Exam FlashArray-Implementation-Specialist Topic 3 Question 37 Discussion
Actual exam question for Pure Storage's FlashArray-Implementation-Specialist exam
Question #: 37
Topic #: 3
Question #: 37
Topic #: 3
A customer would like to reduce SafeMode settings for retention and eradication with their current policy. How is authorization obtained to make the requested changes?
Suggested Answer: B Vote an answer
To reduce SafeMode protections (such as shortening the retention period or disabling the eradication timer), two authorized SafeMode approvers must authenticate and approve the request via Pure1 step-up authentication.
SafeMode is a ransomware protection feature designed to prevent the accidental or malicious deletion of snapshots. Because reducing these protections weakens the array's security posture, Pure Storage enforces a strict "Ratchet" authorization process.
The Process: Unlike standard support requests, a single admin or local user cannot authorize this change (making Option C incorrect). The customer must have previously designated specific individuals as "SafeMode Approvers" in their Pure1 portal.
Authorization: When a request to weaken the policy is made, Pure Support triggers a verification workflow. Two of these designated approvers must log into Pure1 and perform a secondary authentication (often involving a PIN or TOTP) to explicitly "sign off" on the reduction. This "two-person rule" ensures that a compromised credential or a rogue insider cannot unilaterally expose the organization's backup data to destruction.
SafeMode is a ransomware protection feature designed to prevent the accidental or malicious deletion of snapshots. Because reducing these protections weakens the array's security posture, Pure Storage enforces a strict "Ratchet" authorization process.
The Process: Unlike standard support requests, a single admin or local user cannot authorize this change (making Option C incorrect). The customer must have previously designated specific individuals as "SafeMode Approvers" in their Pure1 portal.
Authorization: When a request to weaken the policy is made, Pure Support triggers a verification workflow. Two of these designated approvers must log into Pure1 and perform a secondary authentication (often involving a PIN or TOTP) to explicitly "sign off" on the reduction. This "two-person rule" ensures that a compromised credential or a rogue insider cannot unilaterally expose the organization's backup data to destruction.
by Ferdinand at Jun 12, 2026, 05:44 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).