New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium ECCouncil 312-76 Dumps Questions Answers

Page: 1 / 11
Total 290 questions

Disaster Recovery Professional Practice Test Questions and Answers

Question 1

Which of the following security procedures is related to the SDLC's implementation?

Options:

A.

Risk assessment

B.

Media sanitation

C.

Security accreditation

D.

Information preservation

Buy Now
Question 2

Which of the following statements about disaster recovery plan documentation are true? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

The documentation regarding a disaster recovery plan should be stored in backup tapes.

B.

The disaster recovery plan documentation should be stored offsite only.

C.

The documentation regarding a disaster recovery plan should be stored in floppy disks.

D.

The disaster recovery plan documentation should be stored onsite only.

Question 3

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Business continuity management

B.

Information security policy for the organization

C.

Personnel security

D.

System architecture management

E.

System development and maintenance

Question 4

Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?

Options:

A.

Disaster Recovery Plan

B.

Continuity Of Operations Plan

C.

Business Continuity Plan

D.

Contingency Plan

Question 5

Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?

Options:

A.

Trusted computer system

B.

Security perimeter

C.

Abstraction

D.

Trusted path

Question 6

Which of the following governance bodies provides management, operational, and technical controls to satisfy the security requirements?

Options:

A.

Chief Information Security Officer

B.

Senior Management

C.

Business Unit Manager

D.

Information Security Steering Committee

Question 7

Which of the following processes helps the business units to understand the impact of a disruptive event?

Options:

A.

Business impact assessment

B.

Business continuity plan development

C.

Scope and plan initiation

D.

Plan approval and implementation

Question 8

Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

Options:

A.

Business Continuity Strategy

B.

Index of Disaster-Relevant Information

C.

Disaster Invocation Guideline

D.

Availability/ ITSCM/ Security Testing Schedule

Question 9

Which of the following classification schemes is considered to be of a personal nature and is

intended for company use only?

Options:

A.

Sensitive information

B.

Private information

C.

Public information

D.

Confidential information

Question 10

Which of the following provides a means of predicting the outcome of the next software project conducted by an organization?

Options:

A.

Software process capability

B.

Software process maturity

C.

Software process performance

D.

Software security engineering

Question 11

Which of the following BCP teams deals with the key decision making and guides recovery teams and business personnel?

Options:

A.

Off-site storage team

B.

Emergency management team

C.

Damage assessment team

D.

Emergency action team

Question 12

Which of the following processes involves reducing the risk until it reaches a level acceptable to an organization?

Options:

A.

Risk Mitigation

B.

Risk Transference

C.

Risk Avoidance

D.

Risk Acceptance

Question 13

Which of the following plans provides procedures for disseminating status reports to personnel and the public?

Options:

A.

Disaster Recovery Plan (DRP)

B.

Crisis Communication Plan (CCP)

C.

Emergency Response Plan (ERP)

D.

Cyber Incident Response Plan (CIRP)

Question 14

Which of the following processes involves taking measures to alter or improve the risk position of an asset throughout the company?

Options:

A.

Risk transference

B.

Risk avoidance

C.

Risk reduction

D.

Risk acceptance

Question 15

Which of the following sub-processes of IT Service Continuity Management is used to make sure that all members of IT staff with responsibilities for fighting disasters are aware of their exactduties?

Options:

A.

ITSCM Training and Testing

B.

ITSCM Support

C.

ITSCM Review

D.

Design Services for Continuity

Question 16

Which of the following are some of the parts of a project plan?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Risk identification

B.

Team members list

C.

Risk analysis

D.

Project schedule

Question 17

Which of the following systems commonly resides on a discrete network segment and monitors the traffic on that network segment?

Options:

A.

Host-Based ID system

B.

Statistical Anomaly-Based ID system

C.

Signature-Based ID system

D.

Network-Based ID system

Question 18

Which of the following roles is responsible for the review and risk analysis of all the contracts on regular basis?

Options:

A.

The IT Service Continuity Manager

B.

The Configuration Manager

C.

The Supplier Manager

D.

The Service Catalogue Manager

Question 19

Which of the following cryptographic system services assures the receiver that the received message has not been altered?

Options:

A.

Authentication

B.

Non-repudiation

C.

Confidentiality

D.

Integrity

Question 20

Which of the following command line tools are available in Helix Live acquisition tool on Windows?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

netstat

B.

whois

C.

cab extractors

D.

ipconfig

Question 21

Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denial-of-service attacks, or unauthorized changes to system hardware, software, or data?

Options:

A.

Cyber Incident Response Plan

B.

Crisis Communication Plan

C.

Occupant Emergency Plan

D.

Disaster Recovery Plan

Question 22

Which of the following statements are true about classless routing protocols?

Each correct answer represents a complete solution. Choose two.

Options:

A.

The same subnet mask is used everywhere on the network.

B.

They extend the IP addressing scheme.

C.

IGRP is a classless routing protocol.

D.

They support VLSM and discontiguous networks.

Question 23

Which of the following tests ensures that the organization complies with the requirements of the disaster recovery plan?

Options:

A.

Parallel test

B.

Checklist test

C.

Simulation test

D.

Full-interruption test

Question 24

Which of the following systems commonly resides on a discrete network segment and monitors the traffic on that network segment?

Options:

A.

Host-Based ID system

B.

Signature-Based ID system

C.

Statistical Anomaly-Based ID system

D.

Network-Based ID system

Question 25

Which of the following backup sites is the best way for rapid recovery if you do not need the full recovery temporarily?

Options:

A.

Hot backup site

B.

Cold backup site

C.

Mobile backup site

D.

Warm backup site

Question 26

You are the project manager for a construction project. The project involves casting of a column in a very narrow space. Because of the lack of space, casting is highly dangerous. High technical skill will be required for casting that column. You decide to hire a local expert team for casting that column. Which of the following types of risk response are you following?

Options:

A.

Transference

B.

Mitigation

C.

Avoidance

D.

Acceptance

Question 27

Which of the following best describes the identification, analysis, and ranking of risks?

Options:

A.

Fixed-price contract

B.

Design of experiments

C.

Fast tracking

D.

Plan Risk management

Question 28

Which of the following refers to the ability to ensure that the data is not modified or tampered with?

Options:

A.

Integrity

B.

Confidentiality

C.

Availability

D.

Non-repudiation

Question 29

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Options:

A.

Emergency action team

B.

Damage assessment team

C.

Off-site storage team

D.

Emergency management team

Question 30

Which of the following phases is the first step towards creating a business continuity plan?

Options:

A.

Business Impact Assessment

B.

Plan Approval and Implementation

C.

Business Continuity Plan Development

D.

Scope and Plan Initiation

Question 31

Which of the following documents is necessary to continue the business in the event of disaster or emergency?

Options:

A.

Vital record

B.

Recourse record

C.

Legal value

D.

Fiscal value

Question 32

Which of the following SSE-CMM security engineering Process Areas (PA) specifies the security needs?

Options:

A.

PA09

B.

PA07

C.

PA06

D.

PA10

Question 33

Which of the following options is an intellectual property right to protect inventions?

Options:

A.

Snooping

B.

Patent

C.

Copyright

D.

Utility model

Question 34

Which of the following BCP teams handles financial arrangement, public relations, and media inquiries in the time of disaster recovery?

Options:

A.

Software team

B.

Off-site storage team

C.

Emergency-management team

D.

Applications team

Question 35

Which of the following sources is the best for developing Recovery Time Objectives (RTO)?

Options:

A.

Tape restore data

B.

Past recovery test results

C.

Industry averages

D.

Business impact analysis

Question 36

Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?

Options:

A.

Trusted computer system

B.

Security perimeter

C.

Abstraction

D.

Trusted path

Question 37

Which of the following options is an activity of observing the content that appears on a computer monitor or watching what a user is typing?

Options:

A.

Utility model

B.

Patent

C.

Snooping

D.

Copyright

Question 38

Which of the following statements are true about classless routing protocols?

Each correct answer represents a complete solution. Choose two.

Options:

A.

They support VLSM and discontiguous networks.

B.

The same subnet mask is used everywhere on the network.

C.

They extend the IP addressing scheme.

D.

IGRP is a classless routing protocol.

Question 39

Availability Management deals with the day-to-day availability of services. Which of the following takes over when a 'disaster' situation occurs?

Options:

A.

Capacity Management

B.

Service Level Management

C.

Service Continuity Management

D.

Service Reporting

Question 40

Which of the following modes of operation supports users with different clearances and data at various classification levels?

Options:

A.

Dedicated

B.

Limited Access

C.

Compartmented

D.

Multilevel mode

Question 41

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

Options:

A.

Containment

B.

Preparation

C.

Identification

D.

Eradication

Question 42

Which of the following should the administrator ensure during the test of a disaster recovery plan?

Options:

A.

Ensure that each member of the disaster recovery team is aware of their responsibility.

B.

Ensure that all the servers in the organization are shut down.

C.

Ensure that the plan works properly

D.

Ensure that all client computers in the organization are shut down.

Question 43

Which of the following processes is NOT included in the risk mitigation?

Options:

A.

Risk planning

B.

Risk limitation

C.

Risk identi?cation

D.

Risk assumption

Page: 1 / 11
Total 290 questions