01. You need to ensure that the data you are archiving to an External Target cannot be modified by any cluster user. Which Policy setting must be configured to accomplish this task?
a) CloudSpin
b) DataLock
c) Extended Retention
d) Full Backup
02. Which administrative practice strengthens the security posture of a Cohesity cluster by reducing potential vulnerabilities?
a) Disabling system updates
b) Enabling anonymous authentication
c) Disabling unnecessary services and protocols
d) Allowing all services to remain enabled
03. You have determined that ransomware has been triggered in the environment, and administrative credentials may have been compromised. Which two steps should be performed first to help ensure that the Cohesity cluster is protected in this situation?
(Choose two.)
a) Open a case with support.
b) Enable audit logging.
c) Change passwords.
d) Perform an instant mass restore of critical workloads.
04. What is the primary purpose of integrating Cohesity audit logs with a Security Information and Event Management (SIEM) system?
a) Improve backup performance
b) Increase storage capacity
c) Enable real-time security monitoring and threat detection
d) Simplify snapshot scheduling
05. As part of your responsibilities during a recovery scenario, you need to determine how to re-create your existing Protection Groups and policies. Which two methods would you use to document this information for re-creation at a later date?
(Choose two.)
a) Use the custom reporting database.
b) Use the REST API.
c) Use the built-in Cohesity reports.
d) Share Product Usage Statistics.
06. You created a custom role for a new Microsoft SQL DBA. You want to ensure that this user only has access to all backup and recovery operations of the Microsoft SQL servers that are registered within Cohesity.
In this scenario, how would you accomplish this task?
a) The custom role must have Admin Privileges.
b) The custom role must have Data Security Privileges.
c) The user account has restricted access to select Microsoft SQL sources.
d) The user account has restricted access to select internal Microsoft SQL backup Views.
07. During incident recovery, which Cohesity capability helps identify anomalous backup activity that may indicate compromised data?
a) Anomaly Detection
b) Snapshot scheduling
c) Storage tiering
d) Deduplication
08. What is the primary objective of conducting regular cyber recovery drills in a Cohesity environment?
a) Reduce encryption overhead
b) Improve storage performance
c) Ensure preparedness and validate recovery procedures
d) Increase backup compression efficiency
09. You want to prevent Cohesity cluster credentials from being compromised by a man-in-the-middle attack. In this scenario, which method would satisfy this requirement?
a) Ensure that the cluster or storage domain is encrypted.
b) Enable SMB encryption.
c) Add a Network Information Services provider.
d) Replace the default SSL certificate.
10. Which authentication method enables centralized identity management and simplifies user access to the Cohesity platform?
a) Local authentication
b) Single Sign-On (SSO)
c) Snapshot replication
d) Deduplication
Before you write the Cohesity Security Specialist (COH350) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Cohesity Certified Security Specialist sample questions and demo exam help you in removing these doubts and prepare you to take the test.
