New Android Enterprise Associate certification program questions and answers

Get familiar with the latest Android Enterprise Associate Certification Exam Questions and Answers. This certification is a prerequisite to unlock Android Enterprise professional and Expert certifications. You can download all answers to the latest Android Enterprise associate certification program. Including answers to a test-out exam (you can skip all activities and only do this test to get certified).
Download all Android Enterprise Associate certification answers

Device management is widely used by organizations around the world. Which of the following is not an Enterprise Mobility use case that you probably often see in your daily life?

 Using an E-Menu tablet in a restaurant to place an order faster directly to the kitchen without calling the waiter.

 An employee using a managed Android device owned by the company that has been customized into a barcode scanner to perform a job faster anywhere.

 An employee uses his mobile device to send a message to his colleague to invite him to a friendly afterwork.

 None of above – they are all Enterprise mobility use-cases.

Bank Corp has a mixture of use cases in their organization. They have selected Android devices as their default choice for work. What are some of the management modes available to them? Select All Correct Responses

 Dedicated device

 Personally Enabled

 Bring Your Own Device (BYOD)


You have already selected the appropriate device required to meet your end-user’s requirements. What are the next stages of implementing the appropriate mobility solution for your end user? Select All Correct Responses

 Selecting device management modes

 Selecting device enrollment and distribution methods

 Establishing device update cadence

 Identifying an application management strategy

Download Android Enterprise Associate certification program answers


All possible exam questions with answers.


100% correct and verified answers


Free updates

What are the stages of implementing a mobility solution?

“1. Identify requirements and use case 2. Procurement 3. Device management 4. Application deployment to devices 5. Device enrollment and distribution 6. Operations and maintenance”
“1. Identify requirements and use case 2. Procurement 3. Device management 4. Device enrollment and distribution 5. Application deployment to devices 6. Operations and maintenance”
“1. Identify requirements and use case 2. Procurement 3. Application deployment to devices 4. Device enrollment and distribution 5. Operations and maintenance 6. Device management”
“1. Procurement 2. Identify requirements and use case 3.Application deployment to devices 4. Device enrollment and distribution 5. Device management 6. Operations and maintenance”


Which of the following help to protect Android devices against security vulnerabilities? Select All Correct Responses

Verified Boot
Social engineering
Regular and controlled updates


When deploying managed devices, there will be a few different organizations involved with a different roles and responsibilities. Which of the following parties is required to provide networks, supplying and distributing devices?

Carrier/Device resellers
OEM Manufacturers
Service Providers


Who can add devices to a customer’s zero-touch account?

The customer IT Admin
The EMM provider
The device manufacturer only
The device reseller and/or their vendors (if enabled)


How often does Google issue Android security patches?

Every 30 days
Every 90 days
Every 7 days
Once a year


You are talking to Bina, the CIO of Sales LTD. They are concerned that apps on Android share data by default. You realize they could benefit from understanding Application Sandboxing a little better. How would explain this concept to Bina?

Application Sandboxing encloses apps and data in their own virtual sandcastles, meaning that data can only be accessed by entering the end users passcode. It also protects against harmful users by crumbling the sandbox in the event a new user is discovered.
Application Sandboxing ensures apps and data are able to share from others (like at a playground sandbox), meaning that data can be accessed by apps that do not have the authority. It also helps harmful app accessing any data from the OS or any other apps by throwing sand in the bad apps containers.
Application Sandboxing is a technology that allows each app to create its own virtual sandbox and limit the end user from being able to copy and paste data from the app into another app.
Application Sandboxing ensures apps and data are isolated from others, meaning that data cannot be accessed by apps that do not have the authority. It also protects against a harmful app accessing any data from the OS or any other apps.


Using an Android Enterprise EMM solution, IT admins can set up and apply over the air (OTA) system updates to devices under management. They also have the ability to decide when these updates are pushed out to the devices OTA in order to test them prior to being released. What are the options for IT admins to push out these updates? Select All Correct Responses

Automatic Install: Device receives OTA update immediately
Windowed: IT admin schedule OTA updates
Postponed: IT admin delay OTA update for 30 days
Blocked: OTA updates are permanently blocked


Android Enterprise creates “defense in depth” by using four layers of protection. Identify the two of these layers from the given list. Select All Correct Responses

Hardware: Android devices have tamper-resistant hardware to ensure the OS hasn’t been compromised. Dedicated components handle critical tasks like encryption or screen lock.
Emojis: Android supports Emojis which are pictograms, smileys and other graphics used in electronic messages and web pages. The emoji’s primary function is to fill the end user with positive emotions to position them in happier and more secure place while using their device.
Dynamic Wallpaper: Android Devices support animated background images that can be used as the devices wall paper that will confuse a would be hacker and discorage them from attempting to exploit the device.
Google Play Protect: provides 24/7 mobile security that scans apps and devices. Using machine learning, it detects and blocks malware, constantly learning so it’s always up to date to protect users from the latest threats.


Which Android Enterprise device enrollment method requires little to no interaction with an end user’s device from IT?

QR Code


What is the key benefit of the Google-built Android Enterprise Recommended program for Enterprise users?

This program helps Enterprise users to choose device model, EMM solutions and/or Service Providers that meet a higher enterprise requirement and are recommended by Google.
Because OEM’s and services pay to be part of the service, you can be confident that these services meet the high bar.
Only devices and services on the list work with Android Enterprise.
All Android Enterprise Recommended devices come with pre-installed enterprise applications by Google.


Lulu, the head of procurement for Bank Ltd, wants to purchase premium devices for their executives. They want to allow personal use on these devices, respecting the privacy of users but also being able to maintain control. What management mode would you suggest to Lulu?

BYOD – Lulu can simply ask all executives to setup their devices as personal devices, first with their Google accounts and then enroll them into management using a work profile.
Fully Managed – Lulu should not allow personal use on company owned devices and that is also not recommended.
COPE – Lulu can deploy devices using COPE (corporate owned, personally enabled). With this, the user can get all the privacy protections of the work profile and IT can maintain control but not at the cost of user privacy.
COPE – Lulu can deploy a work profile for each device and give the IT special access into the personal side also. Users should be warned that all data on their personal side is visible to IT at any time.


Which of the following is NOT a part of the zero-touch enrollment process?

Company admin creates enterprise mobility management configurations that will apply to devices in the zero-touch portal.
The reseller creates a customer account within the zero-touch portal, or via API, uploads the IMEI(s) of the device(s), then ships the devices to the company.
Customer admin adds the IMEI(s) of the existing devices and BYOD devices into the Zero-touch portal.
Company orders compatible devices from a zero-touch approved reseller.


When can a customer get access to the zero-touch portal?

The customer signs up and creates it.
The device manufacturer creates one for the customer.
The EMM provider enrols their devices.
The reseller creates an account for the customer.


One of the use cases that Android Enterprise offers is to allow the use of both personal and work in one device using work profile. What is the benefit of work profile?

A work profile is only helpful seperating network traffic.
A work profile can be set up on an Android device to separate work and personal apps/data, including the clipboard, and data sharing. With a work profile you can securely and privately use the same device for work and personal purposes.
A work profile comes with a new mobile number offered by Google.
Work profile applications delete after every user session and install the next time automatically.


Jana from Sales Ltd is worried about custom operating systems or malicious code being installed on her fleet of managed devices. You remember the concept of verified boot from your Android Enterprise training. How would you explain Verified Boot to Jana?

Verified Boot asks the user every single time what good version of the operating system they would like to boot up in.
Verified Boot confirms all executed code has passed the code review by the companies IT department and they have authorized the device to access corporate IT resources such as email and apps.
Verified Boot ensures all executed code comes from a trusted source (usually device manufacturers), and has not been modified by an attacker or corrupted. By verifying the OS it ensures a device will be running a safe version of Android.
Verified Boot ensures the device will boot up within 30 seconds to prevent end users from becoming inpatient and attempting to root their devices.


Steve, from Scuba School, wants to buy 10,000 new Android smartphones, send to his online students around the world and have them set up the devices automatically by just turning the devices on and connecting to a wifi network or cellular network. What does Steve need to make this happen? Select All Correct Responses

Purchase 10,000 brand new Android smartphones running Android version 9.0+ that have Google Mobile Services from a validated zero-touch reseller.
Create a Google account to use with the customer zero-touch portal and send that to the zero-touch reseller to create the account.
Set up an EMM solution to push apps and policies when enrolling into the EMM solution company devices.
Create an EMM configuration in the customer zero-touch portal to connect the customer zero-touch devices with the customer EMM solution during the initial device set up.


Zen, an existing zero-touch customer, wants to purchase devices from a new reseller. What is the process he needs to follow to have his new devices enrolled in zero-touch from the new reseller?

Deregister all existing devices.
Request a new zero touch account.
Provide his customer ID and enable the new reseller in his Reseller list.
Email Android Enterprise support team to open the request.


What are the “DPC extras” configurations used for?

Deregistering devices
Securing the devices with EMM
Configuring additional provisioning settings
Defining the device policies


Bank Corp is looking to deploy 3000 Android devices using zero-touch. What are some of the benefits of this type of deployment?

Simplicity and flexibility for IT
Easy productivity for users
All of these
Enforced management and security for organizations


You are talking to the procurement officer of Bank Corp. He asks about the Android Enterprise Recommended program and the device types that are listed. What are some of the device types that part of the Android Enterprise Recommended OEM program?

Only Google Pixel devices
Premium Devices, Budget Devices, Rugged Devices and Purpose Built Devices
Only Premium devices
Only devices that have screens larger than 5.5 inches


What are the common security threats to implementing a mobility solution in business? Select All Correct Responses

Malware and phishing
Network attacks
Social engineering
Application sideloading


Mika, a new marketing intern, has enrolled her personally owned device into her employer’s EMM solution, known as the BYOD (Bring Your Own Device) use case. What can Mika’s IT manager do on her device in this case?

Provide Mika with fully compliant access to company IT resources and apps completely separated by the work profile with no access to her personal profile and data.
Fully erase the device at any time completely wiping the device of all data without the ability to only erase company data.
Use the device processors to mine crypto currency when their device is charging at night while they sleep to earn bonuses.
Read personal text messages, view personal photos and capture all data on the device regardless it being personal or work data.


How can a business ensure that mobile workers can safely reach internal company websites?

End users should use a VPN that will create a secure connection wherever the user is.
Prevent users from connecting to public Wifi.
Public Wi-Fi is fine, if the browser uses Incognito or Private mode.
Android has a firewall built in, reducing the risk of network sniffing.


Which of the following provides 24/7 mobile security that scans apps and devices, detecting and blocking malware to protect users from the latest threats?

Safe Browsing
Google Play Protect
Device Admin API


The App Defense Alliance was created to ensure the safety of Google Play. What appropriate action can be taken to protect users?

New app risk intelligence can be generated as apps are being queued to publish and partners will analyze that dataset before the availablity of an app on Google Play to protect users.
Partners of the App Defense Alliance can send a request to the Google Play Protect scanner service to have an app analyzed.
Scan results can be sent back to the partner and Google Play Protect receives analysis from the partner’s scanning engines to protect the users.
All of these


What criteria can be used to search for devices on the zero-touch portal?

Device IMEI only
Device Serial only
Device IMEI, MEID, Serial and Customer ID or Name
Device name and Memory size


Which of the following devices are compatible with zero-touch?

Only GMS models for specific brands
Any Android Device with OS version 7 or newer
Selected GMS devices running Android 8.0 and all GMS devices running Android 9.0 and above
Any Android Device


What would be a good feature to discuss when talking to a customer about using a personal device for work?

Ability for IT to track devices.
Ability for IT to block all non-work-related calls.
Work profile and all its privacy protections for users.
IT visibility into the whole device.


When deploying wifi only devices with zero-touch, what information is needed from the devices?

Manufacturer, Model, Serial Number
IMEI, Screen size, Serial Number
Manufacturer, Serial Number, MAC Address
Model, Manufacturer, IMEI


Who can remove devices from the zero-touch portal?

Both customer and reseller
Only the customer
The end users
Only the reseller


Mobile threat protection services are built into every Android device. Which of the following Google Services keeps us safe while browsing websites?

Rollback Protection
Google Play Protect
Safe Browsing


Greg works at Company Sales Ltd and has asked you to enrol all their devices into zero-touch to ensure they cannot be used if they were lost or stolen. You realized that Company Sales Ltd does not have an EMM. What should you recommend to Greg?

Nothing to worry about. Greg does not need an EMM solution for zero-touch.
An EMM solution is a requirement for zero-touch.


Which of the following is required for zero-touch enrollment to work on a registered device?

Vendor account
Zero-touch admin account
Managed Google Play Account
Zero-touch configuration


Which of the following defines zero-touch?

Zero-touch is an enrollment method used for compatible Android devices.
It is a custom enterprise solution.
It is an alternative App distribution platform to Google Play.
It is a device management solution.


Which of the following is required from customers for the reseller to be able to create a zero-touch account for them?

A customer ID
The list of device IMEIs
A Gmail address
A Google account


Which of the following is NOT a benefit of zero-touch enrollment?

Instant and easy EMM enrollment of personally owned devices, commonly referred to as BYOD devices
Effortless, automated EMM enrollment and device provisioning at any scale
Easy set up for end users
Factory Reset protection – zero-touch devices are “locked” to company even if reset


Liz, a customer, wants to turn on her zero-touch device for the first time. What does she need to do?

Go through the standard Android device set up, then add their company email account to begin the zero-touch enrollent process.
Literally nothing. Liz just needs to turn it on and not touch it.
Simply power on the device, connect to a wifi or cellular data network and touch through the set up screens to automatically enroll the device on the company’s EMM solution and receive all the required configurations, apps and security policies.
Plug it in and let it charge for 24 hours prior to doing anything else and do not touch it.