Cohesity Data Security Professional

The Cohesity Data Security Professional certification exam is designed for technical roles, such as:

• Professional Services Engineer
• Security Administrator
• Data Protection Administrator
• Data Architect
• Sales Engineer (SEs)
• Storage Administrators
• Network Administrators

Products, solution areas and capabilities covered in this exam include:

• Cohesity Data Cloud
• Cohesity DataProtect
• Cohesity CloudArchive
• Cohesity Replication
• Cohesity SmartFiles
• Cohesity Threat Defense Architecture
• Cohesity Cloud Services

• Cohesity Platform Foundations (eCourse)
• Cohesity Data Protection Operations (Instructor-Led)
• Cohesity Data Security Administration (Instructor-Led)
• Cohesity Threat Detection, Cohesity Fort Knox, and Cohesity Data Classification – Getting Started (eCourses)
• Familiarity with the Cohesity UI
• Familiarity with relevant documentation (e.g., manuals, documents, industry standards recommended)
• 3-6 months experience on Cohesity

• Cohesity User Guide
• Cohesity Support Portal and Knowledgebase articles
• Cohesity Product Documentation — e.g., Data Cloud, DataProtect, SmartFiles, Hardware Guides, Technical Guides, etc.

Section 1 – Network Security (15%)

• Demonstrate knowledge of how to control network protocol access
• Describe Cohesity best practices to secure inflight backup data

Section 2 – System Hardening (22%)

• Describe Write Once, Read Many (WORM) storage technology
• Describe Cohesity encryption capabilities
• Demonstrate knowledge of how to reduce the attack surface
• Demonstrate knowledge of how to secure underlying system access

Section 3 – Security Assessment (13%)

• Describe compliance, legal holds and data retention capabilities
• Describe how Cohesity features can protect against attacks
• Describe Zero Trust platform design
• Describe scenarios where third-party solutions are relevant to a secure Cohesity design

Section 4 – User and Access Management (17%)

• Describe the options available for multi-factor authentication
• Describe how to configure single sign-on (SSO)
• Describe how to configure or manage role-based access control (RBAC)
• Demonstrate knowledge of Active Directory user authentication best practices
• Demonstrate knowledge of how to configure multi-tenancy security
• Demonstrate knowledge of how Quorum groups can restrict privileged actions

Section 5 – Cohesity Monitoring and Reporting (10%)

• Describe Cohesity audit logging capabilities
• Describe the benefits of using remote syslog servers
• Demonstrate knowledge of how to implement monitoring for ransomware or data breaches
• Describe alert notifications on a Cohesity cluster

Section 6 – Incident Response and Remediation (13%)

• Demonstrate knowledge of how to recover from an incident

Section 7 – Secure Data Management (10%)

• Demonstrate knowledge of data isolation methods