obtain a GMS license from Google?

(A) Download the source code from source.android.com, adhere to CDD, pass CTS, apply for GMS license.

(B) Download source code from source.android.com, adhere to AER requirements, pass CTS, apply for GMS license.

(C) Download source code from android.com/security, adhere to AER requirements, pass GMS test, Deploy GMS apps.

(D) Download source code from source.android.com, adhere to CDD, pass CTS, sideload GMS servers into the system.

Q.21 – What are some of the App management features of managed Google Play?

(A) Web app distribution

(B) App approval

(C) App permissions approval

(D) App distribution

Q.22 – What is AOSP?

(A) AOSP is an open source software stack owned by Google and supplied to the ecosystem for a wide array of devices with different form factors.

(B) AOSP is an open source OS that Google does not own.

(C) AOSP is the Android Often Supported Platform that is used by many OEMs to build devices.

(D) AOSP ensures Android Enterprise APIs are present in all OEM Android implementations.

Q.23 – The Source and Distribution platforms are the important aspects in deploying trusted applications. What aspects should you consider while deploying apps?

(A) Test your Applications on a trusted Platform: Google Play provides comprehensive Testing Track feature to ensure the app is working properly before it goes into production.

(B) Recognize the developers: Google Play identifies every single developer that publishes their apps through Google Play Store.

(C) Review the source-code: Reviewing the application source-code helps to check the details and identify what’s under the hood (what the application does).

(D) Install/distribute your applications only from trusted sources like Google Play: Installing an application from an unknown sources or sideloading leads into a serious security issue as such an application is vulnerable to compromise.

Q.24 – Which of the following statements is correct in relation to Testing Tracks for private apps?

(A) Open Track: Surface your app’s test version on Google Play. This is applicable for Public and Private Apps.

(B) All of above

(C) Internal Track: Quickly distribute your app for internal testing and quality assurance checks. This is applicable for Public and Private Apps. This is applicable for Public and Private Apps.

(D) Closed Track: Test pre-release versions of your app with a larger set of testers. You can assign this track to organization(s) for Google hosted private apps and publish it to Managed Google Play. This is applicable for Public and Private Apps.

Q.25 – Which of the following best describes Managed Configuration, one of the features introduced in Managed Google Play?

(A) Managed Configuration allows end-users to manage ‘the approved’ applications’ configurations by themselves without asking for the IT Admin permits.

(B) Managed Configuration is not a feature in Managed Google Play.

(C) Managed Configuration allows the IT Admin to set (and enforce) specific parameters in certain applications automatically. The configurable parameters are defined by the app developers.

(D) Managed Configuration is a set of configuration available in Managed Google Play for the IT Admin to control.

Q.26 – Which of the following could potentially be a Managed Google Account?

(A) it.admin@company.com

(B) it admin

(C) it.admin@gmail.com

(D) 807343127731897072334701702@android-for-work.gserviceaccount.com

Q.27 – What type of keystore implementation would prevent complicated forensic data extractions and analysis of lost or stolen devices for example, leaking information via power, timing, electromagnetic radiation, and thermal radiation examination?

(A) StrongBox.

(B) HeavyChip.

(C) StongBuilt.

(D) SQLite SB.

Q.28 – Which statement most accurately describes the CDD?

(A) The CDD provides guidance on how to add Google Apps to an Android device and defines an easy path for application management.

(B) The CDD is an optional guide that contains best practices around building a device with Android.

(C) The CDD represents the ‘policy’ aspect of Android compatibility set by Google. It outlines the requirements a device must meet to be considered compatible.

(D) The CDD was developed by Google when Android was originally released and gets updated every 4 years.

Q.29 – How can an organization ensure applications are only installed from known trusted sources?

(A) Disallow unknown sources via policy using an EMM.

(B) Inform their employees not to install applications from locations other than the Google Play Store.

(C) Enforce Google Play Protect.

(D) Specify device unlock or work profile security challenge.

Q.30 – When can you use Managed Google Account?

(A) You need employees to have access to other Google services.

(B) You want it simple, easy, and immediately available.

(C) You don’t have any preference (prefered/default choice).

(D) You are an existing Google Workspace user.

Q.31 – Excerpt from Helpdesk / User chat: User: I was searching for information about a project and a weird error in Chrome came up ‘Your device has Malware’ Helpdesk: You see this error on a webpage in Chrome? User: Yes Helpdesk: Did you get see a RED warning page in Chrome that it was not safe to continue? User: Yes, I thought it was ok since it gave me the option to proceed anyway. What Chrome policy can the admin set that would prevent this issue from occuring in the future? (Select 2)

(A) Disable Chrome in the work profle.

(B) Create a Terms of Service banner that tells users not to open suspicious websites.

(C) Set a managed configuration on Chrome to prevent users from disabling Safe Browsing.

(D) Set a managed configuration on Chrome to prevent users from disabling incognito mode.

Q.32 – Android uses Security Enhanced Linux (SELinux). What component of the SELinux kernel confines and reduces the impact of an exploited vulnerability to a single area?

(A) Security Domains.

(B) Secure memory blocks (SMB).

(C) The Hardware Abstraction Layer (HAL).

(D) System on a Chip (SoC).

Q.33 – Which of the following are suitable for the QR code provisioning method?

(A) Any device where users can log in using Gmail account information

(B) Scenarios where devices are distributed remotely and a programmer device is not available

(C) Devices that don’t support NFC

(D) All of above

Q.34 – Which is NOT an Android Enterprise Recommended program core requirement?

(A) It validates advanced features across multiple management sets.

(B) It demonstrates technical leadership.

(C) Ensures enterprise level support.

(D) It ensures support for Device Admin support remains in tact for customers.

Q.35 – Identify the features that are related to Managed Google Play accounts.

(A) Easy to register and available immediately

(B) Obfuscated

(C) Only for Managed Google Play, and cannot be used for other Google services

(D) Auto Account provisioning upon EMM enrollment

Q.36 – What process provides strong proof that a certificate being presented to a server for authentication from an Android device was stored in hardware and has not been compromised or spoofed?

(A) Key Attestation.

(B) Verify Apps.

(C) Certificate Capacitive Filtering.

(D) Network Access Control services.

Q.37 – A customer tells you they are concerned their custom app could be tricked to use a fraudulent certificate that gets installed on their Android devices. What technology would you discuss with them?

(A) Certificate Binding

(B) File-Based Encryption

(C) DNS over TLS

(D) Certificate Pinning

Q.38 – Which interface can you use to create and publish web apps into Managed Google Play?

(A) Play Publishing console Accessible from https://play.google.com/console

(B) Managed Play iframe Accessible from your EMM console

(C) Custom App Publishing API, accessible from your own internal system upon integration

(D) All of above

Q.39 – Mary leaves her Android phone in a Cab. John, the cab driver, is a nefarious character and tries to break into the phone versus returning it. He tries to install a custom version of Android on the device to gain access to Mary’s data. What security principal would prevent this from instance?

(A) A work profile passcode (work challenge)

(B) Using Android Protected Confirmation

(C) Rollback protection

(D) Factory Reset Protection

Q.40 – What are the three ways to publish your enterprise applications in Managed Google Play?

(A) From Custom App Publishing API: Accessible from your own internal system upon integration

(B) From Play Publishing console: Accessible from https://play.google.com/console

(C) From Managed Play console: Accessible from https://play.google.com/work

(D) From Managed Play iframe: Accessible from your EMM console

Q.41 – How can you manage Testing Tracks for your Enterprise applications?

(A) From Custom App Publishing API: Accessible from your own internal system upon integration

(B) From Managed Play iframe: Accessible from your EMM console

(C) From Managed Play console: Accessible from https://play.google.com/work

(D) From Play Publishing console: Accessible from https://play.google.com/console

Q.42 – Which of the following features is not supported by Managed Google Play?

(A) Web Applications

(B) All of the above

(C) Paid Applications

(D) Private Applications

Q.43 – What are the benefits of Google-Hosted applications as opposed to Self-Hosted Applications?

(A) Enables managed security and infrastructure, including SSL/TLS implementation, prevent poor coding practice, no clear text password, Trademark infringement, and PHA detection.

(B) Supports sharing private apps up to 100 domains/Enterprises and Silent push feature.

(C) All of above

(D) Global infrastructure with cached repository and Reduced Data consumption with delta update.

Q.44 – Can you use your Gmail account as a Managed Google Play identity?

(A) No, even though it’s technically possible, Google positioned Gmail only for consumer users.

(B) Yes, it is possible. However, it’s not recommended because of the advance setup and limitation against certain Managed Google Play features.

(C) No, Gmail is not designed for Enterprise users and it will not work with Managed Google Play.

(D) Yes, Gmail is part of Managed Google Play account that you can use as an identity in Managed Google Play.

Q.45 – What are the steps to setup Managed Google Play?

(A) Binding Enterprise: An Organization ID is created automatically and bounded with EMM and Enterprise Service Account.

(B) Registration/Creation of Enterprise: IT creates a Gmail account (corp.it.admin@gmail.com) and uses it to register and create enterprise.

(C) SSO Integration: IT integrates the local infrastructure with Managed Google Play Account service.

(D) Identity and User Mapping: During operation, EMM will automatically send commands to ESA to create Managed Google Play Accounts and map them to EMM user Accounts.

Q.46 – What are the two benefits that you would highlight for a customer looking to deploy applications via Managed Google Play?

(A) Prevents Admins from setting permissions to ensure app safety

(B) Allows Admins to create allow and block lists for public apps

(C) Safeguards devices by preventing private app deployment

(D) Removes the need for App wrapping

Q.47 – Identify the best practices for using Managed Google Play Accounts for administrative purposes.

(A) Setup two-factor authentication for increased security.

(B) Add additional owners to maintain redundancy.

(C) Setup security questions.

(D) Create a new Gmail account and set a backup email on this account to a group in your IT department.

Q.48 – Android devices with an implementation of the Keymaster HAL that resides in a hardware security module use true random number generators (TRNG). What is one of the advantages TRNG has over pseudo-random number generators (PRNG)?

(A) TRNGs uses strong mathematical functions to secure key generation.

(B) TRNGs are better because they use external sources of information for entropy, such as electrical circuit noise.

(C) Pseudo-random number generators are actually the best, but too expensive to put in mobile devices.

(D) TRNGs are more efficient and use less battery power. This can help extend battery life considerably.

Q.49 – Anthony is approaching Customs in a foreign country and is immediately asked for his Android phone. What can Mike do very quickly to help secure his phone?

(A) Smash the phone on the floor

(B) Enable Lockdown Mode

(C) Hide his phone

(D) Perform a factory reset

Q.50 – Which of the following is a network consideration when deploying Android Enterprise?

(A) Traffic to Google endpoints should also bypass SSL inspection. SSL intercepted traffic to Google services are often interpreted to be man-in-the-middle attacks and are blocked.

(B) Enable an inbound traffic connection to the EMM server, because Google needs to verify the EMM environment and its availability.

(C) Enable only port 443 to ensure all of the data transaction are running through secured connection.

(D) As long as the device and EMM can go to https://www.google.com it should be enough to satisfy the network requirements.

What is Android Enterprise Professional?

This assessment is conducted by Google Partner training through the Fathomed platform. This assessment tests your basic understanding of the Android Enterprise, what makes it so secure for use in businesses and enterprises, the available device modes, and the available use cases.

You need to score 80% or higher to pass and earn the certificate. The certificate is valid for a period of 12 months and if you fail in your first try then you can retake the exam immediately.

Exam Requirements

There are three main requirements for applying to this exam:

(1) You should own a Smartphone or Computer with an active Internet connection.

(2) You should have a free Google Account.

(3) You will need to register with a company email.

Course Modules of the Exam

There are a total of 4 modules on which you are tested in this exam.

(1) OS Platform and Security.

(2) Managed Google Play.

(3) Deployment.

(4) Deployment Best Practices.

Key Features Of This Exam

The main features of this course are:

(1) It is designed by Google itself so the information provided is of high quality.

(2) It provides a Certificate which has recognition in the job industry.

(3) A user has unlimited access to the exam and it’s totally free.

Fazit

This article provides all the answers with a detailed explanation so that you don’t just get the correct answers but you actually understand the reason behind the answers. You can get the answers to other Android Enterprise Professional exams in our Android Enterprise Professional Pre-Assessment Answers page, and Android Enterprise Professional Post-Assessment Answers page.

You should also check out our answers to the Android Enterprise Associate exams in our Android Enterprise Associate Pre-Assessment Answers page, Android Enterprise Associate Post-Assessment Answers page, and Android Enterprise Associate Answers page. Also, don’t forget to check out the answers to Zero-Touch Assessment, Android Enterprise Security & Privacy Final Exam Answers page, and Android Enterprise Experts Certification Exam Answers page.

Schreibe einen Kommentar

Share via
Copy link
Powered by Social Snap