Table of Contents
Android Enterprise Professional Exam Answers
I. Section.Android Enterprise Academy Professional
Step 2: Android Enterprise Professional Pre-Assessment
Question 1: Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play Store
Question 2: Restricting applications from communicating directly to each other is an example of what Android security principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Question 3: The identity method that is preferred for G-Suite customers:
- Managed Google Play Account
- Managed Google Account
- EMM Enhanced Account
- Gmail Account
Question 4: The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Question 5: Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin APIs provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
II. Section.Android Enterprise Academy Professional Courses
Step 4: Security
Lesson 6 Quiz:
Question 1: Google Play Protect includes: (select all that apply)
- Real-time malware detection
- Daily scan of apps on devices
- Blocking of harmful apps
Question 2: __________________ ensures key generation, key import, signing and verification services are kept separate from the OS. (fill in the blank)
Trusted Execution Environment (TEE)
Question 3: Hardware-backed security does which of the following? (select all that apply)
- Mitigates exploitation
- Prevents brute force attacks
- Protects the boot process
- Keeps data safe from physical attacks
Step 5: Managed Google Play
Lesson 8 Quiz:
Question 1: With Managed Google Play, you can: (select all that apply)
- Manage and configure apps
- Host and publish internal apps
- Distribute and purchase apps
Question 2: ‘Sideloading’ is the #1 risk for introducing malware and PHAs onto your device.
- True
- False
Question 3: The advantages of hosting private apps on Google Play include: (select all that apply)
- Easy administration
- Security
- Reliability
Step 6: Deployment
Lesson 7 Quiz:
Question 1: Question 1: COPE devices provide: (select all that apply)
- Flexibility of using full device management with a work profile
Question 2: __________________ enables large-scale Android deployments across multiple device makers with no manual set up. (fill in the blank)
- EMM token
- Zero-touch
- QR code
Question 3: The feature that gives IT control over company data while allowing workers to keep their pictures and apps private is called:
- Android profiles
- Zero-touch
- Work profile
- Managed Google Play
Step 7: Deployment Best Practices
Question 1: In order to gain user buy in for work profiles, explain to users that IT cannot monitor ____________ . (select all that apply)
- Call logs
- Personal photos
- Personal app installs
- SMS
Question 2: True or false: During deployment planning, determine scope of testing and timelines for different stages of the deployment.
- True
- False
Question 3: _____________ establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google.
- Android Enterprise Recommended
Android Enterprise Professional Final Exam Answers
Question 1: The newest enrollment method with the launch of __________ is ___________:
- Android P, Fast Touch
- Android O, Zero Touch
- Android N, Easy Scale
- Android M, Managed Deployment
Question 2: As users are the first line of defense against any mobile threat, EMM’s can employ policies that can force:
- Verified Boot
- Strong PIN, pattern or password lock
- Continuous SMS and call monitoring
- Passphrase to recover lost email accounts
Question 3: ________________ can add IMEI or serial numbers to the Zero Touch portal?
- End-Users
- Resellers
- Resellers and carrier partners
- Customers
Question 4: Using Android Enterprise versus Device Admin (DA) is recommended for all deployments going forward because:
- Device Admin API’s have been marked deprecated and will eventually not be supported
- Device Admin APIs provided an outdated security model and management approach
- Android Enterprise offers a modern management framework with enterprise APIs and secure app deployment via managed Google Play.
- All of the above
Question 5: ___________ is a collection of Google applications and APIs that help support functionality across devices and a requirement for Android Enterprise.
- Android Managed Services (AMS)
- Google Mobile Services (GMS)
- Android Compatibility Services (ACS)
- Compatibility Test Suite (CTS)
Question 6: The identity method that is preferred for G-Suite customers is referred to as:
- Managed Google Play Account & Gmail
- Managed Google Account
- EMM Enhanced Account
- Gmail
Question 7: To make Android even safer, Google shares source code for security fixes every ______ days with partners and publish updates for Nexus and Pixel devices.
- 30
- 90
- 180
- Dessert release
Question 8: As it pertains to shared device use cases, support for _____________ was added in Android Pie (9.0) kiosk mode.
- Work profile
- Multiple containers
- Multiple Apps
- Multiple DPC’s
Question 9: Google Play Protect scans ___________ apps that are installed onto a device:
- Only Google Play store
- All
- Only sideloaded
- Third party
Question 10: All Android OEM’s that opt to use Google Mobile Services (GMS) must adhere to a _________ and successfully pass ____________.
- Compatibility Definition Document (CDD), Compatibility Test Suite (CTS)
- Compatibility Definition Document (CDD), Android Test Suite (ATS)
- Enterprise Recommended Document (ERD) and Compatibility Test Suite (CTS) Compatibility Definition Document (CDD), Android Device Test (ADT) Compatibility Definition Document (CDD), Android Device Test (ADT)
Question 11: Android Enterprise Recommended ensures devices are up to date with regular security patches delivered within _________. Android Enterprise Recommended devices are also guaranteed to get at least ______________.
- 45 days, 2 additional major OS updates
- 90 days, 1 additional major OS update
- 60 days, 1 additional major OS update
- 90 days, 2 additional major OS updates
Question 12: How many Managed Google Play accounts can a customer get for free from Google for use with their EMM?
- As many as needed
- 5
- 20
- 35
Question 13: Please select the most accurate statement as it pertains to Managed Google Play accounts:
- Managed Google Play accounts are quick and easy to claim and require organizations to register their actual name with Google
- Managed Google Play accounts are easy to claim but require a 1-week approval period from Google
- Managed Google Play accounts are quick and easy to attain obfuscated identities that can be claimed for as many users as needed
- Manage Google Play accounts provide end users with identities that allows them to sign in to Google services such as G-Suite
Question 14: Some of the advantages of hosting private apps on Managed Google Play are:
- Application scanning, delta upgrades, free app hosting
- Security, cross platform application support and competitive pricing
- Security, easy administration and being able to host apps from any platform
- Hosting private apps on Google Play is not recommended
Question 15: The following enrollment methods are supported with Android Enterprise:
- NFC
- QR Code
- Zero-Touch
- All of the above
Question 16: Google recommends which of the following methods to securely manage, deploy or host in-house company applications?
- Sideloading
- Android admin console
- Zero Touch Portal
- Managed Google Play Store
Question 17: Devices with a work profile differentiate work apps from personal apps by a:
- Badged hashtag
- Badged dot
- Badged star
- Badged briefcase
Question 18: Restricting applications from communicating directly to each other is an example of what Android security principle:
- Verified Boot
- Safety Net
- Application Sandboxing
- Address Space Layout Randomization (ASLR)
Question 19: What are the are two identities that can be used with Android Enterprise?
- Managed Google Play Account & Gmail
- Gmail & Managed Google Account
- Managed Google Account & Managed Google Play Account
- Managed EMM Account
Question 20: What is the proper method a user should follow in order to add a work profile to their personal device?
- Clear all personal data from device, download EMM app from Play Store, follow the setup wizard to complete.
- Download EMM app from Google Play, enter corporate credentials, follow the setup wizard to complete.
- Hard reset the device, send it into IT department for set up, retrieve device when ready.
- Enroll device in Zero Touch portal, inform IT so they can configure, follow the setup wizard.
Question 21: Before deploying Android in a no connectivity environment, you should strongly consider:
- Android Enterprise devices must be able to access the Managed Google Play store to get apps and updates, and Google Play Protect security services.
- Android Enterprise devices require special permissions and policies to run in such environments
- The devices running in these environments must be running Android Oreo (8.0) or higher
- None of the above
Question 22: Android devices utilize a __________, to run privileged or security-sensitive operations such as PIN verification, secure storage of encryption keys and Verified Boot.
- Tamper Resistant Zone
- Trusted Execution Environment
- Trusted Encryption Zone
- Secure Execution Environment
Question 23: During the ____________ process, each bootstage cryptographically verifies the integrity and authenticity of the next stage before executing it.
- Verified Boot
- Kernel checking
- Hash tagging
- System check
Question 24: When enrolling devices using the NFC method, organizations can use __________ to transfer configurations to a new device:
- Either a pre-programmed master device or NFC tag
- A pre-programmed master device
- Only a pre-programmed NFC tag
- Android Enterprise does not support NFC enrollment
Question 25: Managed Google Play provides organizations complete control over app visibility and distribution by:
- Allowing whitelisting and silent app push
- Providing application user data to admins
- Easy sideloading of select apps
- Making full Google Play store available to all user
Introduction to Android Enterprise Professional
“Android Enterprise Professional” typically refers to a certification program offered by Google for individuals who specialize in deploying and managing Android devices in enterprise environments. Professionals who earn this certification demonstrate proficiency in configuring, deploying, and managing Android devices and services securely and efficiently within organizations.
Key areas covered by the Android Enterprise Professional certification may include:
- Android Enterprise Overview: Understanding the different deployment scenarios and management options available through Android Enterprise.
- Deployment: Knowledge of configuring Android devices for enterprise use, including enrollment methods such as zero-touch enrollment.
- Management: Skills in managing Android devices, apps, and policies using enterprise mobility management (EMM) solutions.
- Security: Understanding Android security features and best practices for securing devices and data in enterprise settings.
- Support: Ability to troubleshoot and support Android devices and deployments in enterprise environments.
Earning the Android Enterprise Professional certification typically involves passing an exam that tests knowledge and practical skills related to these areas. It is recognized as a validation of expertise in implementing Android solutions tailored for business and enterprise use cases.