Google Workspace Associate Administrator — Question 3

Several employees at your company received messages with links to malicious websites. The messages appear to have been sent by your company’s human resources department. You need to identify which users received the emails and prevent a recurrence of similar incidents in the future. What should you do?

Answer options

• A. Search the sender’s email address by using Email Log Search. Identify the users that received the messages. Instruct them to mark them as spam in Gmail, delete the messages, and empty the trash.
• B. Search for the sender’s email address by using the security investigation tool. Mark the messages as phishing. Add the sender’s email address to the Blocked senders list in the Spam, Phishing and Malware setting in Gmail to automatically reject future messages.
• C. Collect a list of users who received the messages. Search the recipients’ email addresses in Google Vault. Export and download the malicious emails in PST file format. Add the sender’s email address to a quarantine list setting in Gmail to quarantine any future emails from the sender.
• D. Search for the sender’s email address by using the security investigation tool. Delete the messages. Turn on the safety options for spoofing and authentication protection in Gmail settings.

Correct answer: D

Explanation

Option D is correct because it addresses both the immediate removal of harmful messages and strengthens future protection through safety settings. Options A and C do not effectively prevent future occurrences, while option B focuses on marking messages as phishing without enhancing safety measures.