Exam Name: Android Enterprise Professional Exam
Exam URL: https://androidenterprise.exceedlms.com/student/path/319741-android-enterprise-professional
- Step. Android Enterprise Professional Pre-Survey
- Step. Android Enterprise Professional Pre-Assessment
- Step. OS overview
- Step. Security
- Step. Managed Google Play
- Step. Deployment
- Step. Deployment Best Practices
- Step. Professional Post-Course Online Survey
- Step. Android Enterprise Professional Post-Assessment
I. Section.Android Enterprise Academy Professional
Pre-Assessment- Step. Android Enterprise Professional Pre-Survey
You’ll get a short 3 question survey as in the image below.. It doesn’t matter what you choose at this step.
- Step. Android Enterprise Professional Pre-Assessment
In this step you’ll have to answer 5 questions assessment. You’ll get 5 questions from listed below, but in random order.
Q1. Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play Store
Q2. Restricting applications from communicating directly to each other is an example of what Android security principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Q3. The identity method that is preferred for G-Suite customers:
- Managed Google Play Account
- Managed Google Account
- EMM Enhanced Account
- Gmail Account
Q4. The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Q5. Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin API’s provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
II. Section.Android Enterprise Academy Professional Courses
- Step. OS overview
a) Click “Begin” to start the course
b) You can scroll down to lesson 5. There you’ll have to match 4 cards to boxes as follows:
- Can be more complex than device password – “Work profile mode”
- Optional remote password change – “Managed device mode”
- Optional 2nd password for work profile – “Work profile mode”
- Single password – “Managed device mode”
c) Lesson 8 quiz.
Q1. The Android open source software stack is built on:
- SELinux
Q2. __________________ is a standard for enterprise customers to recognize Android devices that perform against enterprise-grade testing and integrate with enterprise-focused features. (fill in the blank)
- Android Enterprise Recommended
d) Step completed. Click “All done” to unlock the next lesson.
- Step. Security
a) Click “Begin” to Start the Course
b) Lesson 3 quiz. You have to answer 4 questions as follows:
Q1. __________________ ensures key generation, key import, signing and verification services are kept separate from the OS.
- Trusted Execution Environment (TEE)
Q2. Android 8.0+ includes ___________ to not allow downgrading OS to an older less secure version or patch level.
- Rollback prevention
Q3. ____________ ensures keys created with a newer OS cannot be used by older OS versions.
- Version binding
Q4. Using a pin + hardware key to derive encryption keys is called ________________.
- PIN verification process
c) Lesson 6 quiz. You have to answer 3 questions as follows:
Q1. Google Play Protect includes: (select all that apply)
- Real-time malware detection
- Daily scan of apps on devices
- Blocking of harmful apps
Q2. __________________ ensures key generation, key import, signing and verification services are kept separate from the OS. (fill in the blank)
- Trusted Execution Environment (TEE)
Q3. Hardware-backed security does which of the following? (select all that apply)
- Mitigates exploitation
- Prevents brute force attacks
- Protects the boot process
- Keeps data safe from physical attacks
d) Click “All done” to unlock the next lesson.
- Step. Managed Google Play
a) Click “Begin” to start the course
b) You can scroll down and skip to lesson 5 activity. You need to drag 11 cards to containers as follows (random order):
- Need to verify ownership of the domain – “Managed Google Account”
- Supports multiple EMMs in same organization – “Managed Google Play Account”
- Need a public facing IDP for SSO – “Managed Google Account”
- Additional steps required for API integration – “Managed Google Account”
- Automatically generates a random service account at enrollment – “Managed Google Play Account”
- Appropriate for G suite and Chrome OS customers – “Managed Google Account”
- Accounts from Google console must be manually pasted into EMM console – “Managed Google Account”
- It is not possible to bind your domain to more than one EMM – “Managed Google Account”
- Employees may have signed up for a Google Account using @mycompany.com email – “Managed Google Account”
- Register your organization in a few seconds from your EMM console – “Managed Google Play Account”
- No need to sign in, user never sees the actual account – “Managed Google Play Account”
c) Lesson 8 quiz. You have to answer 3 questions as follows:
Q1. With Managed Google Play, you can: (select all that apply)
- Manage and configure apps
- Host and publish internal apps
- Distribute and purchase apps
Q2. ‘Sideloading’ is the #1 risk for introducing malware and PHAs onto your device.
- True
Q3. The advantages of hosting private apps on Google Play include: (select all that apply)
- Easy administration
- Security
- Reliability
- Step. Deployment
a) Click “Begin”
b) Lesson 4 activity. You have to match statements as follows (drag and join blocks):
- BYOD with “Saving the enterprise money is important, as is providing our employees privacy.”
- COPE with “Flexibility of using full device management with a work profile.”
- COBO with “Full control over apps and data on devices is most important.”
- COSU with “Remote updates and a locked mode for a specific tasks.”
b) Lesson 6 activity. You have to match statements as follows (drag and join blocks):
- User enters Google Account username & password. Availability: all versions the EMM support with “Google Account”
- User or admin afw#<EMMcode>. Availability 6.0+ with “Hashtag ID”
- User or admin scans. Availability 7.0+ with “QR code”
- Admin bump. Availability 5.1+ NFC support with “NFC”
- Device driven flow. Availability 7.0+ Pixel only, 8.0+ selected devices with “Wero-touch enrollment”
c) Lesson 7 quiz. You have to answer 3 questions as follows:
Q1. COPE devices provide: (select all that apply)
- Flexibility of using full device management with a work profile
Q2. __________________ enables large-scale Android deployments across multiple device makers with no manual set up. (fill in the blank)
- EMM token
- Zero-touch
- QR code
Q3. The feature that gives IT control over company data while allowing workers to keep their pictures and apps private is called:
- Android profiles
- Zero-touch
- Work profile
- Managed Google Play
d) Click “All done” to unlock the next lesson.
- Step. Deployment Best Practices
a) Click “Begin” to start the course
b) You can scroll and skip to lesson 7 quiz. You’ll need to answer 3 questions here.
Q1. In order to gain user buy in for work profiles, explain to users that IT cannot monitor ____________ . (select all that apply)
- Call logs
- Personal photos
- Personal app installs
- SMS
Q2. True or false: During deployment planning, determine scope of testing and timelines for different stages of the deployment.
- True
Q3. _____________ establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google.
- Android Enterprise Recommended
c) Click “All done” to unlock the next lesson.
III. Section.Android Enterprise Academy Professional Final Assessment
- Step. Professional Post-Course Online Survey
You’ll get a short 2 question survey as in the image below.. It doesn’t matter what you choose at this step.
- Step. Android Enterprise Professional Post-Assessment
FINAL ASSESSMENT. You’ll get 25 questions from listed below (random order).
Q1. The newest enrollment method with the launch of __________ is ___________:
- Android P, Fast Touch
- Android O, Zero Touch
- Android N, Easy Scale
- Android M, Managed Deployment
Q2. As users are the first line of defense against any mobile threat, EMM’s can employ policies that can force:
- Verified Boot
- Strong PIN, pattern or password lock
- Continuous SMS and call monitoring
- Passphrase to recover lost email accounts
Q3. ________________ can add IMEI or serial numbers to the Zero Touch portal?
- End-Users
- Resellers
- Resellers and carrier partners
- Customers
Q4. Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin API’s provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
Q5. ___________ is a collection of Google applications and APIs that help support functionality across devices and a requirement for Android Enterprise.
- Android Managed Services (AMS)
- Google Mobile Services (GMS)
- Android Compatibility Services (ACS)
- Compatibility Test Suite (CTS)
Q6. The identity method that is preferred for G-Suite customers is referred to as:
- Managed Google Play Account & Gmail
- Managed Google Account
- EMM Enhanced Account
- Gmail
Q7. To make Android even safer, Google shares source code for security fixes every ______ days with partners and publish updates for Nexus and Pixel devices.
- 30
- 90
- 180
- Dessert release
Q8. As it pertains to shared device use cases, support for _____________ was added in Android Pie (9.0) kiosk mode.
- Work profile
- Multiple containers
- Multiple Apps
- Multiple DPC’s
Q9. Google Play Protect scans ___________ apps that are installed onto a device:
- Only Google Play store
- All
- Only sideloaded
- Third party
Q10. All Android OEM’s that opt to use Google Mobile Services (GMS) must adhere to a _________ and successfully pass ____________.
- Compatibility Definition Document (CDD), Compatibility Test Suite (CTS)
- Compatibility Definition Document (CDD), Android Test Suite (ATS)
- Enterprise Recommended Document (ERD) and Compatibility Test Suite (CTS) Compatibility Definition Document (CDD), Android Device Test (ADT) Compatibility Definition Document (CDD), Android Device Test (ADT)
Q11. Android Enterprise Recommended ensures devices are up to date with regular security patches delivered within _________. Android Enterprise Recommended devices are also guaranteed to get at least ______________.
- 45 days, 2 additional major OS updates
- 90 days, 1 additional major OS update
- 60 days, 1 additional major OS update
- 90 days, 2 additional major OS updates
Q12. How many Managed Google Play accounts can a customer get for free from Google for use with their EMM?
- As many as needed
- 5
- 20
- 35
Q13. Please select the most accurate statement as it pertains to Managed Google Play accounts:
- Managed Google Play accounts are quick and easy to claim and require organizations to register their actual name with Google
- Managed Google Play accounts are easy to claim but require a 1 week approval period from Google
- Managed Google Play accounts are quick and easy to attain obfuscated identities that can be claimed for as many users as needed
- Manage Google Play accounts provide end users with identities that allows them to sign in to Google services such as G-Suite
Q14. Some of the advantages of hosting private apps on Managed Google Play are:
- Application scanning, delta upgrades, free app hosting
- Security, cross platform application support and competitive pricing
- Security, easy administration and being able to host apps from any platform
- Hosting private apps on Google Play is not recommended
Q15. The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Q16. Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play Store
Q17. Devices with a work profile differentiate work apps from personal apps by a:
- Badged hashtag
- Badged dot
- Badged star
- Badged briefcase
Q18. Restricting applications from communicating directly to each other is an example of what Android security principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Q19. What are the are two identities that can be used with Android Enterprise?
- Managed Google Play Account & Gmail
- Gmail & Managed Google Account
- Managed Google Account & Managed Google Play Account
- Managed EMM Account
Q20. What is the proper method a user should follow in order to add a work profile to their personal device?
- Clear all personal data from device, download EMM app from Play Store, follow the setup wizard to complete.
- Download EMM app from Google Play, enter corporate credentials, follow the setup wizard to complete.
- Hard reset the device, send it into IT department for set up, retrieve device when ready.
- Enroll device in Zero Touch portal, inform IT so they can configure, follow the setup wizard.
Q21. Before deploying Android in a no connectivity environment, you should strongly consider:
- Android Enterprise devices must be able to access the Managed Google Play store to get apps and updates, and Google Play Protect security services.
- Android Enterprise devices require special permissions and policies to run in such environments
- The devices running in these environments must be running Android Oreo (8.0) or higher
- None of the above
Q22. Android devices utilize a __________, to run privileged or security-sensitive operations such as PIN verification, secure storage of encryption keys and Verified Boot.
- Tamper Resistant Zone
- Trusted Execution Environment
- Trusted Encryption Zone
- Secure Execution Environment
Q23. During the ____________ process, each bootstage cryptographically verifies the integrity and authenticity of the next stage before executing it.
- Verified Boot
- Kernel checking
- Hashtagging
- System check
Q24. When enrolling devices using the NFC method, organizations can use __________ to transfer configurations to a new device:
- Either a pre-programmed master device or NFC tag
- A pre-programmed master device
- Only a pre-programmed NFC tag
- Android Enterprise does not support NFC enrollment
Q25. Managed Google Play provides organizations complete control over app visibility and distribution by:
- Allowing whitelisting and silent app push
- Providing application user data to admins
- Easy sideloading of select apps
- Making full Google Play store available to all user