NetApp Certified Implementation Engineer – NFS, ONTAP — Question 13
A ransomware attack has compromised all files on a CIFS share. The volume had a retention policy of five daily Snapshot copies, but unfortunately, no Snapshot copies were available. It was confirmed that the cybercriminal accessed only the share and did not gain access to the NetApp ONTAP cluster.
What command should be executed to prevent the quick restore strategy from being compromised?
Answer options
- A. volume autosize -autogrow disable
- B. security multi-admin-verify modify -enabled true
- C. volume modify -snapdir-access false
- D. volume snapshot -autodelete disabled
Correct answer: C
Explanation
The correct answer is C, as disabling snapshot directory access prevents unauthorized users from modifying or deleting Snapshot copies, thus protecting any future recovery options. Options A, B, and D do not address the protection of Snapshots specifically and do not contribute to maintaining the integrity of the quick restore strategy.