What NetApp data protection solution ensures that data cannot be accessed if a disk shelf is stolen?
B
Explanation:
Disk encryption (such as NetApp Storage Encryption or NetApp Volume Encryption) ensures that data
stored on disks is inaccessible if a disk or disk shelf is stolen, because the data is encrypted at rest
and requires keys that are not stored on the hardware itself.
Which two NetApp data security solutions can be licensed to help protect against ransomware
attacks? (Choose two.)
A, D
Explanation:
Spot Security uses machine learning to detect anomalies and threats, including potential
ransomware activity, and helps enforce zero-trust security policies.
ONTAP One includes comprehensive security features such as Autonomous Ransomware Protection
(ARP), multi-admin verification, SnapLock, and more to defend against ransomware attacks.
What ensures that data is continuously secure and encrypted in-flight?
C
Explanation:
TLS (Transport Layer Security) ensures that data is encrypted in-flight, meaning during transmission
between systems. It protects data against eavesdropping and tampering as it moves over the
network.
As the administrator of a NetApp cluster with multi-admin approval enabled for volume deletes, you
have been tasked with deleting a volume. No other administrator is available to approve this request.
What do you need to do to disable multi-admin approval?
B
Explanation:
When multi-admin approval (MAA) is enabled in ONTAP, it cannot be disabled by a single
administrator through standard commands or GUI actions to maintain security integrity. To disable
MAA without the required approvals, you must open a NetApp support case to request assistance.
When backing up on-premises NetApp ONTAP volumes to tape using NDMP, which two engines are
supported by ONTAP software? (Choose two.)
B, D
Explanation:
When using NDMP (Network Data Management Protocol) to back up ONTAP volumes to tape, ONTAP
supports two backup engines:
● SMTape: Used for block-level backups.
● dump: Used for file-level backups.
These are the only engines supported by ONTAP for NDMP-based tape backups.
A VMware Administrator needs to restore a VM after a recent server patch update has corrupted the
VM operating system.
What is the quickest way to restore the VM?
C
Explanation:
Creating a FlexClone from a pre-patch Snapshot is the quickest, space-efficient method to restore a
single VM without affecting others in the datastore. It enables immediate access to the VM’s
previous state without a full restore or rollback of the entire volume.
An administrator has been tasked to replicate data between two NetApp clusters to ensure that the
data is replicated no more than once per hour.
Which NetApp solution meets this requirement?
D
Explanation:
SnapMirror Asynchronous is designed to replicate data based on a scheduled interval, such as once
per hour. It is ideal for disaster recovery scenarios where zero RPO is not required but periodic
replication is sufficient.
Your customer wants to set up a local retention time of at least four months. They also want to
protect a week of retention from being deleted by ransomware or rogue administrators.
Which two settings create the correct Snapshot policy to achieve this? (Choose two.)
B, D
Explanation:
To meet the requirement of 122 days ≈ 4 months, so setting the weekly Snapshot copy retention to
122 days ensures local backups are retained for that duration.
To protect a week of retention from tampering, apply SnapLock to the daily Snapshot copies with a 7-
day retention, which makes them tamper-proof and resistant to deletion by ransomware or rogue
administrators.
What is the minimal interface requirement for a SnapMirror relationship between clusters?
C
Explanation:
For a SnapMirror relationship to function properly, each node in a cluster must have at least one
intercluster LIF. These LIFs are used exclusively for replication traffic and ensure that all nodes can
participate in SnapMirror operations.
You have a large 2PiB flexgroup that will need to be failed over to a DR site for a weekend due to
maintenance work at the original site. To speed up time to return to normal operations the Storage
Administrator will use the -quick-resync true option when reversing the SnapMirror relationship.
What needs to be taken into consideration when it comes to using quick resync?
D
Explanation:
When using the -quick-resync true option in SnapMirror, storage efficiencies such as deduplication
and compression are not preserved on the original source during resync. This means that efficiencies
will be lost on the source volume, and data will be rehydrated to its full form during transfer.
An administrator is setting up SnapMirror SVM replication. One of the source data volumes uses
cloud tiering with the snapshot-only tiering policy.
Which cloud tiering policy is supported on the destination volume?
D
Explanation:
When using SnapMirror SVM replication, the cloud tiering policy on the destination volume must
match the source if tiering is to be preserved. The only supported tiering policy in this context is
snapshot-only, which moves cold Snapshot blocks to cloud tier. This ensures compatibility during
replication.
What are the two modes for Autonomous Ransomware Protection (ARP)? (Choose two.)
A, D
Explanation:
Autonomous Ransomware Protection (ARP) operates in two modes:
● Learning mode: ARP observes and learns baseline workload behaviors to distinguish between
normal and abnormal activity.
● Active mode: ARP actively monitors and can automatically respond to ransomware-like behavior
by alerting or taking protective actions.
You have created a SnapMirror relationship from your production volume serving SMB/CIFS data to
your DR cluster. After two days of updates, you do not see any of the expected snapshots on the
secondary volume.
Why is SnapMirror failing to replicate snapshots?
D
Explanation:
SnapMirror replication is driven by labels that match between the snapshot policy on the source
volume and the SnapMirror policy. If the snapshot policy on the source does not include the correct
SnapMirror label, SnapMirror will not recognize which snapshots to replicate, resulting in no
transfers.
A customer is running NetApp ONTAP 9.14.1 software and asks you to protect some data in a way
that even disk zeroing cannot delete.
Which command enforces the requirement?
A
Explanation:
The SnapLock Compliance mode provides WORM (Write Once, Read Many) protection that is
irrevocable, even by administrators, and not removable by disk zeroing or reinitialization. This
satisfies stringent regulatory and tamper-proof data protection requirements.
You need to upgrade to NetApp ONTAP 9.12.1 software on your source cluster in a SnapMirror
relationship. The source cluster differs from the destination cluster and you want to take advantage
of version-flexible SnapMirror replication.
Which option should you choose?
D
Explanation:
To take advantage of version-flexible SnapMirror (introduced with XDP-type relationships), you must
delete the existing DP-type relationship and create a new one using type XDP. DP-type relationships
do not support version flexibility, which allows the source and destination clusters to run different
ONTAP versions.