Home » Android Enterprise Architecture Implementation Answers » Page 10

Android Enterprise Architecture Implementation Answers

Android Enterprise Experts Certification Exam Answers

Questions:

Drag each answer to a box, then submit.

A set of enterprise features organized by use case. [Solution set]
Content marketplace for Android in the enterprise. It allows Admins to select and manage apps for their organization. [Managed Google Play]
A self-contained profile on an Android device that isolates work apps and data from personal apps and data. [Work profile]
An app that controls local device policies and system applications on devices. [Device policy controller (DPC)]

Which is which? Below is a list of enrollment methods and identity models.

Enrollment methods

Zero-touch
QR code
Download DPC from the Google Play Store
NFC
DPC Identifier

Identity models

Managed Google Accounts (G Suite or Cloud Identity)
Managed Google Play Accounts

What are the two units that Shelby will be supporting for this device deployment?

Finance & healthcare
Oil & gas
Manufacturing & insurance
Transportation & power

What are the two units that Shelby will be supporting for this device deployment?

Finance & healthcare
Oil & gas
Manufacturing & insurance
Transportation & power

Which of the following is a primary concern of Hayden and Farah (the stakeholders at Indigo Industries)?

Budget
Interruptions to user workflows
Provisioning timelines
Data loss prevention

What are the two solutions sets that Indigo requires for this deployment?

MAM
Dedicated device
Fully managed
Work profile

Which of the following is an important policy that Indigo will need supported?

Disable location sharing
Prevent work to personal copy/paste
EMM pull notifications
Factory reset protection

One of the challenges Shelby faces with her stakeholders is -.
What does Indigo’s current device investment look like?
Match each description to its corresponding method for managing user identities.
Select the appropriate identity type for each example company.
Based on the case study details, select which identity type you would recommend for Indigo Industries.
Support your recommendation to use managed Google Play Accounts. Choose a case study requirement that would need managed Google Play.
Which is the minimum Android OS that lets you add a work profile from Settings?
Which is the minimum Android OS that supports zero-touch enrollment on a range of OEM devices?
Which is the minimum Android OS version that supports QR code provisioning?
What is the simplest method for provisioning Android 7.0+ devices for Indigo Industries?
What is the simplest method for provisioning Android 8.0+ devices for Indigo Industries?
Why is zero-touch enrollment recommended for Android?
When two policies fulfill the same need, which one should you recommend?
Which is the minimum Android OS version to support the Disable USB debugging policy?
Which is the minimum Android OS version to support “Disable unknown sources” security policy?
Which is the minimum Android OS to support a 6-digit work application password?
Android Enterprise - EMMs are required to support standard features plus advanced features across two management sets.
One of the advantages of using - is that the user identity is managed by the EMM.
When a policy is not supported by your EMM provider, who should you reach out to?
True or False? The Android Enterprise feature list details minimum OS requirements of each feature and the solution set it applies to.
True or False? Understanding minimum OS requirements is critical for maintaining feature compatibility across devices.
True or False? Managed Google Play Accounts is the preferred identity type when creating an enterprise.
Indigo Industries can only have one version of the Android OS deployed within their organization.
Android Enterprise Recommended devices meet elevated enterprise requirements validated by Google.
When determining the minimum OS a customer needs, which of the following is true?
Company-owned and personally-owned devices can have different minimum OS version requirements.
Using the Android Enterprise Feature List resources, map which of the Indigo policy requirements correspond with the feature descriptions and select the ones that match.
Do not forget to take into consideration that support for out of the box enrollment is a requirement for company-owned devices!
What’s the minimum supported OS for personally-owned devices?
What’s the minimum supported OS for company-owned devices?
Where would you direct a customer to view the device requirements for Android Enterprise Recommended?
Where’s the best place to start when choosing new Android devices to deploy within an organization?
What resource should you leverage to browse the catalogue of Android Enterprise Recommended devices?
How do GMS certified devices differ from those that are Android Enterprise Recommended?
When managing device variety, it’s best to start with the - OS.
Begin with - and provisioning when determining the minimum OS to support.
True or False: Any apps or data outside the work profile are not accessible by an IT admin and remain private to the user.
Name the important processes that IT admins need to be aware of when curating applications.
True or False: The managed Google Play Store allows IT admins to approve private and public applications, and distribute them to their users.
IT Admins can approve public apps that exist on the Google Play store for company use, and distribute it through the managed Google Play.
Choose the secure browser apps that meet the requirements.
Determine which VPN app offers a managed configuration.
Determine which camera app(s) meet the requirements.
Is the iframe the best private app distribution solution for Indigo?
Drag and drop the steps of publishing a private application via the Google Play Console in the correct order.
What are the benefits of uploading an application to Google Play?
Which resource offers the ability to test how an app will behave in a managed context?
Which resource enables the testing of enterprise features without Enterprise Mobility Management software?
In addition to EMM consoles, where else can you search and approve applications?
Which identifier lets you enable a private application within a given organization?
What are the different methods for hosting private applications?
How many organizations can you publish a private app to via the Play Console?
What is the primary function of the Verify Apps feature?
System apps are installed on devices by enforcing what policy?
Which features are included in Google Play Protect?
True or False: Certificates are a mechanism by which two entities can authenticate in a secure way.
Firewalls act as one of the first lines of defense against malicious attacks from malware and hackers.
What is our SSID?
Is there an SSL inspection?
How do we secure our network and what do we need to authenticate?
Is there a proxy server being used?
What VPN solution do we currently use?
How is our VPN secured?
Is it possible to configure a VPN so that traffic from only one app is allowed through?
For the finance teams what traffic should go through VPN?
Does our VPN support split tunneling to access our internal server?
You cannot create new certificates for use on Android - only manage existing ones.
Which of the following certificates can be configured on Android?
Does every app require some kind of certificate authentication?
Which VPN configuration best fits Indigo’s needs for their finance division?
Which VPN configuration best fits Indigo’s needs for their healthcare division?
Which is the best VPN configuration to ensure all work data is secured?
Which VPN connection type is used in instances where only a few applications or websites require a high security connection?
What can Indigo Industries do within their firewall settings to ensure all traffic is behind a secure connection and encrypted?
A safe way to test if a policy is working is to…?
What would be the safest way to verify new devices are getting provisioned correctly?
What should you do if you encounter deployment issues?
Does the transportation deployment need a Standard Management Set or Advanced Management Set?
Based on the case study details, select which identity type you would recommend for Indigo Industries’ Transportation department.
Tony at Indigo wants a simple way for users to provision devices right out of the box without needing a dedicated IT team to assist in the deployment. Which are the two best solutions for this?
When planning the deployment, which of the following topics have the highest impact on the rest of the deployment?
In order to support Indigo’s policies, the minimum OS version 6.0 is required. However, the devices needed for the transportation deployment are required to be rugged as designated by Android Enterprise Recommended. What is the minimum OS to support rugged devices?
What are some of the questions you will need to know about existing networking infrastructure and security to deploy devices through managed Google Play?
Indigo can ensure secure connectivity and data transmission using network settings and configurations through virtual private networks. Which VPN configuration best fits Indigo’s needs to preserve network bandwidth for their transportation division?

Module 1 Lesson 2 Answers

Q.1 – Drag each answer to a box, then submit.

A set of enterprise features organized by use case. – Solution set

Content marketplace for Android in the enterprise. It allows Admins to select and manage apps for their organization. – Managed Google Play

A self-contained profile on an Android device that isolates work apps and data from personal apps and data. – Work profile

An app that controls local device policies and system applications on devices. – Device policy controller (DPC)

Module 1 Lesson 3 Answers

Q.1 – Drag each answer to a box, then submit.

Enrollment methods

Zero-touch

QR code

Download DPC from the Google Play Store

NFC

DPC Identifier

Identity Models

Managed Google Play Accounts

Google Accounts

Q.2 – What are the two units that Sarah will be supporting for this device deployment? Select 1 answer, then submit.

(A) Oil & gas
(B) Manufacturing & insurance
(C) Transportation & power
(D) Finance & healthcare

Q.3 – Which of the following is a primary concern of Harry and Francesca (the stakeholders at Indigo Industries)? Select 1 answer, then submit.

(A) Interruptions to user workflows
(B) Budget
(C) Data loss prevention
(D) Provisioning timelines

Q.4 – What are the two solutions sets that Indigo requires for this deployment? Select 2 answers, then submit.

(A) Fully managed
(B) MAM
(C) Work profile
(D) Dedicated device

Q.5 – Which of the following is an important policy that Indigo will need supported? Select 1 answer, then submit.

(A) Factory reset protection
(B) EMM pull notifications
(C) Prevent work to personal copy/paste
(D) Disable location sharing

Q.6 – One of the challenges Sarah faces with her stakeholders is ______________. Select 1 answer, then submit.

(A) Replacing the devices in phases, rather than all at once
(B) Convincing them that Android is secure
(C) Provisioning devices in a timely manner
(D) Encouraging VPN use with remote employees

Q.7 – What does Indigo’s current device investment look like? Select 1 answer, then submit.

(A) A mix of several OSes
(B) All Android
(C) All iOS

Module 2 Lesson 1 Answers

Q.1 – Use the Solutions Directory to determine which EMM provider offers an Advanced Management Set for Dedicated Device Management. Select 1 answer, then submit.

(A) MobileIron
(B) Microsoft
(C) BlackBerry
(D) Google Cloud Identity

Q.2 – The work __________ challenge would support Indigo’s 6-digit work application password requirement.

(A) OS
(B) Management Mode
(C) Security
(D) Profile

Module 2 Lesson 2 Answers

Q.1 – Use the Solutions Directory to determine 3 viable EMM recommendations. Copy and paste your answers in each of the text boxes below.

The three viable EMM recommendations are:

MobileIron, Inc
Microsoft
IBM MaaS360

Module 2 Lesson 3 Answers

Q.1 – Match each description to its corresponding identity type. Drag each answer to a box, then submit.

Managed Google Play Accounts

Easy and quick to set up

User identity managed by EMM

Preferred method

Google Accounts

Ideal for G Suite

Requires company domain to be claimed

Not designed to be used with more than one EMM

Q.2 – Select the appropriate identity type for each example company. Drag and drop each company to the corresponding identity type.

Managed Google Play Accounts
Company A
Company C
Google Accounts
Company B

Q.3 – Based on the case study details, select which identity type you would recommend for Indigo Industries.

(A) Google Accounts
(B) Managed Google Play Accounts

Q.4 – Support your recommendation to use managed Google Play Accounts by selecting all the case study requirements that require managed Google Play. Select 1 answer, then submit.

(1) Personal device (BYOD) and corporate-liable
(2) Unknown sources and USB debugging disabled
(3) Flexible identity model hosted by EMMs
(4) User-driven provisioning
(5) Work to personal device (BYOD) copy/paste prevented
(6) 6-digit work application password for personal device (BYOD)
(7) 4-digit device PIN security

Module 2 Lesson 4 Answers

Select each box and make a selection, then submit.

Q.1 – Which is the minimum Android OS that lets you add a work profile from Settings?

(A) 8.0
(B) 5.1
(C) 6.0
(D) 7.0

Q.2 – Which is the minimum Android OS that supports zero-touch on a range of OEM devices?

(A) 8.0
(B) 5.1
(C) 6.0
(D) 7.0

Q.3 – Which is the minimum Android OS version that supports QR code provisioning?

(A) 8.0
(B) 5.1
(C) 6.0
(D) 7.0

Select each box and choose the correct option, then submit.

Q.4 – What is the simplest method for provisioning Android 7.0+ devices for Indigo Industries?

(A) NFC
(B) DPC Identifier
(C) QR Code
(D) Zero-touch

Q.5 – What is the simplest method for provisioning Android 8.0+ devices for Indigo Industries?

(A) NFC
(B) DPC Identifier
(C) QR Code
(D) Zero-touch

Q.6 – Why is zero-touch enrollment recommended for Android? Select 2 answers then, then submit.

(A) Users just open the box and start using the device with management, apps and configurations all set.
(B) Zero-touch is a great way to deploy personal device (BYOD) work profiles.
(C) Zero-touch is ideal for most fully managed device deployment scenarios.
(D) Zero-touch is open to all devices not purchased from carriers/resellers.

Q.7 – Choose the correct benefit statements regarding zero-touch enrollment. Select all the answers that apply, then click submit.

(A) There’s no need for IT to physically handle the managed devices.
(B) Configurations are automatically applied to devices on first boot.
(C) Streamlines device deployments.

Module 2 Lesson 5 Answers

Q.1 – When two policies fulfill the same need, which one should you recommend? Select 1 answer, then submit.

(A) Choose the policy that has the lowest OS requirement.
(B) Choose the policy with the highest OS requirement.
(C) Choose the policy that’s designated as an advanced feature.
(D) Choose the policy that most closely aligns with the requirement.

Select each box and make a selection, then submit.

Q.2 – Which is the minimum Android OS version to support the Disable USB debugging policy?

(A) 5.1
(B) 7.0
(C) 8.0
(D) 6.0

Q.3 – Which is the minimum Android OS version to support “Disable unknown sources” security policy?

(A) 7.0
(B) 5.0
(C) 8.0
(D) 6.0

Q.4 – Which is the minimum Android OS to support a 6-digit work application password?

(A) 8.0
(B) 5.1
(C) 6.0
(D) 7.0

Module 2 Lesson 6 Module Review Exercise Answers

Q.1 – Android Enterprise ____________ EMMs are required to support standard features plus advanced features across two management sets.

(A) Feature
(B) Recommended
(C) Prioritized
(D) Highlighted

Complete this quiz by filling in the missing word. Select each box and enter the missing word, then submit.

Q.1 – One of the advantages of using _______ Google Play Accounts to manage user identities is that they’re hosted with the EMM.

The correct answer is Managed.

Q.2 – Only devices with a minimum OS version of _____ are compatible with the zero-touch provisioning process.

The correct answer is 8.0

Q.3 – When a policy is not supported by your EMM provider, who should you contact? ______ provider

The correct answer is EMM.

Module Review Exercise

Choose whether these statements are true or false. Select each box and make a selection, then submit.

Q.1 – The Android Enterprise feature list details minimum OS requirements of each feature and the solution set it applies to.

(A) True
(B) Fasle

Q.2 – Understanding minimum OS requirements is critical for maintaining feature compatibility across devices.

(A) True
(B) False

Q.3 – Managed Google Play Accounts is the preferred identity type when creating an enterprise.

(A) True
(B) False

Module 3 Lesson 1 Answers

Q.1 – Indigo Industries can only have one version of the Android OS deployed within their organization. Select one answer, then submit.

(A) True
(B) False

Q.2 – Android Enterprise Recommended devices meet elevated enterprise requirements validated by Google. Select one answer, then submit.

(A) True
(B) False

Q.3 – When determining the minimum OS a customer needs, which of the following is true? Select one answer, then submit.

(A) Use personal device (BYOD) requirements for primary determination.
(B) Corporate liable devices and personal devices (BYOD) often have the same minimum OS level.
(C) Personal devices (BYOD) and corporate liable devices can have different minimum OS levels.
(D) Use corporate liable device requirements for primary determination.

Q.4 – How often do Android Enterprise Recommended devices receive security patches? Android Enterprise devices receive security patches every ____ days.

The correct answers is 90 days.

Module 3 Lesson 2 Answers

Q.1 – Using the Android Enterprise Feature List resources, map which of the Indigo policy requirements correspond with the feature descriptions and select the ones that match. Select 4 answers, then submit.

The correct answers are:

Work security challenge
Default security policies
Device security challenge
Cross-profile data management

Q.2 – Using the Indigo Industries case study, map the minimum OS supported for each policy requirement under both BYOD and Corporate Liable solution sets.

What’s the minimum supported OS for:

Personal devices (BYOD)? 7.0
Corporate liable devices? 8.0

Q.3 – Building on the previous exercise, use the table above to assess the number of corporate-liable devices currently being used by Indigo Industries that will need to be replaced. Select each box and enter the missing word, then submit.

Minimum OS version to be supported. – 8.0
Number of devices to keep – 2717
Number of devices to replace – 1110

Module 3 Lesson 3 Answers

Q.1 – Of the devices listed in the table above, how many fit the requirements of Indigo Industries’ finance team?

Drag the slider to select a number, then submit.

The correct Answer – 4

Devices

LG G6
LG V30
Google Pixel
Google Pixel XL

Q.2 – Of the devices listed in the table above, how many devices are Android Enterprise Recommended and are considered flagship models?

Drag the slider to select a number, then submit.

Correct answer – 3

Devices

Google Pixel 3
Nokia 9
LG V40

Q.3 – Match each possible objection with the correct reply. Select each box and make a selection, then submit.

Android is fragmented and insecure – With multiple layers of security built-in, Android has evolved into the most secure mobile operating system and has been independently verified by industry research providers
Android security patches are infrequent. – All Android Enterprise Recommended devices receive security updates within 90 days of the patch being released from Google.
Android management options are limited. – Managing Android devices is as simple as it is robust – one solution for corporate and employee-owned devices allowing effortless control over data and apps
Android applications are unsafe. – Android security starts at the application layer with Google Play Protect built-in. It automatically scans all apps daily and is the most widely deployed mobile threat protection service in the world, leading to 99.99% of Android devices being free of PHAs.
Android devices are difficult to deploy. – Android provides flexible deployment options to meet the needs of any business. Zero-touch deployment allows for bulk enrollment of devices with no manual setup needed

Module 3 Lesson 4 Answers

Q.1 – Where would you direct a customer to view the device requirements for Android Enterprise Recommended? Select one answer, then submit.

(A) Android developer guides
(B) OEM support sites
(C) android.com/enterprise/recommended
(D) Device Solutions Directory

Q.2 – Time for a quiz! Test your knowledge by indicating whether the statement is true or false. Drag each answer to a box, then submit.

Thumbs Up
The minimum OS support requirements may vary across different solution sets for the same feature offering.
Google Mobile Services provides a standard baseline of Android Enterprise support.
Thumbs Down
Android Enterprise features are supported on all GMS and AOSP devices.

Q.3 – Which of the following is an Android Enterprise Recommended device requirement? Select all answers that apply, then submit.

(A) Consistent provisioning UX
(B) Zero-touch support
(C) Security patches delivered within 90 days
(D) Secure element support

Match an answer to each of the statements. Select each box and make a selection, then submit.

Q.4 – Where’s the best place to start when choosing new Android devices to deploy within an organization?

Answer – Android Enterprise Recommended

Q.5 – What resource can be used to identify all other devices that support Android Enterprise?

Answer – The Device Solutions Directory

Q.6 – How do GMS certified devices differ from those that are Android Enterprise Recommended? Select all answers that apply, then submit.

(A) They are the same designation, just different terminology
(B) GMS supports Google Apps
(C) Only AER devices are listed in the Solutions Directory
(D) AER devices are validated by Google to meet an elevated set of specifications

Match the correct answer to complete the statement, then submit.

Q.7 – When managing device variety, it’s best to start with the ____________ OS.

Answer – Minimum

Q.8 – Begin with ____________ and provisioning when determining the minimum OS to support.

Answer – Security

Module 4 Lesson 1 Answers

Q.1 – True or False: Any apps or data outside the work profile on BYOD solution sets are not accessible by an IT admin and remain private to the user.

(A) True
(B) False

Q.2 – Name the important processes that IT admins need to be aware of when curating applications.

(A) Security
(B) Updates
(C) Deployment
(D) All of the above

Q.3 – True or False: The managed Google Play Store allows for blacklisting and whitelisting of both public and private apps.

(A) True
(B) False

Module 4 Lesson 2 Answers

Q.1 – Depending on the EMM instance you’re using, some embed managed Google Play through an iFrame. Assuming the EMM instance you’re using doesn’t support this, please select where an IT Admin would perform the described actions. Drag each answer to a box, then submit.

Managed Google Play console and EMM Console – IT admin wants to configure access to approved apps and prevent access to unapproved apps for their device users.
Managed Google Play console – IT admin wants to make new apps available to the company.
EMM Console – IT admin wants to change the look and feel of the company’s Google Play Store.

Q.2 – In the managed Google Play Store, admins can accept app permissions on behalf of the user. Select the answer, then submit.

(A) True
(B) False

Q.3 – In the managed Google Play Store, admins can whitelist any app on the public Google Play Store for corporate use. Select the answer, then submit.

(A) True
(B) False

Module 4 Lesson 3 Answers

For each question, determine which applications best meet Indigo’s criteria. Use play.google.com/work to determine the apps that would be most suitable.

Q.1 – Choose a messenger client. Select the 3 that apply, then submit.

(A) Google Hangouts Chat
(B) Slack
(C) Microsoft Teams
(D) Default SMS

Q.2 – Choose the file viewer and editor apps that meet the requirements. Select the 3 correct answers, then submit.

(A) Files
(B) Google Chrome
(C) Files by Google
(D) Samsung My Files

Q.3 – Choose the secure browser apps that meet the requirements. Select the 3 correct answers, then submit.

(A) EMM Secure Browser
(B) Microsoft Edge
(C) Google Chrome
(D) Firefox

Q.4 – Choose the email clients that works with O365. Select the 2 correct answers, then submit.

(A) Microsoft Outlook
(B) AOL
(C) Gmail

Q.5 – Determine which VPN app offer a managed configuration. Select the answer, then submit.

(A) OpenVPN
(B) Cisco AnyConnect

Q.6 – Determine which camera app(s) meet the requirements. Select all that apply, then submit.

(A) Google Camera
(B) Open Camera

Q.7 – Determine which contact app(s) meet the requirements. Select all that apply, then submit.

(A) Google Contacts
(B) Outlook

Module 4 Lesson 4 Answers

Q.1 – Drag and drop the steps of publishing a private application in the correct order. Drag items into the correct order, then submit.

The correct order of steps is:

Step 1 – Set up Google Play Console
Step 2 – Determine hosting method
Step 3 – Designate the app for private distribution
Step 4 – Manage version across channels

Module 4 Lesson 5 Answers

Indigo has expressed that their applications need to be distributed securely to their users and that the protection of corporate data from malicious applications is maintained on the device.

Q.1 – Identify which application policies/restrictions can be used via an EMM console to protect Indigo’s work data. Select 6 answers, then submit.

Enable force encryption
Enable force verify apps
Disable debugging
Prevent app uninstalls
Disable developer options
Disable cross-profile data sharing

Q.2 – Match each of Indigo’s requirements with the description provided in the Solutions Directory. Select each box and make a selection, then submit.

Apps prevented from writing to external storage – Mass storage disabled
Additional accounts unable to be added to the device – Work access restricted to authorized Cloud Identity accounts
Specific applications set as mandatory – Work apps silently distributed
Lockscreen notifications redacted for work applications – Lock screen restrictions set

Module 4 Lesson 7 Review Answers

Q.1 – What are the benefits of uploading an application to Google Play? Select 1 answer, then submit.

(A) Malware security checks
(B) Increased download speeds
(C) Open, closed, and internal test channels
(D) All of the above

Q.2 – Which resource offers the ability to test how an app will behave in a managed context? Select 1 answer, then submit.

(A) Test DPC
(B) Android Management Experience
(C) Google Play EMM API
(D) Google Play Console

Q.3 – Which resource enables the testing of enterprise features without Enterprise Mobility Management software? Select 1 answer, then submit.

(A) Google Play EMM API
(B) Google Play Console
(C) Android Management Experience
(D) Android Management API

Q.4 – Complete this quiz by selecting the correct answer from the dropdown options. Select each box and make a selection, then submit.

In addition to EMM consoles, where else can you search and approve applications? – Managed Google Play Store
What are the different methods for hosting private applications? – Google-hosted and self-hosted
Which identifier lets you enable a private application within a given organization? – Organization ID

Q.5 – How many enterprises can be whitelisted to access a private application? Select the box and enter the missing word, then submit.

The correct answer is 100

Q.6 – What is the primary function of the Verify Apps feature? Select 1 answer, then submit.

(A) Verifies integrity of apps installed on the device
(B) Verifies application developers
(C) Injects security code into applications
(D) Rejects apps installed outside of Google Play

Q.7 – System apps are installed on devices by enforcing what policy? Select 1 answer, then submit.

(A) Enable system apps
(B) System apps are already installed
(C) Install system apps
(D) Push system apps

Q.8 – Which features are included in Google Play Protect? Select 3 answers, then submit.

(A) Location tracking
(B) App verification
(C) Safe browsing
(D) Find my device

Module 5 Lesson 1 Answers

Q.1 – True or False: Certificates are a mechanism by which two entities, that have never met, can communicate in a secure way. Select 1 answer, then submit.

(A) True
(B) False

Q.2 – Firewalls act as one of the first line of defense against malicious attacks from malware and hackers. Select 1 answer, then submit.

(A) True
(B) False

Sarah’s stakeholders have a number of requirements for their network setup that were included in the proposal. Using what you know of the case study, select all answers that apply and submit.

Q.3 – What is our SSID? Select 1 answer, then submit.