Enroll Now: Android Enterprise Professional Certification
Question 1: The identity method that is preferred for G-Suite customers:
- Managed Google Play Account
- Managed Google Account
- EMM Enhanced Account
- Gmail Account
Question 2: The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Question 3: Restricting applications from communicating directly to each other is an example of what Android security principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Question 4: Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play Store
Question 5: Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin API’s provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
Question 6: __________________ ensures key generation, key import, signing and verification services are kept separate from the OS.
- Trusted Execution Environment (TEE)
Question 7: Android 8.0+ Includes ___________ To Not Allow Downgrading OS To An Older Less Secure Version Or Patch Level.
- Rollback prevention
Question 8: ____________ Ensures Keys Created With A Newer OS Cannot Be Used By Older OS Versions.
- Version binding
Question 9: Using A Pin + Hardware Key To Derive Encryption Keys Is Called ________________.
- PIN verification process
Question 10: As It Pertains To Shared Device Use Cases, Support For _____________ Was Added In Android Pie (9.0) Kiosk Mode.
- Work profile
- Multiple containers
- Multiple Apps
- Multiple DPC’s
Question 11: Android Devices Utilize A __________, To Run Privileged Or Security-Sensitive Operations Such As PIN Verification, Secure Storage Of Encryption Keys And Verified Boot.
- Tamper Resistant Zone
- Trusted Encryption Zone
- Secure Execution Environment
- Trusted Execution Environment
Question 12: As Users Are The First Line Of Defense Against Any Mobile Threat, EMM’s Can Employ Policies That Can Force:
- Verified Boot
- Continuous SMS and call monitoring
- Passphrase to recover lost email accounts
- Strong PIN, pattern or password lock
Question 13: To Make Android Even Safer, Google Shares Source Code For Security Fixes Every ______ Days With Partners And Publish Updates For Nexus And Pixel Devices.
- 90
- 180
- Dessert release
- 30
Question 14: Google Play Protect Scans ___________ Apps That Are Installed Onto A Device:
- Only Google Play store
- Only sideloaded
- Third party
- All
Question 15: All Android OEM’s That Opt To Use Google Mobile Services (GMS) Must Adhere To A _________ And Successfully Pass ____________.
- Compatibility Definition Document (CDD), Android Device Test
- Compatibility Definition Document (CDD), Android Test Suite (ATS)
- Compatibility Definition Document (CDD), Compatibility Test Suite (CTS)
- Enterprise Recommended Document (ERD) and Compatibility Test Suite (CTS)
Question 16: Restricting Applications From Communicating Directly To Each Other Is An Example Of What Android Security Principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Question 17: Android Enterprise Recommended Ensures Devices Are Up To Date With Regular Security Patches Delivered Within _________. Android Enterprise Recommended Devices Are Also Guaranteed To Get At Least ______________.
- 45 days, 2 additional major OS updates
- 90 days, 1 additional major OS update
- 60 days, 1 additional major OS update
- 90 days, 2 additional major OS updates
Question 18: During the ____________ process, each bootstage cryptographically verifies the integrity and authenticity of the next stage before executing it.
- Verified Boot
- Kernel checking
- Hashtagging
- System check
Question 19: ___________ is a collection of Google applications and APIs that help support functionality across devices and a requirement for Android Enterprise.
- Android Managed Services (AMS)
- Android Compatibility Services (ACS)
- Compatibility Test Suite (CTS)
- Google Mobile Services (GMS)
Question 20: Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play
Question 21: What Are The Are Two Identities That Can Be Used With Android Enterprise?
- Managed Google Play Account & Gmail
- Managed EMM Account
- G Suite or Cloud Identity account & Managed Google Play Account
- Gmail & Managed Google Account
Question 22: How Many Managed Google Play Accounts Can A Customer Get For Free From Google For Use With Their EMM?
- As many as needed
- 5
- 20
- 35
Question 23: Please Select The Most Accurate Statement As It Pertains To Managed Google Play Accounts:
- Managed Google Play accounts are quick and easy to claim and require organizations to register their actual name with Google
- Managed Google Play accounts are easy to claim but require a 1 week approval period from Google
- Managed Google Play accounts are quick and easy to attain obfuscated identities that can be claimed for as many users as needed
- Manage Google Play accounts provide end users with identities that allows them to sign in to Google services such as G-Suite
Question 24: Managed Google Play Provides Organizations Complete Control Over App Visibility And Distribution By:
- Allowing whitelisting and silent app push
- Providing application user data to admins
- Easy sideloading of select apps
- Making full Google Play store available to all user
Question 25: Some Of The Advantages Of Hosting Private Apps On Managed Google Play Are:
- Application scanning, delta upgrades, free app hosting
- Security, cross platform application support and competitive pricing
- Security, easy administration and being able to host apps from any platform
- Hosting private apps on Google Play is not recommended
Question 26: Read the customer need and match them with the correct use state:
- BYOD -> Saving the enterprise money is important, as is providing our employees privacy
- Fully Managed, Personally Enabled -> Flexibility of using full decvice management with a work profile
- Fully Managed -> Full control over apps and data on devices is most important
- Dedicated Device -> Remote updates and a locked mode for specific tasks
Question 27: Match them with the correct use state:
- Google Account -> User enters Google Account username & password. Availability: all versions the EMM support
- Hashtag ID -> User or admin afw#<EMMcode>. Availability 6.0+
- QR Code -> User or admin scans. Availability 7.0+
- NFC -> Admin bump. Availability 5.1+ NFC support
- Zero Touch Enrollment -> Device driven flow. Availability 7.0+ Pixel only, 8.0+ selected devices
Question 28: When Enrolling Devices Using The NFC Method, Organizations Can Use __________ To Transfer Configurations To A New Device:
- Either a pre-programmed master device or NFC tag
- A pre-programmed master device
- Only a pre-programmed NFC tag
- Android Enterprise does not support NFC enrollment
Question 29: Devices With A Work Profile Differentiate Work Apps From Personal Apps By A:
- Badged hashtag
- Badged dot
- Badged star
- Badged briefcase
Question 30: The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Question 31: Using Android Enterprise Versus Device Admin (DA) Is Recommended For All Deployments Going Forward Because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin API’s provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
Question 32: The newest enrollment method with the launch of __________ is ___________:
- Android 6.0, Managed Deployment
- Androoid 9.0, Single Touch
- Android 8.0, Zero Touch
- Android 7.0, Easy Scale
Question 33: ________________ can add IMEI or serial numbers to the zero-touch portal.
- End-Users
- Resellers
- Resellers and carrier partners
- Customers
Question 34: What Is The Proper Method A User Should Follow In Order To Add A Work Profile To Their Personal Device?
- Clear all personal data from device, download EMM app from Play Store, follow the setup wizard to complete.
- Download EMM app from Google Play, enter corporate credentials, follow the setup wizard to complete.
- Hard reset the device, send it into IT department for set up, retrieve device when ready.
- Enroll device in Zero Touch portal, inform IT so they can configure, follow the setup wizard.
Question 35: In order to gain user buy in for work profiles, explain to users that IT cannot monitor ____________ . (select all that apply)
- Call logs
- Personal photos
- Personal app installs
- SMS
Question 36: True or false: During deployment planning, it is important to determine scope of testing and timelines for different stages of the deployment.
- True
- False
Question 37: _____________ establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google.
- Zero-touch
- Android Enterprise Recommended
- Managed Google Play
- Android Profiles
Question 38: Before Deploying Android In A No Connectivity Environment, You Should Strongly Consider:
- Android Enterprise devices must be able to access the Managed Google Play store to get apps and updates, and Google Play Protect security services.
- Android Enterprise devices require special permissions and policies to run in such environments
- The devices running in these environments must be running Android Oreo (8.0) or higher
- None of the above
Question 39: The Identity Method That Is Preferred For G-Suite Customers Is Referred To As:
- Managed Google Play Account & Gmail
- Managed Google Account
- EMM Enhanced Account
- Gmail
Question 40: The newest enrollment method with the launch of __________ is ___________:
- Android P, Fast Touch
- Android O, Zero Touch
- Android N, Easy Scale
- Android M, Managed Deployment
Question 41: The Android Open Source Software Stack Is Built On:
- SELinux
Question 42: __________________ Is A Standard For Enterprise Customers To Recognize Android Devices That Perform Against Enterprise-Grade Testing And Integrate With Enterprise-Focused Features. (Fill In The Blank)
- Android Enterprise Recommended
Question 43: Google Play Protect Includes: (Select All That Apply)
- Real-time malware detection
- Daily scan of apps on devices
- Blocking of harmful apps
Question 44: Hardware-Backed Security Does Which Of The Following? (Select All That Apply)
- Mitigates exploitation
- Prevents brute force attacks
- Protects the boot process
- Keeps data safe from physical attacks
Question 45:
- Managed Google Account -> Need to verify ownership of the domain
- Managed Google Play Account -> Supports multiple EMMs in same organization
- Managed Google Account -> Need a public facing IDP for SSO
- Managed Google Account -> Additional steps required for API integration
- Managed Google Play Account -> Automatically generates a random service account at enrollment
- Managed Google Account -> Appropriate for G suite and Chrome OS customers
- Managed Google Account -> Accounts from Google console must be manually pasted into EMM console
- Managed Google Account -> It is not possible to bind your domain to more than one EMM
- Managed Google Account -> Employees may have signed up for a Google Account using @mycompany.com email
- Managed Google Play Account -> Register your organization in a few seconds from your EMM console
- Managed Google Play Account -> No need to sign in, user never sees the actual account
Question 46: With Managed Google Play, You Can: (Select All That Apply)
- Manage and configure apps
- Host and publish internal apps
- Distribute and purchase apps
Question 47: ‘Sideloading’ Is The #1 Risk For Introducing Malware And PHAs Onto Your Device.
- True
Question 48: The Advantages Of Hosting Private Apps On Google Play Include: (Select All That Apply)
- Easy administration
- Security
- Reliability
Question 49: __________________ Enables Large-Scale Android Deployments Across Multiple Device Makers With No Manual Set Up. (Fill In The Blank)
- EMM token
- Zero-touch
- QR code
Question 50: The Feature That Gives IT Control Over Company Data While Allowing Workers To Keep Their Pictures And Apps Private Is Called:
- Android profiles
- Zero-touch
- Work profile
- Managed Google Play
Question 51: COPE Devices Provide: (Select All That Apply)
- Flexibility of using full device management with a work profile