NetApp Certified Cyber Resiliency Expert

This exam tests for the skills and knowledge associated with NetApp® cyber resilience and related industry technologies.  The exam consists of scenario-based questions that require architectural knowledge, as well as creating preventive measures and action plans for attacks to the IT infrastructure.  An understanding of policies and business outcomes and objectives is required, and the ability to determine actions to remediate an attack is essential. Encryption and security knowledge is required, including Identity and Access Management (IAM) and Zero Trust.     

You should have an understanding of:  

• Ransomware protection and detection  
• Disaster recovery  
• Backup  
• Governance and Compliance  
• Cybersecurity: Common issues  
• Cybersecurity: Encryption skills and knowledge  
• Cybersecurity: IAM and authentication skills and knowledge  
• Cybersecurity: Zero Trust skills and knowledge  

Exam Duration: 90 minutes, 60 questions (subject to change)  

Exam Cost: $250   

Domain 1. Ransomware protection and detection (18%) 

Given a scenario, demonstrate the ability to: 

• Recover from a ransomware attack  
• Configure immutable/indelible backups  
• Configure autonomous ransomware protection  
• Configure and monitor ransomware detection alerts  
• Configure tamperproof snapshots  
• Configure Data Infrastructure Insights SWS  

Domain 2. Disaster recovery (7%)  

Demonstrate the ability to: 

• Architect and configure replication for disaster recovery  
• Configure a cyber vault  
• Recover data from Snapshot copies  

Domain 3: Backup (9%)  

Given a scenario: 

• Configure Snapshot backup schedules  
• Demonstrate how to test and verify backup data (SMV:DR)  
• Determine SnapMirror® and SnapVault® configuration and policies  
• Identify monitoring differences between SnapMirror policy mirror-x and SnapMirror vault  

Domain 4: Governance and compliance (12%)  

• Given a scenario, determine how to find unprotected data  
• Given a scenario, determine how to configure encryption  
• Given a scenario, determine how to classify data  
• Demonstrate how to use Secure Purge to securely shred data  

 Domain 5: Cyber security: Common issues (18%)  

• Given a scenario, identify replication failure of data to a destination DR or vault system  
• Given a scenario, identify and remediate IAM authentication failures  
• Given a scenario, use Active IQ® to find and remediate common vulnerabilities and exposures (CVEs)  
• Given a scenario, determine how to monitor syslog and audit Log  
• Demonstrate how to harden the storage system  
• Demonstrate the ability to deploy and configure encryption at-rest and in-flight solutions  
• Determine Monitor Capacity and SnapMirror relationships  

Domain 6: Cybersecurity: Encryption skills and knowledge (13%)  

Given a scenario: 

• Demonstrate the ability to set up onboard or external key manager  
• Demonstrate the ability to configure NAE, NVE, and NSE (SEDs) for encryption at rest  
• Demonstrate the ability to configure data-at-rest encryption  
• Determine when to use encryption with FabricPool  
• Determine how to use cluster peering encryption  

Domain 7: Cybersecurity: Identity and Access Management (AIM) and authentication skills and knowledge (13%)  

Demonstrate the ability to:  

• Configure multifactor authentication (MFA) for SSH/SP  
• Configure MFA for System Manager with SAML or WebAuthn  
• Configure local accounts using RBAC  
• Configure domain access tunnel for AD accounts  
• Deploy and configure IAM and MFA for management  
• Configure LDAP   

Domain 8: Cybersecurity: Zero Trust skills and knowledge (10%)  

Given a scenario: 

• Demonstrate the ability to configure multi-admin verification (MAV) groups and rules to protect against insider threats  
• Demonstrate the ability to configure native file auditing or auditing with an external FPolicy server   
• Determine how to send all audit logs to a remote syslog server