U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Pure Storage FlashArray-Implementation-Specialist Exam - Topic 4 Question 22 Discussion

A customer would like to reduce SafeMode settings for retention and eradication with their current policy. How is authorization obtained to make the requested changes?
B) Two SafeMode approvers need to acknowledge via Pure1 step-up authentication before any changes can be made.
A) A Pure1 Admin needs to approve any changes for Pure Support to proceed.
C) The local account on FlashArray needs to permit any local changes.

Pure Storage FlashArray-Implementation-Specialist Exam - Topic 4 Question 22 Discussion

Actual exam question for Pure Storage's FlashArray-Implementation-Specialist exam
Question #: 22
Topic #: 4
[All FlashArray-Implementation-Specialist Questions]

A customer would like to reduce SafeMode settings for retention and eradication with their current policy. How is authorization obtained to make the requested changes?

Show Suggested Answer Hide Answer
Suggested Answer: B

To reduce SafeMode protections (such as shortening the retention period or disabling the eradication timer), two authorized SafeMode approvers must authenticate and approve the request via Pure1 step-up authentication.

SafeMode is a ransomware protection feature designed to prevent the accidental or malicious deletion of snapshots. Because reducing these protections weakens the array's security posture, Pure Storage enforces a strict 'Ratchet' authorization process.

The Process: Unlike standard support requests, a single admin or local user cannot authorize this change (making Option C incorrect). The customer must have previously designated specific individuals as 'SafeMode Approvers' in their Pure1 portal.

Authorization: When a request to weaken the policy is made, Pure Support triggers a verification workflow. Two of these designated approvers must log into Pure1 and perform a secondary authentication (often involving a PIN or TOTP) to explicitly 'sign off' on the reduction. This 'two-person rule' ensures that a compromised credential or a rogue insider cannot unilaterally expose the organization's backup data to destruction.


Contribute your Thoughts:

0/2000 characters

Currently there are no comments in this discussion, be the first to comment!


Save Cancel