Your organization has just appointed a new CISO. They have signed up to receive admin alerts and just received an alert for a suspicious login attempt. They are trying to determine how frequently suspicious login attempts occur within the organization. The CISO has asked you to provide details for each user account that has had a suspicious login attempt in the past year and the number of times it occurred for each account.
What action should you take to meet these requirements?

When reloading Gmail in Chrome, the web browser returns a 500 Error. As part of the troubleshooting process, Google support asks you to gather logs. How can this be accomplished?

As a Google Workspace administrator for your organization, you are tasked with controlling which third-party apps can access Google Workspace data. Before implementing controls, as a first step in this process, you want to review all the third-party apps that have been authorized to access Workspace data. What should you do?

A user has traveled overseas for an extended trip to meet with several vendors. The user has reported that important draft emails have not been saved in Gmail, which is affecting their productivity. They have been constantly moving between hotels, vendor offices, and airport lounges.
You have been tasked with troubleshooting the issue remotely. Your first priority is diagnosing and preventing this from happening again, and your second priority is recovering the drafts if possible. Due to time zone differences, and the user's busy meeting schedule, you have only been able to arrange a brief Hangouts Meet with the user to gather any required troubleshooting inputs.
What two actions should be taken on this call with the user? (Choose two.)

Your company uses a whitelisting approach to manage third-party apps and add-ons. The Senior VP of Sales & Marketing has urgently requested access to a new Marketplace app that has not previously been vetted. The company's Information Security policy empowers you, as a Google Workspace admin, to grant provisional access immediately if all of the following conditions are met:
- Access to the app is restricted to specific individuals by request only.
- The app does not have the ability to read or manage emails.
- Immediate notice is given to the Infosec team, followed by the submission of a security risk analysis report within 14 days.
Which actions should you take first to ensure that you are compliant with Infosec policy?