ASSOCIATE-GOOGLE-WORKSPACE-ADMINISTRATOR · Question #44
You are applying device and user policies for employees in your organization who are in different departments. You need each department to have a different set of policies. You want to follow Google-r
The correct answer is D. Create a child organizational unit for each department.. Google's recommended practice for policy segmentation is to place the organization at the top-level OU and create child OUs beneath it for each department. Policies applied to a child OU override or extend the parent OU's settings, enabling per-department control without redundan
Question
You are applying device and user policies for employees in your organization who are in different departments. You need each department to have a different set of policies. You want to follow Google-recommended practices. What should you do?
Options
- ACreate separate top-level organizational units for each department.
- BCreate an Access group for each department. Configure the applicable policies.
- CAdd all managed users and devices in the top-level organizational unit.
- DCreate a child organizational unit for each department.
How the community answered
(37 responses)- A5% (2)
- B11% (4)
- C3% (1)
- D81% (30)
Explanation
Google's recommended practice for policy segmentation is to place the organization at the top-level OU and create child OUs beneath it for each department. Policies applied to a child OU override or extend the parent OU's settings, enabling per-department control without redundancy. Option A (separate top-level OUs per department) is not the recommended structure and makes it harder to apply org-wide baseline policies. Option B (Access groups) can supplement OU-based policy but groups alone are not the primary mechanism for device policy. Option C (all users in the top-level OU) prevents any per-department differentiation.
Topics
Community Discussion
No community discussion yet for this question.