Section 1 – Network Security (15%)
- Demonstrate knowledge of how to control network protocol access
- Describe Cohesity best practices to secure inflight backup data
Section 2 – System Hardening (22%)
- Describe Write Once, Read Many (WORM) storage technology
- Describe Cohesity encryption capabilities
- Demonstrate knowledge of how to reduce the attack surface
- Demonstrate knowledge of how to secure underlying system access
Section 3 – Security Assessment (13%)
- Describe compliance, legal holds and data retention capabilities
- Describe how Cohesity features can protect against attacks
- Describe Zero Trust platform design
- Describe scenarios where third-party solutions are relevant to a secure Cohesity design
Section 4 – User and Access Management (17%)
- Describe the options available for multi-factor authentication
- Describe how to configure single sign-on (SSO)
- Describe how to configure or manage role-based access control (RBAC)
- Demonstrate knowledge of Active Directory user authentication best practices
- Demonstrate knowledge of how to configure multi-tenancy security
- Demonstrate knowledge of how Quorum groups can restrict privileged actions
Section 5 – Cohesity Monitoring and Reporting (10%)
- Describe Cohesity audit logging capabilities
- Describe the benefits of using remote syslog servers
- Demonstrate knowledge of how to implement monitoring for ransomware or data breaches
- Describe alert notifications on a Cohesity cluster
Section 6 – Incident Response and Remediation (13%)
- Demonstrate knowledge of how to recover from an incident
Section 7 – Secure Data Management (10%)
- Demonstrate knowledge of data isolation methods