This set builds vocabulary for centralized account management and organization-wide security policy.
0 / 5 completed
1 / 5
At standup, a dev mentions a centralized console where an administrator manages every employee's email, document access, and security policies across the organization. What is this console called?
The Admin console is the centralized management interface where an organization's administrator configures every employee's account access, security policies, and application permissions across the entire Workspace tenant. This central point of control is essential for enforcing consistent policy across potentially thousands of users. It's the foundational tool underlying organization-wide governance of a cloud productivity suite.
2 / 5
During a design review, the team wants to require every employee to use a hardware security key or authenticator app to log in. Which capability supports this?
An enforced multi-factor authentication policy requires every employee to verify their identity with a second factor, like a hardware key or authenticator app, beyond just a password, significantly reducing the risk of account compromise from a leaked or guessed password alone. Organization-wide enforcement, rather than leaving it optional per user, closes the gap left by employees who might otherwise skip it. This policy is a standard baseline security control in workspace administration.
3 / 5
In a code review, a dev configures a rule automatically suspending a departing employee's account and transferring their file ownership to a manager. What does this represent?
An automated offboarding policy suspends a departing employee's account and transfers ownership of their files to a manager or designated successor automatically, ensuring important documents remain accessible and the account itself doesn't remain an active security risk. Relying on someone to remember every manual step is how offboarding gaps happen. This automation is a standard practice for organizations managing account lifecycle at any meaningful scale.
4 / 5
An incident report shows a former employee's account remained active for weeks after departure because offboarding wasn't triggered promptly, posing a security risk. What practice would prevent this?
Integrating an HR system's departure event directly with automated account suspension ensures offboarding happens promptly and consistently, rather than depending on someone remembering to manually trigger it. A delay of even a few weeks leaves a real window during which a former employee's still-active credentials pose an unnecessary security risk. This tight systems integration is a best practice for organizations serious about access lifecycle management.
5 / 5
During a PR review, a teammate asks why the team enforces organization-wide security policies through a central admin console instead of trusting each employee to configure their own account security individually. What is the reasoning?
Trusting each employee to individually configure their own account security inevitably produces inconsistent results, since some will follow best practices diligently and others won't, while centralized policy enforcement through an admin console guarantees a consistent baseline applies to everyone automatically. This consistency is critical for maintaining a defensible security posture across an entire organization. The tradeoff is the administrative overhead of maintaining and updating those centralized policies over time.