Android Enterprise Expert Certification Exam Answers
Android Enterprise Experts Certification Exam Answers
Questions:
Indice del contenido
Android Architecture and Implementation
- Admin access to an EMM console that supports fully managed Android and work profile.
- Two test devices, one running Android 7.0+, the other one running Android 8.0+ and compatible with zero-touch.
Do you meet the eligibility criteria?
- Yes
- No
Drag each answer to a box, then submit.
- Solution set: A set of enterprise features organized by use case.
- Managed Google Play: Content marketplace for Android in the enterprise. It allows Admins to select and manage apps for their organization.
- Work profile: A self-contained profile on an Android device that isolates work apps and data from personal apps and data.
- Device policy controller (DPC): An app that controls local device policies and system applications on devices.
Enrollment Methods:
- Zero-touch
- QR code
- Download DPC from the Google Play Store
- NFC
- DPC Identifier
Identity Models:
- Managed Google Accounts (G Suite or Cloud Identity)
- Managed Google Play Accounts
What are the two units that Shelby will be supporting for this device deployment?
Select the correct answer, then submit.
- Manufacturing & insurance
- Finance & healthcare
- Transportation & power
- Oil & gas
Select the correct answer, then submit.
- Provisioning timelines
- Interruptions to user workflows
- Budget
- Data loss prevention
What are the two solutions sets that Indigo requires for this deployment?
Select two answers, then submit.
- MAM
- Fully managed
- Work profile
- Dedicated device
Which of the following is an important policy that Indigo will need supported?
Select the correct answer, then submit.
- EMM pull notifications
- Factory reset protection
- Disable location sharing
- Prevent work to personal copy/paste
One of the challenges Shelby faces with her stakeholders is ______________.
Select the correct answer, then submit.
- Encouraging VPN use with remote employees
- Provisioning devices in a timely manner
- Replacing the devices in phases, rather than all at once
- Convincing them that Android is secure
What does Indigo’s current device investment look like?
Select the correct answer, then submit.
- All Android
- A mix of several OSes
- All iOS
The work __________ challenge would support Indigo’s 6-digit work application password requirement.
- OS
- Management Mode
- Security
- Profile
Match each description to its corresponding method for managing user identities.
Drag each answer to a box, then submit.
Managed Google Play Accounts:
- Easy and quick to set up
- User identity managed by EMM
- Preferred method
Managed Google Accounts:
- Ideal for G Suite
- Requires company domain to be claimed
- Not designed to be used with more than one EMM
Select the appropriate identity type for each example company. You can review the developer’s guide and Android Enterprise Help Center if you get stuck.
- Company A
With considerable concerns around security risks, this company needs to be able to silently push apps to end-user devices.
- Company B
As current G Suite users, Company B is looking for a way to make users manually sign in to their existing Google Account.
- Company C
This business needs a quick and easy setup without creating extra work.
Drag and drop each company to the corresponding identity type.
- Managed Google Play Accounts
- Company A
- Company C
- Google Accounts
- Company B
Indigo’s Requirements.
- Identity model that provides anonymized user accounts, dynamically provisioned by the EMM
- Personally-owned (BYOD) and company-owned devices
- Seamless device setup
- Prevent work to personal copy/paste
- Disable unknown sources
- Disable USB debugging
- 6-digit work application password
- 4-digit device PIN security
- Managed Google Accounts
- Managed Google Play Accounts
Select the correct answer, then submit.
- Seamless device setup
- Identity model that provides anonymized user accounts, dynamically provisioned by the EMM
- Personally-owned (BYOD) and company-owned devices
- Disable unknown sources and USB debugging
- Prevent work to personal copy/paste
- 6-digit work application password for personally-owned devices (BYOD)
- 4-digit device PIN security
Did you successfully create an enterprise and bind it to your EMM?
- Yes
- No
Which is the minimum Android OS that lets you add a work profile from Settings?
- 8.0
- 5.1
- 6.0
- 7.0
Which is the minimum Android OS that supports zero-touch enrollment on a range of OEM devices?
- 8.0
- 5.1
- 6.0
- 7.0
Which is the minimum Android OS version that supports QR code provisioning?
- 8.0
- 5.1
- 6.0
- 7.0
What is the simplest method for provisioning Android 7.0+ devices for Indigo Industries?
- NFC
- DPC Identifier
- QR Code
- Zero-touch
What is the simplest method for provisioning Android 8.0+ devices for Indigo Industries?
- NFC
- DPC Identifier
- QR Code
- Zero-touch
Why is zero-touch enrollment recommended for Android?
Select the two correct answers, then submit.
- Zero-touch is supported on Android 5.0 and higher.
- Zero-touch is a great way to seamlessly deploy work profiles on personally-owned devices.
- Users just open the box and start using the device with management, apps and configurations all set.
- Zero-touch enrollment offers a seamless deployment method for company-owned devices.
Choose the correct benefit statements regarding zero-touch enrollment.
Select all the answers that apply, then click submit.
- There’s no need for IT to physically handle the managed devices.
- Configurations are automatically applied to devices on first boot.
- Streamlines device deployments.
Did you successfully provision two devices within your EMM instance using the appropriate provisioning method?
- Yes
- No
When two policies fulfill the same need, which one should you recommend?
Select the correct answer, then submit.
- Choose the policy that’s designated as an advanced feature.
- Choose the policy that most closely aligns with the requirement.
- Choose the policy that has the lowest OS requirement.
- Choose the policy with the highest OS requirement.
Which is the minimum Android OS version to support the Disable USB debugging policy?
- 5.1
- 7.0
- 8.0
- 6.0
Which is the minimum Android OS version to support “Disable unknown sources” security policy?
- 7.0
- 5.0
- 8.0
- 6.0
Which is the minimum Android OS to support a 6-digit work application password?
- 8.0
- 5.1
- 6.0
- 7.0
Did you successfully deploy and test all policies?
- Yes
- No
- Feature
- Recommended
- Prioritized
- Highlighted
- Managed Google Accounts.
- Managed Google Play Accounts
What’s the recommended method to provision company-owned devices on Android 8.0 and above?
- Manual DPC Install
- Zero-touch enrollment
- QR code
When a policy is not supported by your EMM provider, who should you reach out to?
- EMM provider.
- True
- False
- True
- False
- True
- False
Indigo Industries can only have one version of the Android OS deployed within their organization.
Select one answer, then submit.
- True
- False
Android Enterprise Recommended devices meet elevated enterprise requirements validated by Google.
Select the correct answer, then submit.
- True
- False
When determining the minimum OS a customer needs, which of the following is true?
Select the correct answer, then submit.
- Company-owned and personally-owned devices often have the same minimum OS version requirement.
- Use company-owned device requirements for primary determination.
- Use personally-owned device requirements for primary determination.
- Company-owned and personally-owned devices can have different minimum OS version requirements.
Features and policies can go by various naming conventions throughout the Android Enterprise ecosystem.
Many of the requirements outlined in the Indigo Industries case study are identified differently within Android Enterprise resources.
Best practice:
- Check feature and policy offerings across all solution sets before deployment.
- Several solution sets have different OS requirements for the same feature offering.
- This is important to note when determining the minimum OS to support.
Select the four correct answers, then submit.
- Default security policies
- Compliance enforcement
- Factory reset protection
- Disable screen capture
- Work security challenge
- Disable cameras
- App license management
- Certificate management
- Cross-profile data management
- Device security challenge
- WiFi security management
- Reboot devices remotely
What’s the minimum supported OS for personally-owned devices?
What’s the minimum supported OS for company-owned devices?
Select the correct answer, then submit.
- Device Solutions Directory
- Android developer guides
- OEM support sites
- android.com/enterprise/recommended
each answer to a box, then submit.
Test your knowledge by indicating whether the statement is true or false.
Drag each answer to a box, then submit.
- Thumbs Up
- The minimum OS support requirements may vary across different solution sets for the same feature offering.
- Google Mobile Services provides a standard baseline of Android Enterprise support.
- Thumbs Down
- Android Enterprise features are supported on all GMS and AOSP devices.
Where’s the best place to start when choosing new Android devices to deploy within an organization?
What resource should you leverage to browse the catalogue of Android Enterprise Recommended devices?
- The Device Solutions Directory
- Android Enterprise Recommended
How do GMS certified devices differ from those that are Android Enterprise Recommended?
Select the two correct answers, then submit.
- GMS supports Google apps.
- They are the same designation, just different terminology.
- Only Android Enterprise Recommended devices are listed in the Solutions Directory.
- Android Enterprise Recommended devices are validated by Google to meet an elevated set of specifications.
When managing device variety, it’s best to start with the ____________ OS.
Begin with ____________ and provisioning when determining the minimum OS to support.
Select the correct answer, then submit.
- True
- False
Name the important processes that IT admins need to be aware of when curating applications.
Select the correct answer, then submit.
- Security
- Updates
- Deployment
- All of the above
True or False: The managed Google Play Store allows IT admins to approve private and public applications, and distribute them to their users.
Select the correct answer, then submit.
- True
- False
Drag each answer to a box, then submit.
- Managed Google Play console and EMM Console – IT admin wants to configure access to approved apps and prevent access to unapproved apps for their device users.
- Managed Google Play console – IT admin wants to make new apps available to the company.
- EMM Console – IT admin wants to change the look and feel of the company’s Google Play Store.
IT Admins can approve public apps that exist on the Google Play store for company use, and distribute it through the managed Google Play.
Select the correct answer, then submit.
- True
- False
Choose a messenger client.
Select the three correct answers, then submit.
- Default SMS
- Slack
- Google Hangouts Chat
- Microsoft Teams
Choose the file viewer and editor apps that meet the requirements.
Select the three correct answers, then submit.
- Files
- Root Explorer
- Files by Google
- Google Chrome
Choose the secure browser apps that meet the requirements.
Select the three correct answers, then submit.
- Firefox
- EMM Secure Browser
- Microsoft Edge
- Google Chrome
Choose the email clients that work with Microsoft 365.
Select the two correct answers, then submit.
- Gmail
- Microsoft Outlook
- AOL
Determine which VPN app offers a managed configuration.
Select the correct answer, then submit.
- Cisco AnyConnect
- OpenVPN
Determine which camera app(s) meet the requirements.
Select the correct answer(s), then submit.
- Google Camera
- Open Camera
Determine which contact app(s) meet the requirements.
Select the correct answer(s), then submit.
- Outlook
- Google Contacts
Did you successfully deploy the apps to your device?
- Yes
- No
Is the iframe the best private app distribution solution for Indigo?
Select the correct answer, then submit.
- True
- False
Drag items into the correct order, then submit.
- Set up Google Play Console
- Determine hosting method
- Designate the app for private distribution
- Manage version across channels
Select six answers, then submit.
- Enable force encryption
- Enable force verify apps
- Disable debugging
- Prevent app uninstalls
- Disable developer options
- Disable cross-profile data sharing
Match each of Indigo’s requirements with the description provided in the Solutions Directory.
Select each box and make a selection, then submit.
- Apps prevented from writing to external storage – Mass storage disabled
- Additional accounts unable to be added to the device – Work access restricted to authorized Cloud Identity accounts
- Specific applications set as mandatory – Work apps silently distributed
- Lockscreen notifications redacted for work applications – Lock screen restrictions set
Did you successfully apply the application security policies to your device?
- Yes
- No
Did you successfully apply the managed configuration to Gmail on your device?
- Yes
- No
What are the benefits of uploading an application to Google Play?
Select the correct answer, then submit.
- Malware security checks
- Increased download speeds
- Open, closed, and internal test channels
- All of the above
Which resource offers the ability to test how an app will behave in a managed context?
Select the correct answer, then submit.
- Test DPC
- Google Play EMM API
- Android Management Experience
- Google Play Console
Select the correct answer, then submit.
- Android Management API
- Google Play EMM API
- Android Management Experience
- Google Play Console
Complete this question by selecting the correct answer from the dropdown options.
Select each box and make a selection, then submit.
- In addition to EMM consoles, where else can you search and approve applications? – Managed Google Play Store
- What are the different methods for hosting private applications? – Google-hosted and self-hosted
- Which identifier lets you enable a private application within a given organization? – Organization ID
- How many organizations can you publish a private app to via the Play Console? – 1000
What is the primary function of the Verify Apps feature?
Select the correct answer, then submit.
- Verifies integrity of apps installed on the device
- Verifies application developers
- Injects security code into applications
- Rejects apps installed outside of Google Play
System apps are installed on devices by enforcing what policy?
Select the correct answer, then submit.
- Install system apps
- Push system apps
- Enable system apps
- System apps are already installed
Which features are included in Google Play Protect?
Select the three correct answers, then submit.
- Safe browsing
- Location tracking
- Find my device
- App verification
True or False: Certificates are a mechanism by which two entities can authenticate in a secure way.
Select the correct answer, then submit.
- True
- False
Firewalls act as one of the first lines of defense against malicious attacks from malware and hackers.
Select the correct answer, then submit.
- True
- False
What is our SSID?
Select the correct answer, then submit.
- INDY_IND
- Industry778
Is there an SSL inspection?
Select the correct answer, then submit.
- Yes
- No
How do we secure our network and what do we need to authenticate?
Select the correct answer, then submit.
- PSK
- WPA2
- Open network
- WPA
Is there a proxy server being used?
Select the correct answer, then submit.
- Yes
- No
What VPN solution do we currently use?
Select the correct answer, then submit.
- IPVanish
- NordVPN
- Cisco AnyConnect
- OpenVPN
How is our VPN secured?
Select the correct answer, then submit.
- Managed configuration
- Password
- Certificate
- Unsecured
Is it possible to configure a VPN so that traffic from only one app is allowed through?
Select the correct answer, then submit.
- Yes
- No
For the finance teams what traffic should go through VPN?
Select the correct answer, then submit.
- Only certain endpoints
- User can choose
- Specific apps only
- All traffic
Does our VPN support split tunneling to access our internal server?
Select the correct answer, then submit.
- Yes
- No
Did you successfully configure the WiFi network according to Indigo’s requirements?
- Yes
- No
You cannot create new certificates for use on Android – only manage existing ones.
Select the correct answer, then submit.
- True
- False
Which of the following certificates can be configured on Android?
Select the three correct answers, then submit.
- Root
- Intermediate
- User
- Global
Does every app require some kind of certificate authentication?
Select the correct answer, then submit.
- Yes
- No
Did you successfully configure the Gmail certificate according to Indigo’s requirements?
- Yes
- No
Which VPN configuration best fits Indigo’s needs for their finance division?
Select the correct answer, then submit.
- Always-on VPN
- Per-app VPN
- User-initiated VPN
- Per-profile VPN
Which VPN configuration best fits Indigo’s needs for their healthcare division?
Select the two correct answers, then submit.
- User-initiated VPN
- Per-app VPN
- Per-profile VPN
- Always-on VPN
Did you successfully add the Cisco AnyConnect application to your EMM instance and properly set a VPN configuration?
- Yes
- No
Which is the best VPN configuration to ensure all work data is secured?
Select the correct answer, then submit.
- Per-app VPN
- Per-profile VPN
- User-initiated VPN
- Always-on VPN
Which VPN connection type is used in instances where only a few applications or websites require a high security connection?
Select the correct answer, then submit.
- User-initiated VPN
- Per-app VPN
- Always-on VPN
- Per-profile VPN
Select the correct answer, then submit.
- Deny all traffic
- Use Google Play Protect
- Block port 80
- Enable Safe Browsing
Select each box and make a selection, then submit.
- A safe way to test if a policy is working is to…?
- Answer – Push to a test device using the Indigo enterprise you’ve created.
- What would be the safest way to verify new devices are getting provisioned correctly?
- Answer – Factory reset your test device and check if it is provisioning correctly upon reboot.
- What should you do if you encounter deployment issues?
- Answer – Apply a problem solving framework before doing anything else.
Can you remember the right order?
Put the recommended migration steps in order.
Once complete, click submit to continue.
- Analysis
- Requirements mapping
- Proof of concept
- Deployment
Select each box and make a selection, then submit.
Match the problem-solving framework steps to its proper description.
Select each box and make a selection, then submit.
- Compare the observed behavior against the expected behavior. – Describe behavior
- Consider the most common causes identified to narrow the scope of the issue. – Process of elimination
- Eliminate conflated issues or general confusion that misdiagnose root causes. – Trust but verify
- Identify systemic problems versus localized issues. – Reproduce issue
- Ask for screen captures, bug reports, and all other relevant information. – Gather data
- Review common troubleshooting steps which may not apply to the issue or were skipped. – Review watchpoints
Can you remember the correct escalation process?
Put the escalation process in the correct order, then click submit.
- Escalate to EMM
- Escalate to OEM
- Escalate to carrier or reseller
Test your knowledge by selecting the topics most relevant to Tony’s requirements.
Select the five correct answers, then submit.
- (A) EMM
- (B) VPN
- (C) Managed Google Play
- (D) Dedicated use devices
- (E) Rugged devices
- (F) Android Open Source Project
- (G) Work profile
- (H) Work profile on company-owned
- (I) Personal devices
Does the transportation deployment need a Standard Management Set or Advanced Management Set?
Select the correct answer, then submit.
- (A) Standard Management Set
- (B) Advanced Management Set
- (A) Managed Google Play Accounts
- (B) Google Accounts
Determine the minimum Android version to support each provisioning method.
Select each box and make a selection, then submit.
- QR Code
- Zero-touch enrollment
Which are the two best solutions for this?
Select the two correct answers, then submit.
- QR code
- NFC
- Zero-touch
- DPC identifier
Policies:
- Enforced 4-digit device PIN security.
- Advanced location sharing management.
- Lock down clock and timezone settings.
- Admins can lock a set of apps to the screen.
- Users can’t factory reset the device.
- Admins able to remotely wipe or lock devices.
Select each box and make a selection, then submit.
What is the minimum OS version to support the required policies?
Select the correct answer, then submit.
- (A) 5.0
- (B) 5.1
- (C) 6.0
- (D) 7.0
Select the two correct answers, then submit.
- (A) Device provisioning
- (B) Device security
- (C) Device usability
- (D) Account & app management
Select the correct answer, then submit.
- (A) 5.0+
- (B) 6.0+
- (C) 7.0+
- (D) 8.0+
- (E) 9.0+
- Enforce 4-digit device PIN security – Device security challenge
- Lock down clock and timezone settings – System clock management
- Admins can lock a set of apps to the screen – Lock task mode management
- Users can’t factory reset the device – Factory reset protection management
Using your EMM instance, locate the corresponding app policy with the appropriate restrictions that could be applied. Be aware that your EMM may refer to the policy with a slightly different description or naming convention. Make a note of the minimum supported OS to complete the next activity.
Check the items off as you go.
- Enforced 4-digit device PIN security.
- Advanced location sharing management.
- Lock down clock and timezone settings.
- Admins can lock a set of apps to the screen.
- Users can’t factory reset the device.
- Admins able to remotely wipe or lock devices.
Let’s imagine that Tony is transitioning from a management solution using device admin, to a modern management solution that leverages Android Enterprise.
To complete the migration, you will need to map the policies currently handled through device admin against those now available in Android Enterprise, ensuring that the minimum OS requirements have not been affected.
Using the Device admin overview and the Android Enterprise feature list, determine the minimum OS that will allow you to:
Select each box and make a selection, then submit.
- Set complex passwords
- Alphanumeric password required
- Disable camera
Select your answer, then click Submit.
- Always-On VPN
- Per-App VPN
- User-Initiated VPN
- Per-Profile VPN
Android Enterprise Support Engineer
Match the question to its corresponding watchpoint.
Drag each question to a box, then submit.
- Select OS version/device – Are the critical apps, policies and configurations supported by the OS?
- Set device policies – Are there multiple, conflicting policies set?
- Upload apps – Did you target your private apps to your managed Google Play Accounts enterprise?
- Provision device – Does the device have network connectivity in order to update and enroll successfully?
Drag and drop the tool to the scenario, then click submit.
- Customer reports that approved applications aren’t showing up in managed Google Play. Which tool would you use to ensure that EMMs can assign and make apps available to users in the managed Google Play store? – Android Management Experience
- Customer reports that a policy to disable the camera is only working on some devices. Which tool would you use to test policy problems? – TestDPC
- Customer reports that configured apps are crashing and policies aren’t being applied, how would you test that the EMM console is configured correctly? – Android Management API colab
Did you successfully pull a bug report?
- Yes
- No
When a customer reports an issue, what do you follow to help you gather information?
Select an answer, then submit.
- Problem-solving framework
- Watchpoints
When escalating an issue, who would usually be the first partner you should escalate to?
Select an answer, then submit.
- EMM
- OEM
- Carrier/reseller
Select an answer, then submit.
- True
- False
Match each step in the problem solving framework with its corresponding description.
Drag each answer to a box, then submit.
- Compare the observed behavior against the expected behavior.
- Ask for screen captures, bug reports, and all other relevant information.
- Eliminate conflated issues or general confusion that misdiagnose root causes.
- Review common troubleshooting steps which may not apply to the issue or were skipped.
- Consider the most common causes identified to narrow the scope of the issue.
- Identify systemic problems versus localized issues.
Match each provisioning method with its description.
Select each box and make a selection, then submit.
- NFC
- QR Code
- DPC Identifier
- Zero-touch enrollment
What is the minimum OS that supports provisioning using a QR code?
Select the correct answer, then submit.
- Android 7
- Android 8
- Android 5
- Android 6
How many different methods could you use to provision a dedicated device running Android 7.0?
Select the correct answer, then submit.
- 2
- 5
- 3
- 4
True or False: Work profiles, on personally-owned devices, can be deployed using NFC enrollment.
Select the correct answer, then submit.
- True
- False
Why is zero-touch ideal for most fully managed device deployment scenarios?
Select all answers that apply, then submit.
- There’s no need for IT to physically handle the managed devices.
- Device deployments are streamlined.
- Configurations are automatically applied to devices on the first boot.
- Users can’t remove device management by simply factory resetting.
«I powered on the device and used the camera to scan the QR code but nothing happens.»
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
The enrollment process should start after the device reads the QR code.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Select 1 answer, then submit.
- Android Management Experience
- TestDPC
When attempting to reproduce the issue, it seems that you didn’t encounter any issue using the Android Management Experience tool. Also, provisioning works just fine when using your test device.
You attempt to reproduce the issue on a test device, using the Android Management Experience tool, however, everything appears to be working as expected.
Which of the following additional steps should you take to try and resolve the issue?
Select 2 answers, then submit.
- Reach out to a carrier/reseller for additional support
- Try on a different WiFi network, or using mobile data
- Try regenerating a new QR code
- Test to see if NFC will work instead
If you were unable to resolve the QR code issue, where should you first escalate?
Select 1 answer, then submit.
- OEM
- EMM
- Carrier/reseller
What information should you include when you escalate?
Select all answers that apply, then submit.
- Screenshot of error
- Bug report
- QR code
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
«I turn on my device and connect to WiFi and the zero-touch process starts.»
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Which of the following information would be appropriate to gather?
Select all answers that apply, then submit.
- Screenshot
- EMM configuration
- Bug report
- Enrollment method
- Zero-touch CSV export file
Which of the following resources could be used to troubleshoot Courtney’s zero-touch issue?
Select 1 answer, then submit.
- TestDPC
- Android Management API Quickstart Colab
- Zero-touch portal
- Android Management Experience
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Ask the customer to verify the device is showing in the zero-touch portal
- Verify that the device supports zero-touch
- Verify that EMM configuration is correct and applied
- All of the above
Checking the zero-touch portal, we can see that the EMM configuration is….
Select 1 answer, then submit.
- Not applied
- Applied
Select 1 answer, then submit.
- Zero-touch portal showing incorrect IMEI
- Issue is unrelated
Checking the screenshot of the device build information, we can also determine that…
Select 2 answers, then submit.
- Baseband version does not support WiFi
- The Kernel version does not match the OS version
- OS version does not support zero-touch
- Device model does not support zero-touch
Select 1 answer, then submit.
- The zero-touch CSV lists the incorrect manufacturer
- Issue is unrelated
- The model type is not present
- The serial number of the device is not present
Where should you escalate to change the IMEI / manufacturer in the zero-touch portal?
Select 1 answer, then submit.
- EMM
- OEM
- Carrier/reseller
After installing the EMM DPC and entering the enrollment token a work profile should be created on the device.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
It appears that the correct DPC was installed on the device, however the work profile did not provision successfully.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Which of the following pieces of information would be useful to collect from the device, in order to start the investigation process?
Select 1 answer, then submit.
- Bug report, captured after rebooting the device
- App package names installed on the device
- Bug report captured immediately after a failed provisioning attempt
Which of the following resources could be used to troubleshoot issues with the provisioning process?
Select the correct answer, then submit.
- Android Management Experience
- TestDPC
- EMM console, and a test device
- All of the above
Which of the following actions could be an acceptable next step to troubleshoot the issue?
Select 3 answers, then submit.
- Try provisioning a test device to make sure that everything is ok with the EMM.
- Verify that you have assigned the right policies to the device.
- Verify if the EMM binding is properly configured.
- Check that the right managed configuration is set for the DPC.
- Make sure that the device IMEI is properly configured in the zero-touch portal.
- Verify if Alex’s device supports work profile.
You have tried provisioning your test device with your account using the same enrollment token you provided to Alex, and you didn’t notice any issues with the procedure. Alex provided you with a video where you can see that he pressed the “Home” button at the “Creating Work Profile” screen, and when he returned to the DPC to complete enrollment, he saw an error, and enrollment failed.
Why is enrollment not working for Alex?
Select 1 answer, then submit.
- The Android version of the device used doesn’t support work profiles
- There is a bug in the EMM’s DPC
- The device is already managed by another organization
- The EMM services are not reachable
Following the process of elimination, you were able to identify the issue and determine that the next step to take is to escalate to your EMM.
Screenshots and videos can be instrumental to understand all of the steps taken by the user, and they can also help to pinpoint whether an error message is produced by the Android OS, Google Play, the DPC, or another app or process.
Which of the following pieces of information should you provide when escalating to your EMM?
Select 1 correct answer, then submit.
- Steps taken to reproduce the issue
- The video provided by Alex
- A bug report taken by Alex
- All of the above
Using your references, answer the following questions:
Which of the following methods allows devices to be provisioned in bulk without requiring manual setup?
Select 1 answer, then submit.
- QR Code
- DPC Identifier
- NFC
- Zero-touch
Which of the following should organizations consider while preparing to provision devices?
Select 3 answers, then submit.
- If the EMM supports the method
- If the device supports the method
- If the carrier/reseller supports the method
- If the OS supports the method
Select each box and make a selection, then submit.
- Developer
- App + Schema
- Schema
- Config
- Configured app
Either the app should already be installed, or I should be able to see the app in the managed Google Play store on my device.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
I can’t find the private app, needed for my job, in the managed Google Play store. Also, it has not been, silently, installed on my device.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
Which of the following information would be appropriate to gather from Jay?
Select 4 answers, then submit.
- Bug report
- Play EMM API calls
- Zero-touch CSV export file
- Organization, User, and Device IDs
- Enrollment method
- Package Names/IDs
Which of the following tools could you use to test Jay’s application problem?
Select 2 answers, then submit.
- TestDPC
- Android Management API Quickstart Colab
- Android Management Experience
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Check if users have connectivity
- Verify that there are no conflicting policies
- Confirm the app is approved in the EMM console
- All of the above
From the customer, you’ve managed to collect the above screenshots:
- The customer’s managed Google Play console.
- Device’s Play Store.
- The list of organization IDs in the Developer Google Play console.
- Package ID.
With this information, we can determine that…
Select 1 answer, then submit.
- The DPC has not been properly downloaded to the device
- The target organization has not been added to the list of approved organizations
- The package ID is incorrect
- The Play Console isn’t listing the package ID
If this issue requires escalation, where should you escalate first?
Select 1 answer, then submit.
- EMM
- Carrier/reseller
- OEM
Which of the following is the best way to describe the behavior?
Select 1 answer, then submit.
- Each time users open Google Workspace applications (Docs, Sheets, Slides, etc.) the apps prompt users to log into a personal Gmail account. Customers expect them to work only in an «offline» mode.
- Customers are using Android 7.0 devices that should support Google Workspace apps, but they keep crashing.
- Google Workspace apps are crashing.
- Customers want Google Workspace apps to work on their devices.
Select 1 answer, then submit.
- Bug report
- Logcat
Suppose you had none of the following tools setup. Which would be the easiest to set up and allow you to test Blake’s app issue?
Select 1 answer, then submit.
- Android Management API Quickstart Colab
- TestDPC
- Android Management Experience
Which of the following are within your ability to check when attempting to reproduce the issue?
Select 2 answers, then submit.
- Check the app’s managed configuration to see if it supports an «offline» mode and if it’s set correctly
- Confirm that the app is approved in the EMM console
- Verify the app permissions have been set up correctly
- Verify the user login credentials to the app are correct
Which of the following screenshots shows the correct managed configuration for Google Docs that would answer Blake’s organization’s requirements?
Select 1 answer, then submit.
- Image 1
- Image 2
- Image 3
What information should you include if you needed to escalate to the EMM?
Select 4 answers, then submit.
- Bug report
- Zero-touch CSV export file
- Screenshot or text of error encountered
- App policy set on EMM console
- Reproduction steps taken
- DPC Identifier
The app is available in the managed Google Play Store and it’s available for download for the users and devices selected through the EMM.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
The application has disappeared from the managed Google Play Store and I cannot update it on my device.
Select 1 answer, then submit.
- Observed
- Expected
What data would be useful to collect to investigate the issue?
Select 2 answers, then submit.
- Provisioning QR code
- App package ID
- Bug report
- Organization ID
Which information would you collect to move forward in troubleshooting this issue?
Select the answer that applies, then submit.
- A bug report to collect info about the app and device
- Analysis of configuration differences between affected and unaffected users
- Review whether there were any recent policy changes to the group of affected users
- All of the above
Based on the noted behavior, which areas would you consider checking first?
Select 1 answer, then submit.
- Verify provisioning
- Confirm app approval in managed Google Play
- Work profile status in a bug report
Which of the following watchpoints should you consider when troubleshooting an application issue?
Select 2 answers, then submit.
- Set managed config
- Select/bind EMM
- Provision device
- Set device policies
Which tools will help to identify the source of an application issue?
Select 2 answers, then submit.
- TestDPC
- Android Management Experience
- Android Management API Quickstart Colab
True or False: Some EMMs support managed Google Play through an iFrame, providing a managed Google Play experience directly from the console.
Select 1 answer, then submit.
- True
- False
Users shouldn’t be able to connect devices to Bluetooth or access Bluetooth settings.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Some users are able to access Bluetooth in the settings, turn it on and connect devices.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Select the following information that would be appropriate to gather from Taylor.
Select 4 answers, then submit.
- Screenshot or text of error encountered
- Bug report
- Model/Manufacturer, OS version
- Policy set on EMM console
- Enrollment method
Which of the following tools could you use to test Taylor’s policy problem?
Select 2 answers, then submit.
- TestDPC
- Android Management API Quickstart Colab
- Android Management Experience
Answer the questions using the bug report snippets above as a resource.
Select each box and make a selection, then submit.
- What is the OS running on the device where Bluetooth is disabled? – 8.1.0
- What is the OS running on the device where Bluetooth is still enabled? – 7.1.2
What is the API level that corresponds to Android 8.0?
Select 1 answer, then submit.
- API level 25
- API level 26
- API level 27
- API level 28
Select 1 answer, then submit.
- The no_config_bluetooth policy has a minimum supported OS of 8.0. So the issue will need to be escalated to the EMM.
- The bug reports indicate that both are dedicated devices so any Bluetooth policy is redundant.
- The no_bluetooth and no_config_bluetooth policies are conflicting and one needs to be removed.
- The no_bluetooth policy has a minimum supported OS of 8.0. Devices running 7.0 will need to be updated or replaced.
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Check the policy properly configured
- Verify the policy supported by the EMM
- Confirm the phone has network connectivity for the policy to be applied
- All of the above
Select 1 answer, then submit.
- Escalate to carrier/reseller
- Resolve issue
- Escalate to OEM
- Escalate to EMM
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
The WiFi configuration policy has been pushed out to users with incorrect data. Users can’t access the network.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
Select the following information that would be appropriate to gather from Alex.
Select 4 answers, then submit.
- Screenshot or text of error encountered
- Zero-touch CSV export file
- Bug report
- Model/Manufacturer, OS version
- Policy set on EMM console
- Enrollment method
Select 1 answer, then submit.
- DUMP OF SERVICE device_policy
- DUMP OF SERVICE account
- DUMP OF SERVICE activity
Select 1 answer, then submit.
- Android Management API Quickstart Colab
- TestDPC
- Android Management Experience
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Is the policy properly configured in the EMM?
- Check the EMM Solutions directory – is the policy supported by the EMM?
- Does the device/OS support the network you’re trying to configure?
- Is the correct policy set?
- Is there a policy conflict (multiple policies targeting the same device)?
- All of the above
Is the WiFi configuration correct?
Select 1 answer, then submit.
- Correct
- Incorrect
If incorrect, which part of the configuration needs to be changed?
Select 1 answer, then submit.
- WiFi password
- SSID
- Security type
- Nothing – the configuration is setup correctly
Given the troubleshooting steps taken, would you resolve or escalate to a partner?
Select 1 answer, then submit.
- Escalate to carrier/reseller
- Resolve issue
- Escalate to OEM
- Escalate to EMM
On your test device, deployed in a separate user group, the apps install successfully and are available immediately after installation is complete.
Select 1 answer, then submit.
- Expected
- Observed
You decide to proceed with a staggered rollout, starting with just 10% of the total user pool. After the first deployment, you notice that the app didn’t successfully deploy, for any of the selected users.
Select 1 answer, then submit.
- Expected
- Observed
When gathering data, what crucial data point will provide you with device logs, a list of installed apps on the device, network information, and policies installed?
- Bug report
- Logcat
Which steps should you take to troubleshoot the issue?
Select 2 answers, then submit.
- Reproduce the issue: set up your test device group, with the same policies as the employees, and verify if the issue occurs on that device
- Process of elimination: continue with the rollout to check whether the issue is limited to that 10% of devices
- Gather data: collect a bug report from one of the affected devices
The app was initially installed, on your test device, without any issue. However, in an attempt to track the problem, you have reproduced the issue by setting up your test device group with the same policies as employees.
You can now pull a bug report from your device. What sections of a bug report would be the most appropriate to check?
Select 2 answers, then submit.
- DUMP OF SERVICE package
- DUMP OF SERVICE account
- DUMP OF SERVICE policy
Here is a snippet from “DUMP OF SERVICE policy” from your bug report.
By looking at the information below, can you understand what is causing the issue?
Select 1 answer, then submit.
- There is a system update pending, which is blocking the installation.
- On the device there is a no_install_apps policy configured which is preventing app installs, this conflicts with the app installation policy you just created.
- There is a maintenance window set up on the device. This policy is preventing the application from installing.
Great work. After some troubleshooting, you have determined that there is a security policy that prevents any app installs on the device.
Given the troubleshooting steps taken, would you resolve or escalate to a partner?
Select 1 answer, then submit.
- Resolve issue
- Escalate to OEM
- Escalate to EMM
- Escalate to carrier/reseller
Select 1 answer, then submit.
- True
- False
What’s a policy that can only be set on a work profile?
Select 1 answer, then submit.
- Certificate installation
- Disable screenshot
- Verify apps enforcement
- Cross profile contact sync
All Microsoft Exchange email should be visible in Gmail for all users.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
After setting up Gmail on end-users’ devices to sync their Microsoft Exchange accounts, users are reporting that they can’t see some of their emails in Gmail.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
Select the following information that would be appropriate to gather from Kennedy.
Select 6 answers, then submit.
- Play EMM API calls
- Bug report
- Affected devices model/OS
- Managed app configuration
- Zero-touch CSV export file
- Screenshots
- In-app feedback
Select 1 answer, then submit.
- Check the EMM console
- Ask the user
Which of the following tools could Kennedy use to test the Gmail app?
Select 2 answers, then submit.
- Android Management API Quickstart Colab
- Android Management Experience
- TestDPC
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Check if users have connectivity
- Verify that there are no conflicting policies
- Check Gmails configurations and sync window settings
- All of the above
Using the screenshots, identify what may be causing the issue.
Select 1 answer, then submit.
- The user logged into Gmail with an incorrect email address
- Default Sync Window is too narrow
- The email address in Managed Configuration is incorrect
- SSL Required should be off
- The username is incorrect
- The hostname is incorrect
- There’s no Login Certificate Alias
- There’s no default email signature
Select 1 answer, then submit.
- 1
- 2
- 5
- 0
- 4
- 3
If this doesn’t resolve the issue, it will require escalation. Where should you escalate first?
Select 1 answer, then submit.
- Escalate to EMM
- Escalate to OEM
- Escalate to carrier/reseller
What information should you include if you needed to escalate to the EMM?
- Play EMM API calls
- Bug report
- App policy set on EMM console
- Reproduction steps taken
Jordan should be able to search for work contacts from the personal contacts app, and work contact info should display when calls are received from work contacts.
Is this behavior:
Select 1 answer, then submit.
- Observed
- Expected
Work contacts are not found when searched for, and caller ID does not display information for work contacts when calls are received.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
- Policy details
- Contacts / dialer app information
- Bug report
- Screenshot
When gathering data, where could you pull the policy information from?
Select 2 answers, then submit.
- EMM console
- Bug report
- Zero-touch CSV export file
- Logcat
Select 1 answer, then submit.
- DUMP OF SERVICE account
- DUMP OF SERVICE device_policy
- DUMP OF SERVICE crossprofileapps
- DUMP OF SERVICE connectivity
Using the feature list resource, select the feature that controls contact sharing from a work profile.
Select 1 answer, then submit.
- Cross-profile contact management
- Cross-profile data management
From the above bug report snippet, has the policy been applied?
Select 1 answer, then submit.
- The policy has been applied to the device but isn’t working
- The policy has not been applied to the device
If policies have not been applied would you escalate or resolve the issue?
Select 1 answer, then submit.
- Escalate to OEM / app developer
- Resolve issue
- Escalate to carrier/reseller
- Escalate to EMM
Select 2 answers, then submit.
- Resolve issue
- Escalate to OEM / app developer
- Escalate to EMM
- Escalate to carrier/reseller
When the user brings their company-owned device to their workplace, it connects to the corporate WiFi network.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
After setting up their devices, users report that when at work, the devices do not connect to the corporate WiFi network.
Is this behavior:
Select 1 answer, then submit.
- Expected
- Observed
Select the following information that would be appropriate to gather from one of the affected users.
Select 4 answers, then submit.
- Managed WiFi configuration
- In-app feedback
- Bug report
- Screenshots
- Affected devices model/OS
- Play EMM API calls
- Zero-touch CSV export file
Select 1 answer, then submit.
- Ask the user
- Check the EMM console
Which of the following tools could Kennedy use to test the managed WiFi configuration?
Select 2 answers, then submit.
- Android Management API Quickstart Colab
- TestDPC
- Android Management Experience
Which of the following additional steps should you take to try and resolve the issue?
Select 1 answer, then submit.
- Check if users have WiFi turned on and can see the corporate WiFi network in the list of WiFi networks in Settings
- Verify that there are no conflicting policies
- Check that users’ devices, which are personally-enabled, are enrolled correctly using the bug report
- All of the above
Kennedy has provided a screenshot of the bug report from an affected user’s device, and one from their device, which is working correctly.
Using the screenshots, identify what may be causing the issue on the affected device.
Select 1 answer, then submit.
- The device is not enrolled in management
- The device is enrolled in a work profile
- The bug report doesn’t tell us why it’s not working – they are identical
- The device was not enrolled as a company-owned for personal use
- No Global Proxy is set for the device
- WiFi is not enabled
What would you recommend for Kennedy’s organization to do to resolve the issue and enable users with work profile on company-owned devices to connect to the corporate WiFi network?
Select 1 answer, then submit.
- Downgrade the version of Android on the device and re-enroll the work profile
- Walk the user through manually adding the corporate WiFi network in their Settings
- Delete the work profile from device and re-enroll it in work profile
- Factory Reset the device and enroll in full device management
- Factory Reset the device and re-enroll in work profile from the Setup Wizard
Android Enterprise Expert Certification Exam
-You will have 120 minutes to complete the exam. At 120 minutes, if you are still in the exam, the exam will close and your score will be automatically calculated.
-The exam consists of 50 multiple choice questions and no practical exam. You can’t review or edit answers once you have submitted your exam.
-Remember, you will need to get 80% or more correct to successfully complete this assessment and receive your certification.
An ISV (Independent Software Vendor) wants to build a data loss prevention solution in their existing EMM, one of the features is to control clipboard data transfer between the personal side and the work profile.
Which policy can they use to implement this feature?
- DISALLOW_CROSS_PROFILE_COPY_PASTE
- DISALLOW_CLIPBOARD_COPY_PASTE
- DISALLOW_CROSS_PROFILE_CLIPBOARD
- DISALLOW_CROSS_PROFILE_DATA_TRANSFER
A company policy requires no camera usage within the R&D center area. One day an IT admin finds that a BYOD device didn’t get its camera disabled in the main profile (personal space).
The device in question is a personal device, owned by the employee, running Android 7 and enrolled with EMM with a work profile installed.
What is the most likely cause of this?
- User lost connection to the network to receive EMM policy for disabling camera.
- Disabling camera in main profile (personal space) is only works on Android OS 8 and above
- Disabling camera in the personal profile is only available on Fully Managed device or Dedicated device
- User has modified the Android OS so it can bypass EMM policy.
Nicky explains that Android is flexible and there are a few options for enterprises to host and publish their corporate applications on managed devices with managed Google Play.
Which one of the following hosting and publishing methods are NOT supported by managed Google Play?
- Google-hosted private apps.
- Side-loaded by a business website.
- Publish public applications.
- Self hosted private apps on a business server.
- The application will be allowed on Play but will only be displayed for Android 11.0 devices and lower in the Play Store.
- The application will be rejected because new apps uploaded to Google Play must target an Android API level within one year from the latest major Android OS version.
- Assuming there are no security issues with the app, it will be allowed on Play and can subsequently be whitelisted for the enterprise.
- The application will be allowed on Google Play, showing a warning about using deprecated APIs on Android 12.0 devices and higher.
Lina, the IT lead of Dodo Inc. decided to adopt a BYOD strategy for their Enterprise Mobility implementation to save operation costs, however she’s not really sure what is the preferred method to enroll BYOD devices into EMM.
As the Android Enterprise Expert, what would you recommend to Lina as the preferred method to enroll her BYOD fleets into the corporate EMM?
- Zero-touch
- Manual: Install the EMM agent from the Google Play Store, login and enroll
- EMM Token
- QR Code
Your customer has previously been using a containerized solution on Device Administrator, and they are planning their migration to Android Enterprise. One of the customer requirements, coming from their IT team, is to set and enforce a security challenge for their BYOD users within the work profile that is separate and has different requirements from the device security challenges.
Taking into account this requirement, what would you recommend?
- Recommend the IT Team that they only support BYOD on devices running Android 6.0+
- Recommend the organisation instead deploy fully managed devices with work profile, as this Android Enterprise feature is only supported in this management mode
- Recommend the IT Team that they only support BYOD on devices running Android 7.0+
- Recommend the IT Team that they only support BYOD on devices running Android 5.1+
What API level corresponds with Andorid 11.0?
- API level 27
- API level 20
- API level 30
- API level 34
A few years ago Google initiated Project Treble to further improve how Android was updated and secured.
Which of the following statements correctly describes how Project Treble contributes to device security?
- Project Treble randomizes key locations in memory, meaning that exploits cannot be reused.
- Project Treble is a form of encryption for work profiles.
- Project Treble separates device specific software from the OS, making it easier to update the OS, so that devices benefit from security updates quicker.
- Project Treble reduces the number of processes that can access the SoC to three so that they are checked for integrity before executing.
- Google Mobile Services (GMS) Certification
- Frequent Security Patches
- Android Enterprise Recommended
- Android Open Source Project (AOSP)
Android provides flexibility to the ecosystem, which allows OEMs to build exclusive features on top of what Android provides. For example, ABC mobile is an OEM that has developed specific enterprise features built-in to the device, to differentiate their devices from another brand. However, one of the key challenges is the need for other ecosystem partners (like EMMs) to integrate these features, so they can be managed by the IT Admin (customer).
What requirements need to be fulfilled by the OEM and/or the other ecosystem partners to address this challenge?
- ABC Mobile as an OEM needs to build APIs for EMM providers to develop and integrate with their software before Enterprise customers are able to use it. The availability of this feature varies depending on the EMM provider’s integration.
- ABC Mobile as an OEM needs to develop this feature with OEM config. With that, their features will be immediately available on every EMMs that supports managed configurations.
- ABC Mobile as an OEM has to be part of Android Enterprise Recommended program before they can create any exclusive features. Android Enterprise Recommended allows OEMs to use OEM Config features that Android Enterprise offers.
- ABC Mobile as an OEM can’t create exclusive features, if they want to create a new feature, they have to submit a feature request to Google. Once it is approved ,Google will make it available in all Android Devices.
Tomoka, the IT consultant, is explaining to one of their customers that starting from Android 10, Android devices must use File Based Encryption and are no longer able to use Full Disk Encryption, File Based Encryption provides better security capability.
Do you know how File Based Encryption works?
- File Based Encryption allows an IT Admin to modify the encryption key and save it in a unique location in the file system, making it difficult for the attacker to find the key.
- «File Based Encryption allows different components in Android to be encrypted with different keys. This allows the work profile key to be ejected from memory while the personal profile is still in use.»
- All are correct.
- File Based Encryption allows IT admin to separate the encryption key from the device. The IT Admin can put the encryption key in their private cloud and let devices access the encryption key in the cloud before they can use the device.
- The EMM being used, because it may not support setting WiFi configurations
- The users home SSID to ensure there is no conflict
- The model of the device, because it may not support that WiFi network
- The WiFi configuration set, because it may be incorrect
Select All Correct Responses
- Set device policies
- Set managed config
- Provision device
- Select OS version/device
- Verify that the device is running Android 7 or above
- Verify that the users have been correctly configured on the EMM console
- Verify that the IMEIs in the zero-touch portal match the phones they are using
- Verify the DPC Extras are complete and correct
- Android Enterprise only supports one account per Google application
- Android Enterprise only supports company GMail accounts
- Gmail app is not updated to the latest version
- Adding personal accounts is disabled as per company policy
- Use of the camera has been blocked
- The device is not being managed
- Barcode Scanner requires a Google Account, and the device is using a Managed Google Play Account
- Barcode Scanner is not installed
Please take a look at below Log snippet:
Owner Services:
User: 0
com.google.android.apps.work.clouddpc/.vanilla.services.admin.CloudDeviceAdminService [bound] [connected]
Next backoff(sec): 3600
Enabled Device Admins (User 0, provisioningState: 3):
com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver:
userRestrictions:
ensure_verify_apps
no_add_managed_profile
no_install_apps
What information can you find from the above log snippet?
- All of the system apps are disabled in the device
- Device is installed with Work Profile
- User: 0 means there is no Google account provisioned in the device
- App installation is not allowed
Using the bug report provided, please identify three non-System apps on the device.
Copy and paste the following link to open in new browser window bug report 2:
http://tiny.cc/occwcz
- Documents UI, Messaging, HTML Viewer
- Docs, Translate, Keep
- Chrome, Gmail, YouTube
- Calendar, Quicksearchbox, Camera
Let’s take a look at this log: Log.txt
Search and find information about Google Messages application in the given log.
Which one below is CORRECT information about Google Messages application from the given log? Copy and paste this URL in your browser to open the bug report Log.txt
- The application not allowed to send SMS
- The package name of the Google Messages application is: com.google.android.apps.dynamite
- The application is installed in Personal Space but it is hidden
- The application is not installed in Work Profile
- Sheets, Gmail, Files by Google
- Dropbox, Translate, Skype
- YouTube, Docs, Chrome
- Keep, Slides, Earth
- Factory reset the device and restore the user configuration to verify if the issue persist
- Go into developer mode on the device, and download the logs to the device internal storage
- Plug the device into a computer and retrieve the logs by running adb bugreport in a terminal
- Download a «log retriever» application, then email the logs to yourself
Which section of a bug report tells you about application information/policies?
- Combined logs
- Packages
- DUMP OF SERVICE package
- Raw Bug report
What section of a bug report tells you if there is a work profile on the device?
- Packages:
- Combined logs
- DUMP OF SERVICE (account or device_policy)
- Raw Bug report
Gathering data is one of the crucial steps that provides useful information for the IT Admin.
Which data source provides the IT Admin with the device make/model, a list of apps on the device, app permissions and network information?
- Interview the user
- Application log
- Bug Report
- Logcat
- FREE_THE_LOGS
- ENABLE_ADB_DEBUG
- DISALLOW_TROUBLESHOOTING_TOOLS
- DISALLOW_DEBUGGING_FEATURES
What is “user 10” from the Android bug report log?
- It is the 10th user account in the device
- It is the Main Profile
- It is the 11th user account in the device
- It is the Work Profile
- Raise a feature request with the EMM to support the toggle
- Speak to your OEM to bring support for the toggle within their OEM Config application
- Create a small app yourself using the developer documentation and toggle it via app config
- Raise the request with Google
Select All Correct Responses
- EMM console
- Test DPC
- Android Management API Colab
- Android Enterprise Management Demo
- Customer’s procurement team
- Reseller/carrier
- EMM
- OEM
- Email the bug report to Google support
- Delete any user identifiable data from the bug report, then share it with your EMM provider
- Upload the bug report to a cloud storage provider and share it with individuals who need access to the content
- Never share bug reports
- Android Enterprise terminology documentation and Solutions glossary
- Enterprise Solutions Directory and Android Enterprise feature list
- developer.android.com
- Compatibility Definition Document (CDD)
Which API can EMMs use to deploy apps via Managed Google Play? Select the two answers that apply.
Select All Correct Responses
- Firebase Management API
- Google Play EMM API
- Android Management API
- App Engine Admin API
- Recommend that the end users create their own accounts
- Managed Google Play Accounts
- A 3rd party identity model provider that is compatible with Microsoft 365
- Google Accounts
- Re-upload the devices in the zero-touch console
- Go to admin.google.com and remove the domain binding to their EMM
- Go to their EMM console, remove and add the binding to the Managed Google Play account
- Check that the DPC extras are correct according to the EMM
- Network bandwidth
- Location services will be enforced
- Charging points for all of your devices
- Devices on the latest version of Android
- Check that all required ports are open in the firewall
- Check that managed configurations on Google Play services are set up correctly
- Disable all SSL inspection on the network
- Check the ADB logs on one of the affected devices
- Create a work profile on the fully managed device and route all traffic through the whole work profile
- Block traffic to and from the app on the local network
- Add the applications that should go through the VPN to the allowlist
- Assign managed application configurations to the applications on the denylist with policies to prevent use of the VPN
- Per-Profile VPN
- Per-App VPN
- User-Initiated VPN
- Always-On VPN
- In using Device Admin you can leverage app wrapping to push any VPN configuration to your app
- In Android Enterprise, you can leverage Managed Configurations to push VPN configurations
- Device Administrator offers an easier path to integration for EMMs
- There is no fundamental difference in the way that VPN are configured
- The customer can configure SSL inspection, as long as traffic to Google services bypasses the proxy
- The customer can use any SSL proxy solution out of the box, as none of them will interfere with their Android deployment
- The customer should configure all traffic to hosts connecting on port 443 to bypass the proxy
- The customer should configure traffic on ports other than 443 to bypass the proxy
Hector from Horybell Inc. states that “Using managed Google Play is not enough to protect my device from PHAs.”. He does not appear to fully understand how managed Google Play protects devices from PHAs.
As a solutions consultant, which of the following statements might you use to respond to Hector’s objection above?
- Google Play ensures that app updates are always signed by the original developer, avoiding app hijacking.
- Google Play has a proven track record of minimizing the risk of PHAs being installed on Android devices.
- Devices that install apps exclusively from Google Play, rather than sideload apps, are at much lower risk of installing PHAs.
- All of these.
Select All Correct Responses
- Location services must be turned on
- Devices are connected to a Wi-Fi network
- Devices on a secure WiFi (WPA2 and above)
- Devices are charging
Select All Correct Responses
- Approve/assign apps
- Configure provisioning
- Create/sync users or groups
- Provision device
- User ID
- Organization ID
- Device ID
- Company ID
Select All Correct Responses
- Ensure that the IT admin has set the correct managed configuration for the Google Play Store
- Verify that the EMM is still bound to the user’s company
- Ensure that the IT admin has set an application allowlist instead of allowing an open Play Store
- Verify that the IT admin has uploaded the company’s apps to the Google Play Developer Console
How do you create allowlist for public applications into your organization?
- From Managed Play Publishing Console
- From Managed Play iframe, accessible from your supported EMM Console
- All of the above
- Sideload before enrolling in EMM
What is the advantages of an OEM leveraging ‘OEMConfig’ for application development?
- OEMConfig can be distributed to devices without having to go through managed Google Play
- OEMConfig allows OEMs to address customer needs without requiring 3rd party developer support
- OEMConfig allows all OEMs access to vendor APIs
- OEMConfig is supported by all EMMs
Acme inc. needs one of their applications to be able to communicate across work profile boundaries, they heard that Google has released this feature recently, however they are not sure about the minimum OS version that supports this feature.
As the solution consultant, would you be able to tell Acme inc. what is the minimum OS version that supports this feature?
- Android 10
- Android 12
- Android 9
- Android 11
- Google Chrome
- Google ChromeCast
- Google Home
- Google Chromebook
- The application will be rejected because Google Play only allows a single instance of an Application ID
- Google Play will silently replace the old application with the new application
- As long as the old app is unlisted, Google Play will allow upload of the new app, which reuses the same Application ID
- Google Play will automatically generate a new Application ID and allow the app to be uploaded
Android Enterprise Experts Certification Exam Answers