Edit product

Android Enterprise Experts Certification Exam Answers

Android Enterprise Experts Certification Exam Answers


Questions and Time Limit – 50 Questions and time limit is 120 minutes.


Q.1 – Users are reporting that they cannot connect to their company’s WiFi. Which of the following pieces of information should be collected to eliminate the “Set device policies” watchpoint?

(A) The model of the device, because it may not support that WiFi network

(B) The EMM being used, because it may not support setting WiFi configurations

(C) The users home SSID to ensure there is no conflict

(D) The WiFi configuration set, because it may be incorrect

Q.2 – Users are reporting that Gmail won’t sync mail from their Microsoft Exchange account. What could be the cause of this?

(A) The users’ EMM may not support managed configurations

(B) EAS 16 may not be supported on an older device

(C) The QR code used to enroll the device may have an expired enrollment token

(D) The value set for the Exchange server may be wrong

Q.3 – What section of a bug report tells you if there is a work profile on the device?

(A) Combined logs

(B) Raw Bug report

(C) DUMP OF SERVICE (account or device_policy)

(D) Packages:

Q.4 – What is one of the advantages of an OEM leveraging ‘OEMConfig’ for application development? Select the correct answer.

(A) OEMConfig allows all OEMs access to vendor APIs

(B) OEMConfig is supported by all EMMs

(C) OEMConfig allows OEMs to address customer needs without requiring 3rd party developer support

(D) OEMConfig can be distributed to devices without having to go through managed Google Play

Q.5 – Some users are complaining that they cannot add their personal Gmail account to their fully managed devices. Why might this be the case?

(A) Android Enterprise only supports company Gmail accounts

(B) Gmail app is not updated to the latest version

(C) Adding personal accounts is disabled as per company policy

(D) Android Enterprise only supports one account per Google application

Q.6 – A customer has developed a private application that is targeting API level 23 (Android 6.0). What will be the expected behaviour when they attempt to upload their app to Google Play?

(A) Assuming there are no security issues with the app, it will be allowed on Play and can subsequently be whitelisted for the enterprise

(B) The application will be allowed on Play but will only be displayed for Android 6.0 devices and lower in the Play Store

(C) The application will be rejected because apps uploaded to Google Play need to target a minimum API level 29 from August 2020

(D) The application will be allowed on Google Play but will show a warning about using deprecated APIs on Android 8.0 devices and higher

Q.7 – Your customer would like to enroll several hundred Nexus 6P devices as fully managed as quickly as possible. These devices run Android 6.0 out of the box. Which of the following enrollment methods would you recommend the customer use to complete provisioning as quickly as possible?

(A) Zero-touch enrollment

(B) EMM Identifier

(C) NFC provisioning

(D) QR code provisioning

Q.8 – Users reported that an app is crashing when launched from the work profile. What two pieces of information are critical to collect when escalating to the app developer?

(A) Application ID and bug report

(B) Enterprise ID and User ID

(C) Identity model (Google Account vs Managed Google Play Account) and bug report

(D) Enterprise ID and Application name

Q.9 – What are the benefits of using Android Enterprise over Device Admin? Select the two correct answers.

(A) If you choose Android Enterprise, you get free Google Cloud storage

(B) Android Enterprise offers more flexible provisioning methods over Device Admin

(C) Android Enterprise supports application configuration

(D) Android Enterprise offers customers free technical support direct from Google

Q.10 – Skyline LTD is an Microsoft 365 customer, who is looking to deploy 1000 devices on Android Enterprise. You need to advise them on the best choice of identity model before they can move forward with their deployment. What identity model would you recommend, according to Google best practices?

(A) Google Accounts

(B) Managed Google Play Accounts

(C) A 3rd party identity model provider that is compatible with Microsoft 365

(D) Recommend that the end users create their own accounts

Q.11 – Your customer has a newer version of one of their private apps, and they would like to test the updated version with a small group of users (<100) before a full rollout. What is the best way for them to test the newer version of the application?

(A) Upload the app with two different application IDs and share one of them with the test group only

(B) Temporarily change restriction on the devices of the test group to allow them sideloading the app for testing

(C) Ensure you upload the updated application via an EMM that has integrated the iFrame. This will enable version control within the EMM console allowing you to target the device(s) you wish the latest version to be installed to

(D) Create an internal or closed test track in the developer Play Console and invite a subset of users to test this version

Q.12 – Users are reporting that they are not able to use the Barcode Scanner app. The application ID for Barcode Scanner is ‘com.google.zxing.client.android’. Refer to the following bug report and select the reason why this might be the case: copy and paste the following link to open bug report: http://tiny.cc/crqwcz

(A) Use of the camera has been blocked

(B) Barcode Scanner requires a Google Account, and the device is using a Managed Google Play Account

(C) Barcode Scanner is not installed

(D) The device is not being managed

Q.13 – Your customer wants to ensure that their corporate browser always goes through VPN, but at the same time, they want to implement the best configuration to reduce unnecessary traffic over the corporate VPN. What VPN configuration would best fit the customer’s specific requirements?

(A) Always-On VPN

(B) Per-Profile VPN

(C) User-Initiated VPN

(D) Per-App VPN

Q.14 – A VPN provider is looking to offer better support for their Android customers who are migrating from Device Administrator to Android Enterprise. Their customers have previously been complaining that their application has not been receiving the configurations to resolve the VPN host. What is Google’s suggested best practice to support this functionality?

(A) Externally readable ini file

(B) Managed configurations via managed Google Play

(C) Insert the VPN configuration as part of DPC extras

(D) Configure it within the WiFi details for NFC bump

Q.15 – Your customer is deploying Android Enterprise on their Android 11.0 devices. They are in the process of testing their private apps on the new devices, and one of their applications is throwing exceptions. The same application appears to work correctly on Android 8.0 devices. How would you explain this behavior?

(A) The application has not been coded towards the correct API level

(B) The application package name is not compatible with Android 11.0

(C) The application has not passed the security checks for Android 11.0

(D) They need to install an older version of the application then upgrade it

Q.16 – One of your customers is concerned about security on their Android devices, specifically in regards to key generation, key import, signing & verification services. Which of the following security features of Android can you leverage as a good starting point for your conversation?

(A) Verified Boot

(B) Rollback Prevention

(C) Application Sandboxing

(D) Trusted Execution Environment

Q.17 – You’re an IT admin, and you want to initiate the trial of an app developed by an Independent Software Vendor (ISV). What identifier must be provided to the ISV for them to grant access to the application within your company’s managed Google Play?

(A) User ID

(B) Android device ID

(C) Organization ID


Q.18 – You are uploading an APK via the managed iFrame, the APK uploads successfully. You go to the managed Play Store, the next day, to begin the app distribution process only to find the app removed from the store. What would be the reason for this?

(A) The APK is unsigned

(B) The application ID is incorrect

(C) The APK exceeds the maximum file size limit allowed

(D) Google Play Protect detected this as a potentially harmful app

Q.19 – Using the bug report provided, please identify three non-System apps on the device. Copy and paste the following link to open bug report 2: http://tiny.cc/occwcz

(A) Docs, Translate, Keep

(B) Chrome, Gmail, YouTube

(C) Calendar, Quicksearchbox, Camera

(D) Documents UI, Messaging, HTML Viewer

Q.20 – A customer is uploading a new application to Google Play and wants to reuse the Application ID of another unlisted app. What is the expected behavior?

(A) Google Play will silently replace the old application with the new application

(B) As long as the old app is unlisted, Google Play will allow upload of the new app, which reuses the same Application ID

(C) Google Play will automatically generate a new Application ID and allow the app to be uploaded

(D) The application will be rejected because Google Play only allows a single instance of an Application ID

Q.21 – One of your users is experiencing issues with their device. As their IT Admin, you need to retrieve the logs from the affected devices to troubleshoot this issue. Which one of the following approaches should you take, according to Google’s best practices?

(A) Download a “log retriever” application, then email the logs to yourself

(B) Plug the device into a computer and retrieve the logs by running adb bugreport in a terminal

(C) Go into developer mode on the device, and download the logs to the device internal storage

(D) Factory reset the device and restore the user configuration to verify if the issue persist

Q.22 – Users are reporting an issue on their devices. You ask your customer to pull some logs from an affected device, but their device policy is preventing them from capturing the requested logging. Which of the following policies enables/disables a user’s ability to generate Android bug reports?





Q.23 – Your customer is trying to enroll Pixel 3 phones using zero-touch enrollment. Despite the device having an active connection to WiFi or data, the DPC isn’t downloading. Which is the appropriate troubleshooting step to take next?

(A) Verify that the IMEIs in the zero-touch portal match the phones they are using

(B) Verify that the users have been correctly configured on the EMM console

(C) Verify the DPC Extras are complete and correct

(D) Verify that the device is running Android 7 or above

Q.24 – Your customer is reporting that users can enable Bluetooth, despite having set a company-wide policy that should disable Bluetooth. Which of the following would you choose to troubleshoot this policy issue? Select the two correct answers.

(A) Select OS version/device

(B) Set managed config

(C) Provision device

(D) Set device policies

Q.25 – Users are reporting that they are seeing the consumer Play Store on their fully managed work devices. Which of the following would be valid troubleshooting steps for this issue? Select the two answers that apply.

(A) Verify that the EMM is still bound to the user’s company

(B) Verify that the IT admin has uploaded the company’s apps to the Google Play Developer Console

(C) Ensure that the IT admin has set an application allowlist instead of allowing an open Play Store

(D) Ensure that the IT admin has set the correct managed configuration for the Google Play Store

Q.26 – You identified an issue with a device and pulled a bug report. Your next step is to share the bug report with the EMM provider. Which of the following aligns with Google’s recommended best practice for sharing bug reports?

(A) Delete any user identifiable data from the bug report, then share it with your EMM provider

(B) Upload the bug report to a cloud storage provider and share it with individuals who need access to the content

(C) Email the bug report to Google support

(D) Do a screensharing session to show the EMM provider the bug report

Q.27 – Using the bug report provided, please identify three apps installed in the work profile. Copy and paste the following link to open bug report 1: http://tiny.cc/2dawcz

(A) YouTube, Docs, Chrome

(B) Sheets, Gmail, Files by Google

(C) Dropbox, Translate, Skype

(D) Keep, Slides, Earth

Q.28 – An Independent Software Vendor (ISV) has developed a private app for your customer. They uploaded it through the Google Play developer console, but your customer does not see it in their managed Google Play store. After doing some troubleshooting, you realize that the ISV has not correctly assigned the app in the Google Play console. Which of the following identifiers should you provide to the ISV so that they can assign the app correctly?

(A) Organization ID

(B) Device ID

(C) Company ID

(D) User ID

Q.29 – A new customer is looking to enroll dedicated devices running Android 7.0. Which methods of provisioning could they use to enroll the devices? Select the three correct answers.


(B) QR Code

(C) Zero-touch

(D) EMM Identifier

Q.30 – A customer is reporting an issue when provisioning devices through zero-touch. By following the problem-solving framework, you have concluded that the core issue is related to the IMEIs. Whom would you contact to help resolve this?


(B) Reseller/carrier


(D) Customer’s procurement team

Q.31 – Your customer is provisioning devices via zero-touch enrollment deploying multiple configurations. They report that a group of devices is not enrolling automatically into their EMM, while other devices have enrolled successfully. You have already confirmed that the devices are listed in the zero-touch console. The end-user reports seeing an EMM-branded screen on the device, but is unable to login. What would be the next troubleshooting step you would advise?

(A) Check that the DPC extras are correct according to the EMM

(B) Re-upload the devices in the zero-touch console

(C) Go to admin.google.com and remove the domain binding to their EMM

(D) Go to their EMM console, remove and add the binding to the Managed Google Play account

Q.32 – Your customer is deploying devices that will be used at a university. One of the requirements is to monitor traffic for unauthorized content. They wish to implement SSL inspection to fulfill this requirement. What would be your recommendation based on Google’s best practices?

(A) The customer can use any SSL proxy solution out of the box, as none of them will interfere with their Android deployment

(B) The customer can configure SSL inspection, as long as traffic to Google services bypasses the proxy

(C) The customer should configure traffic on ports other than 443 to bypass the proxy

(D) The customer should configure all traffic to hosts connecting on port 443 to bypass the proxy

Q.33 – Your EMM, who uses a Custom DPC, doesn’t have a settings toggle that you notice has been available since 7.0 as per the developer documentation. What is the best next step to get access to that feature?

(A) Raise a feature request with the EMM to support the toggle

(B) Speak to your OEM to bring support for the toggle within their OEM Config application

(C) Raise the request with Google

(D) Create a small app yourself using the developer documentation and toggle it via app config

Q.34 – An OEM is looking to build new devices that will support a large enterprise customer, who wants to be able to leverage Android Enterprise functionality to manage their devices. What is the minimum requirement they need to comply with to support Android Enterprise?

(A) Google Mobile Services (GMS) Certification

(B) Android Enterprise Recommended

(C) Frequent Security Patches

(D) Android Open Source Project (AOSP)

Q.35 – Using the bug report provided, please identify three User Restrictions applied to the work profile. Copy and paste the following link to open bug report 1: http://tiny.cc/2dawcz

(A) no_add_user, no_autofill, no_config_credentials

(B) ensure_verify_apps, no_bluetooth_sharing, no_install_unknown_sources

(C) no_config_location, no_config_vpn, no_content_suggestions

(D) no_cross_profile_copy_paste, no_debugging_features, no_unified_password

Q.36 – Which of the following is a reason to choose Android Enterprise over Device Admin?

(A) Device Admin is deprecated, and the associated APIs are being progressively removed

(B) Android Enterprise has the ability to push apps to enduser devices, while this cannot be achieved when using Device Admin

(C) Android Enterprise is comparable to Device Admin and there is no reason to choose one over the other

(D) Devices can migrate over to Device Administrator from Android Enterprise in the future should IT Admins change their mind on the management type

Q.37 – An IT Admin notices that enrollment consistently fails when updating Google Play services over Wi-Fi. This issue occurs during deployment, on a variety of different devices. The Admin notes that when the devices are on cellular data, enrollment is successful. What next step would you take to try to resolve this issue?

(A) Disable all SSL inspection on the network

(B) Check that all required ports are open in the firewall

(C) Check the ADB logs on one of the affected devices

(D) Check that managed configurations on Google Play services are set up correctly

Q.38 – Which API can EMMs use to deploy apps via Managed Google Play? Select the two answers that apply.

(A) Firebase Management API

(B) App Engine Admin API

(C) Android Management API

(D) Google Play EMM API

Q.39 – Some users are reporting that they cannot connect to the corporate WiFi. You notice in your EMM console that your WiFi certificate has failed to install on the affected devices. What might be the cause of this?

(A) The EMM DPC has a pending update

(B) Device passcode has not been set

(C) The device has a pending update

(D) Device is unable to see the SSID the certificate is trying to validate against

Q.40 – Your customer has previously been using a containerized solution on Device Administrator, and they are planning their migration to Android Enterprise. One of the customer requirements, coming from their IT team, is to set and enforce a security challenge for their BYOD users within the work profile that is separate and has different requirements from the device security challenges. Taking into account this requirement, what would you recommend?

(A) Recommend the IT Team that they only support BYOD on devices running Android 6.0+

(B) Recommend the organisation instead deploy fully managed devices with work profile, as this Android Enterprise feature is only supported in this management mode

(C) Recommend the IT Team that they only support BYOD on devices running Android 5.1+

(D) Recommend the IT Team that they only support BYOD on devices running Android 7.0+

Q.41 – A customer reported that their applications are not being installed silently on their users’ devices. Which of the following troubleshooting areas should you consider when working on an “application install” issue? Select the two correct answers.

(A) Configure provisioning

(B) Approve/assign apps

(D) Create/sync users or groups

Q.42 – Your customer has a requirement to prevent certain apps from using an active VPN on a fully-managed device. Which one would be the recommended way to configure this?

(A) Add the applications that should go through the VPN to the allowlist

(B) Assign managed application configurations to the applications on the denylist with policies to prevent use of the VPN

(C) Block traffic to and from the app on the local network

(D) Create a work profile on the fully managed device and route all traffic through the whole work profile

Q.43 – Using the bug report provided, please identify three User Restrictions applied to the device. Copy and paste the following link to open bug report 2: http://tiny.cc/occwcz

(A) ensure_verify_apps, no_user_switch, no_usb_file_transfer

(B) no_uninstall_apps, no_system_error_dialogs, no_sms

(C) no_share_location, no_set_wallpaper, no_safe_boot

(D) no_config_cell_broadcasts, no_add_managed_profile, no_config_wifi

Q.44 – Your customer is reporting that some users can enable Bluetooth, despite having set a company-wide policy that should disable Bluetooth. Referring to the UserManager developers’ documentation, in which version of Android was support for disabling Bluetooth introduced?

(A) 9.0

(B) 8.0

(C) 7.0

(D) 6.0

Q.45 – You’re provisioning dedicated devices, and notice that lock task mode policy is failing to apply on a subset of them. Which of the following tools would it be appropriate to use to troubleshoot the problematic devices?

(A) Android Management API Colab

(B) Test DPC

(C) Android Management Experience

(D) EMM console

Q.46 – You are planning the staging of a large quantity of devices prior to distributing them to their final destination. Which of the following items should you be wary of when staging a large number of devices in one space?

(A) Network bandwidth

(B) Charging points for all of your devices

(C) Devices on the latest version of Android

(D) Location services will be enforced

Q.47 – A customer reaches out to you with a specific set of requirements for their device management. They have requested your help selecting an EMM. What Android resources would you leverage to help them finding the EMM that best fits their needs?

(A) Compatibility Definition Document (CDD)

(B) Enterprise Solutions Directory and Android Enterprise feature list

(C) Android Enterprise terminology documentation and Solutions glossary

(D) developer.android.com

Q.48 – One of your customers is reporting that a subset of their devices is not getting provisioned correctly through QR code. You need to help them troubleshoot this issue. Which of the following areas should you look into when troubleshooting a provisioning issue? Select the two correct answers.

(A) Set device policies

(B) Provision device

(C) Select OS version/device

(D) Set managed config

Q.49 – Your customer is reporting that applications on a group of their devices are not updating consistently. You want to advise them on Android best practices around managing app updates from the Play Store. Which of the following are two of the default guidelines for updates to happen promptly? Select the two correct answers.

(A) Devices are charging

(B) Devices on a secure WiFi (WPA2 and above)

(C) Devices are connected to a Wi-Fi network

(D) Location services must be turned on

Q.50 – Your customer is planning their migration from Device Admin to Android Enterprise, and they have some questions around VPN configuration. Which of the following is one advantage that Android Enterprise has over Device Admin when configuring a VPN?

(A) In using Device Admin you can leverage app wrapping to push any VPN configuration to your app

(B) There is no fundamental difference in the way that VPN are configured

(C) In Android Enterprise, you can leverage Managed Configurations to push VPN configurations

(D) Device Administrator offers an easier path to integration for EMMs

More certification answers:


  • Size489 KB
  • Length53 pages


Android Enterprise Experts Certification Exam Answers

Enter your info to complete your purchase

Give as a gift


or pay with
pp paypal
You'll be charged US$6.95.