Google Cloud Professional Collaboration Engineer — Question 48

Your company uses a whitelisting approach to manage third-party apps and add-ons. The Senior VP of Sales & Marketing has urgently requested access to a new
Marketplace app that has not previously been vetted. The company's Information Security policy empowers you, as a G Suite admin, to grant provisional access immediately if all of the following conditions are met:
✑ Access to the app is restricted to specific individuals by request only.
✑ The app does not have the ability to read or manage emails.
✑ Immediate notice is given to the Infosec team, followed by the submission of a security risk analysis report within 14 days.
Which actions should you take first to ensure that you are compliant with Infosec policy?

Answer options

• A. Move the Senior VP to a sub-OU before enabling Marketplace Settings > "Allow Users to Install Any App from G Suite Marketplace."
• B. Confirm that the Senior VP's OU has the following Gmail setting disabled before whitelisting the app: "Let users delegate access to their mailbox."
• C. Add the Marketplace app, then review the authorized scopes in Security > Manage API client access.
• D. Search the G Suite support forum for feedback about the app to include in the risk analysis report.

Correct answer: C

Explanation

The correct answer is C because adding the Marketplace app and reviewing the authorized scopes is crucial to ensure compliance with security policies. Options A and B address user settings but do not directly relate to the immediate action required for app access. Option D, while useful for gathering information, does not fulfill the requirement to take immediate compliance actions.