New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ECCouncil 312-76 Disaster Recovery Professional Practice Test Exam Practice Test

Page: 1 / 29
Total 290 questions

Disaster Recovery Professional Practice Test Questions and Answers

Question 1

Which of the following methods is a means of ensuring that system changes are approved before being implemented, and the implementation is complete and accurate?

Options:

A.

Configuration identification

B.

Configuration control

C.

Configuration auditing

D.

Documentation control

Question 2

Which of the following control measures are considered while creating a disaster recovery plan?

Each correct answer represents a part of the solution. Choose three.

Options:

A.

Detective measures

B.

Supportive measures

C.

Corrective measures

D.

Preventive measures

Question 3

Which of the following sub-processes of IT Service Continuity Management is used to make sure that all members of IT staff with responsibilities for fighting disasters are aware of their exactduties?

Options:

A.

ITSCM Training and Testing

B.

ITSCM Support

C.

ITSCM Review

D.

Design Services for Continuity

Question 4

Which of the following backup sites is the best way for rapid recovery if you do not need the full recovery temporarily?

Options:

A.

Hot backup site

B.

Cold backup site

C.

Mobile backup site

D.

Warm backup site

Question 5

Which of the following processes involves reducing the risk until it reaches a level acceptable to an organization?

Options:

A.

Risk Mitigation

B.

Risk Transference

C.

Risk Avoidance

D.

Risk Acceptance

Question 6

Which of the following systems commonly resides on a discrete network segment and monitors the traffic on that network segment?

Options:

A.

Host-Based ID system

B.

Statistical Anomaly-Based ID system

C.

Signature-Based ID system

D.

Network-Based ID system

Question 7

Availability Management deals with the day-to-day availability of services. Which of the following takes over when a 'disaster' situation occurs?

Options:

A.

Capacity Management

B.

Service Level Management

C.

Service Continuity Management

D.

Service Reporting

Question 8

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Business continuity management

B.

Information security policy for the organization

C.

Personnel security

D.

System architecture management

E.

System development and maintenance

Question 9

Which of the following plans provides procedures for disseminating status reports to personnel and the public?

Options:

A.

Disaster Recovery Plan (DRP)

B.

Crisis Communication Plan (CCP)

C.

Emergency Response Plan (ERP)

D.

Cyber Incident Response Plan (CIRP)

Question 10

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

Options:

A.

RTA

B.

RPO

C.

RCO

D.

RTO

Question 11

Which of the following functions is performed by change control?

Options:

A.

It tracks changes to system hardware, software, ?rmware, and

documentation.

B.

It maintains visibility of changes to the system.

C.

It tracks and approves changes to system hardware, software,

?rmware, and documentation.

D.

It ensures that changes to the system are approved.

Question 12

Which of the following is the simulation of the disaster recovery plans?

Options:

A.

Walk-through test

B.

Full operational test

C.

Paper test

D.

Preparedness test

Question 13

Which of the following maturity levels of the software CMM focuses on competent people and

heroics?

Options:

A.

Initiating level

B.

Defined level

C.

Managed level

D.

Repeatable level

Question 14

Which of the following Tier 1 policies will identify who is responsible for what?

Options:

A.

Scope

B.

Responsibilities

C.

Compliance or Consequences

D.

Topic

Question 15

Which of the following backup sites takes the longest recovery time?

Options:

A.

Cold backup site

B.

Hot backup site

C.

Warm backup site

D.

Mobile backup site

Question 16

Fill in the blank with the appropriate phrase.

____________ privilege escalation is the process of attempting to access sources with a higher access, such as a user account trying to access admin privileges.

Options:

A.

Vertical

Question 17

Which of the following backup sites is a replica of the original site of an organization with full computer systems as well as near-complete backups of user data?

Options:

A.

Hot backup site

B.

Warm backup site

C.

Mobile backup site

D.

Cold backup site

Question 18

Which of the following levels of RAID provides security features that are availability, enhanced performance, and fault tolerance?

Options:

A.

RAID-10

B.

RAID-5

C.

RAID-0

D.

RAID-1

Question 19

Fill in the blank:

An______(AS) is a group of networks under a single administration and with

single routing policies.

Options:

A.

Autonomous System

Question 20

Which of the following plans provides procedures for recovering business operations immediately following a disaster?

Options:

A.

Business recovery plan

B.

Continuity of operation plan

C.

Disaster recovery plan

D.

Business continuity plan

Question 21

Which of the following phases is the first step towards creating a business continuity plan?

Options:

A.

Business Impact Assessment

B.

Plan Approval and Implementation

C.

Business Continuity Plan Development

D.

Scope and Plan Initiation

Question 22

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

Options:

A.

RAID-5

B.

RAID-0

C.

RAID-1

D.

RAID-10

Question 23

You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

Options:

A.

Eradication

B.

Identification

C.

Containment

D.

Recovery

Question 24

Which of the following phases involves getting the final senior management signoff and creating enterprise-wide awareness of the plan?

Options:

A.

Business Impact Assessment

B.

Business Continuity Plan Development

C.

Plan Approval and Implementation

D.

Scope and Plan Initiation

Question 25

Which of the following processes identifies the threats that can impact the business continuity of operations?

Options:

A.

Business impact analysis

B.

Function analysis

C.

Requirement analysis

D.

Risk analysis

Question 26

Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

Options:

A.

Identification phase

B.

Preparation phase

C.

Differential phase

D.

Eradication phase

Question 27

Which of the following features of the Cisco MDS 9000 SAN Extension over IP Package help in implementing efficient FCIP-based business-continuity and disaster-recovery solutions?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

FCIP write acceleration

B.

IVR

C.

FCIP compression

D.

SAN extension tuner

Question 28

Which of the following defines the communication link between a Web server and Web applications?

Options:

A.

IETF

B.

Firewall

C.

PGP

D.

CGI

Question 29

Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?

Options:

A.

Trusted computer system

B.

Security perimeter

C.

Abstraction

D.

Trusted path

Question 30

In which of the following prototyping, a prototype of a system is built and then evolves into the final system?

Options:

A.

Project prototyping

B.

Evolutionary prototyping

C.

Throw-away prototyping

D.

Incremental prototyping

Question 31

Which of the following activities includes initiation, development and acquisition, implementation and installation, operational maintenance, and disposal?

Options:

A.

Risk Management Framework

B.

Risk Management Life Cycle

C.

Capability Maturity Model (CMM)

D.

System Development Life Cycle (SDLC)

Question 32

Which of the following processes helps the business units to understand the impact of a disruptive event?

Options:

A.

Business impact assessment

B.

Business continuity plan development

C.

Scope and plan initiation

D.

Plan approval and implementation

Question 33

Which of the following security procedures is related to the SDLC's implementation?

Options:

A.

Risk assessment

B.

Security accreditation

C.

Media sanitation

D.

Information preservation

Question 34

Which of the following SSE-CMM security engineering Process Areas (PA) specifies the security needs?

Options:

A.

PA09

B.

PA07

C.

PA06

D.

PA10

Question 35

Which of the following SSE-CMM security engineering Process Areas (PA) provides the security input?

Options:

A.

PA06

B.

PA09

C.

PA07

D.

PA08

Question 36

Which of the following parts of BS 7799 covers risk analysis and management?

Options:

A.

Part 4

B.

Part 1

C.

Part 2

D.

Part 3

Question 37

Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following?

Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

To verify configuration records and correct any exceptions

B.

To account for all IT assets

C.

To provide precise information support to other ITIL disciplines

D.

To provide a solid base only for Incident and Problem Management

Question 38

Availability Management deals with the day-to-day availability of services. Which of the following takes over when a 'disaster' situation occurs?

Options:

A.

Capacity Management

B.

Service Level Management

C.

Service Continuity Management

D.

Service Reporting

Question 39

Which of the following sources is the best for developing Recovery Time Objectives (RTO)?

Options:

A.

Tape restore data

B.

Past recovery test results

C.

Industry averages

D.

Business impact analysis

Question 40

Which of the following strategies is used to minimize the effects of a disruptive event on a company, and is created to prevent interruptions to normal business activity?

Options:

A.

Continuity of Operations Plan

B.

Disaster Recovery Plan

C.

Business Continuity Plan

D.

Contingency Plan

Question 41

Which of the following response teams aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large?

Options:

A.

CERT

B.

CSIRT

C.

FedCIRC

D.

FIRST

Question 42

Which of the following authorizes and documents all the changes in the IT Infrastructure and its components (Configuration Items) in order to maintain a minimum amount of interruptive effects upon the running operation?

Options:

A.

The IT Security Manager

B.

The Configuration Manager

C.

The Change Manager

D.

The Service Level Manager

Question 43

Which of the following documents is necessary to continue the business in the event of disaster or emergency?

Options:

A.

Vital record

B.

Recourse record

C.

Legal value

D.

Fiscal value

Page: 1 / 29
Total 290 questions