Plan Tiers
Claude's subscription ladder: Free ($0, limited Cowork), Pro ($20/month, full Cowork, 5-hour rate limit resets), Max ($100-200/month, 5-20x Pro usage, conversation memory), Team Standard ($25/seat, admin tools, SSO), Team Premium ($100-150/seat, full Cowork + Claude Code), and Enterprise (custom pricing, SAML SSO, SCIM, RBAC, tenant restrictions).
Exam context: Know which features exist at which tier. Computer Use and Dispatch require Pro or Max. Tenant restrictions are Enterprise-only. The Cowork admin toggle is all-or-nothing (org-wide, not per-user).
See also: 6.1 Plan Selection & Feature Availability
Rate Limit Resets
Pro plan rate limits reset every 5 hours, not daily. Heavy users can hit the ceiling mid-morning, wait it out, and get a fresh allocation by mid-afternoon. Understanding the reset window helps teams plan workloads rather than discovering limits during a critical task.
Exam context: Know the 5-hour reset cycle for Pro. Max plans offer 5x to 20x the Pro allocation. Questions may present a scenario where a user hits limits and ask for the best mitigation strategy.
See also: 6.1 Plan Selection & Feature Availability
Tenant Restrictions
An Enterprise-only feature that prevents employees from using personal Claude accounts on corporate devices. Implemented via HTTP header injection through a network proxy, tenant restrictions ensure only managed organisational accounts can access Claude. Without this, any employee can bypass organisational controls by logging in with a personal email.
Exam context: A common trap claims tenant restrictions are available on Team plans. They are not — Team offers SSO and domain verification but cannot technically prevent personal account usage on the same device.
See also: 6.1 Plan Selection & Feature Availability
The Audit Gap
The architectural reality that Cowork activity is excluded from Enterprise Audit Logs, the Compliance API, and all data exports — on every plan tier, including Enterprise. There is no configuration that enables Cowork audit logging. This makes Cowork unsuitable for regulated workloads until Anthropic addresses the gap.
Exam context: This is one of the most heavily tested concepts in Domain 6. Know that the gap exists on all tiers, that it is not a configuration issue, and that it directly blocks HIPAA, SOX, PCI-DSS, and SOC 2 compliance.
See also: 6.2 Security & Privacy for Cowork
Data Training Policies
Rules governing whether conversation data is used to improve Claude's models. Team and Enterprise plans have no-training defaults enforced centrally. Pro and Max users must manually opt out in Settings > Privacy. A single Pro user who forgets to opt out could expose sensitive data to the training pipeline.
Exam context: Know that the centralised no-training default on Team plans is a governance feature worth the cost premium over Pro — it eliminates the risk of individual user non-compliance.
See also: 6.2 Security & Privacy for Cowork
Local-Only History
Cowork conversation history is stored on each user's local machine, not on Anthropic's servers. It cannot be centrally managed, searched, exported, or deleted by administrators. Anthropic's data retention policies, geographic residency guarantees, and deletion mechanisms do not apply to locally stored Cowork data.
Exam context: Know that local-only storage means Zero Data Retention (ZDR) policies do not apply to Cowork — ZDR governs data on Anthropic's servers, not local storage.
See also: 6.2 Security & Privacy for Cowork
Web Search Egress Bypass
Even when an organisation uses a network proxy to control outbound traffic, Cowork's built-in web search can bypass those egress restrictions. Claude can reach the open internet during a task regardless of corporate network controls — a significant consideration for security-sensitive environments.
Exam context: A trap claims corporate proxy settings block all Cowork internet access. They do not — the web search tool operates independently of egress controls.
See also: 6.2 Security & Privacy for Cowork
Compliance Gaps
The specific regulatory frameworks Cowork cannot currently satisfy: HIPAA (healthcare), SOX (financial reporting), PCI-DSS (payment card data), and SOC 2 (service organisation controls). The combination of unauditable activity, local-only storage, and no compliance exports makes chain-of-custody documentation impossible.
Exam context: Questions test whether you can identify the specific blocker for regulated workloads. The answer is always the audit gap — not sandbox isolation, not training policies, but the inability to produce an audit trail.
See also: 6.3 Compliance Gaps & Limitations
Data Exfiltration Channels
Pathways through which data can leave the Cowork sandbox despite local file system restrictions. These include MCP server calls (sending data to connected services), Chrome browser actions (submitting forms, navigating URLs), and cURL commands (HTTP requests to arbitrary endpoints). The sandbox contains local access but not network egress.
Exam context: A trap claims the VM sandbox prevents all data exfiltration. It does not — the sandbox restricts file system escape but allows outbound network traffic through multiple channels.
See also: 6.3 Compliance Gaps & Limitations
OpenTelemetry
An observability framework that can provide partial visibility into Cowork's execution through environment variables. It instruments API calls, tracks token usage, and logs session metadata. This is not a replacement for native audit logs, but offers a compensating control for organisations that need some visibility.
Exam context: Know that OpenTelemetry is a partial compensating control, not a complete solution. It provides metadata-level observability, not full conversation logging.
See also: 6.3 Compliance Gaps & Limitations
Phased Rollout
The recommended three-phase approach to deploying Cowork across a team: (1) pre-enablement — policy writing, folder structure setup, mandatory training, pilot group selection; (2) rollout day — controlled launch, supervised first tasks; (3) ongoing operations — monitoring usage, updating the Acceptable Use Policy, running security refreshers.
Exam context: Questions test whether you can identify the correct phase for a given activity. Training before access is a pre-enablement task, not a rollout-day task.
See also: 6.4 Team Onboarding & Training
Acceptable Use Policy
A written policy required before enabling Cowork that covers: approved use cases (document summarisation, data analysis, report generation), prohibited data types (credentials, PII, regulated records), scheduled task boundaries, and incident reporting procedures for unexpected behaviour.
Exam context: Know that an Acceptable Use Policy is a prerequisite for enablement, not an afterthought. Questions may ask what should be completed before flipping the admin toggle.
See also: 6.4 Team Onboarding & Training
Admin Toggle
The organisation-wide control that enables or disables Cowork for all users. It works like a main circuit breaker — the entire organisation is either on or off. There is no per-user, per-group, or per-department granularity. Organisations that need selective access must use policy and training controls.
Exam context: A trap claims you can enable Cowork for Engineering only using RBAC. You cannot — the toggle is all-or-nothing.
See also: 6.4 Team Onboarding & Training
ROI Measurement
The practice of quantifying Cowork's business value through documented time reduction, productivity gains, and cost-benefit analysis. Credible case studies include Novo Nordisk (10+ weeks to 10 minutes), Cox Automotive (doubled lead follow-ups), and IBM (45% developer productivity increase). Your business case needs your own measured outcomes, not projections.
Exam context: Questions test whether you can build a defensible business case. The correct approach always involves honest disclosure of the audit gap alongside productivity metrics.
See also: 6.5 Measuring ROI & Building the Business Case
Total Cost of Ownership
The full cost of a Claude deployment beyond seat pricing. Enterprise combines seat licensing with per-token API rates, and heavy agentic usage through Cowork consumes significantly more tokens than standard chat (sub-agents, file processing, and web browsing all generate overhead). A budget that accounts only for seat fees will be dramatically underestimated.
Exam context: Know that comparing Pro ($20/month) to Team ($25/seat) on price alone misses the governance value. Questions test whether you factor in risk reduction alongside subscription costs.
See also: 6.5 Measuring ROI & Building the Business Case
RAG Capacity
Retrieval-Augmented Generation capacity — the amount of organisational knowledge that can be uploaded to Project knowledge bases for Claude to reference. Enterprise RAG handles approximately 10x the content of standard plans, making it viable for large policy libraries, technical documentation, and historical report archives.
Exam context: Know that RAG is like giving Claude an open-book exam rather than asking it to rely on memory. Enterprise-scale RAG is a key differentiator for knowledge-heavy deployments.