Google Workspace Associate Administrator — Question 46

You recently noticed a suspicious trend in your organization's Google Drive usage. Several users have shared sensitive documents outside the organization, potentially violating your company's data security policy. You need to identify the responsible users and the extent of the unauthorized sharing. What should you do?

Answer options

• A. Create an activity rule in the Security Center to alert you of future external sharing events.
• B. Use the security health page to identify misconfigured sharing settings in Drive.
• C. Review the organization's sharing policies in the Admin console, and update the policies to prevent external sharing.
• D. Use the security investigation tool to analyze Drive logs and identify the users.

Correct answer: D

Explanation

The correct answer is D because the security investigation tool allows for a deep analysis of Drive logs, helping to identify which users have shared documents externally. Option A only alerts for future events without addressing the current issue, B focuses on misconfigurations rather than identifying responsible users, and C modifies policies but does not reveal who was involved in the unauthorized sharing.