Last Updated on July 18, 2021 by Admin 1

312-76 : EC-Council Disaster Recovery Professional : Part 04

  1. The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

    • Setting up the initial position after an incident
    • Organizing a solution to remove an incident
    • Working with QA to validate security of the enterprise
    • Building up an incident response kit
  2. Which methodology is a method to analyze the involved tasks in completing a given project, especially the time needed to complete each task, and identifying the minimum time needed to complete the total project?

    • CPM
    • Gantt
    • PERT
    • FP
  3. Which of the following RAID levels provides fault tolerance?

    • RAID-5
    • RAID-1
    • RAID-10
    • RAID-0
  4. You are the project manager for a construction project. The project involves casting of a column in a very narrow space. Because of the lack of space, casting is highly dangerous. High technical skill will be required for casting that column. You decide to hire a local expert team for casting that column. Which of the following types of risk response are you following?

    • Transference
    • Mitigation
    • Avoidance
    • Acceptance
  5. Which of the following options is an activity of observing the content that appears on a computer monitor or watching what a user is typing?

    • Utility model
    • Copyright
    • Snooping
    • Patent
  6. Which of the following strategies is used to minimize the effects of a disruptive event on a company, and is created to prevent interruptions to normal business activity?

    • Disaster Recovery Plan
    • Business Continuity Plan
    • Contingency Plan
    • Continuity of Operations Plan
  7. Which of the following elements of BCP process includes the areas of plan implementation, plan testing, and ongoing plan maintenance, and also involves defining and documenting the continuity strategy?

    • Business impact assessment
    • Scope and plan initiation
    • Plan approval and implementation
    • Business continuity plan development
  8. Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect’s computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime. Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?

    • MessenPass
    • Mail Pass View
    • Asterisk Logger
    • Access PassView
  9. Which of the following should the administrator ensure during the test of a disaster recovery plan?

    • Ensure that all client computers in the organization are shut down.
    • Ensure that each member of the disaster recovery team is aware of their responsibility.
    • Ensure that the plan works properly
    • Ensure that all the servers in the organization are shut down.
  10. Which of the following governance bodies provides management, operational, and technical controls to satisfy the security requirements?

    • Chief Information Security Officer
    • Senior Management
    • Business Unit Manager
    • Information Security Steering Committee
  11. Against which of the following does SSH provide protection?

    Each correct answer represents a complete solution. Choose two.

    • Broadcast storm
    • Password sniffing
    • DoS attack
    • IP spoofing
  12. A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following are the parts of a project plan?

    Each correct answer represents a complete solution. Choose all that apply.

    • Risk identification
    • Project schedule
    • Risk analysis
    • Team members list
    • Security Threat
  13. Which of the following statements is related to residual risks?

    • It is the probabilistic risk before implementing all security measures.
    • It is the probabilistic risk after implementing all security measures.
    • It can be considered as an indicator of threats coupled with vulnerability.
    • It is a weakness or lack of safeguard that can be exploited by a threat.
  14. You work as a project manager for BlueWell Inc. You are working with your team members on the risk responses in the project. Which risk response will likely cause a project to use the procurement processes?

    • Mitigation
    • Sharing
    • Exploiting
    • Acceptance
  15. You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

    • Snow
    • ImageHide
    • Blindside
    • Stealth
  16. SIMULATION

    Fill in the blank:

    A ______ plan is a plan devised for a specific situation when things could go wrong.

    • contingency
  17. Software Development Life Cycle (SDLC) is a logical process used by the programmers to develop software. Which SDLC phase meets the following audit objectives?

    System and data are validated.
    System meets all user requirements.
    System meets all control requirements.

    • Definition
    • Evaluation and acceptance
    • Initiation
    • Programming and training
  18. Mark works as a Network Administrator for NetTech Inc. Mark is testing the disaster recovery plan of the company. During the testing of the recovery plan, he finds that some servers have been restored with another server’s data. What will Mark do to improve the disaster recovery plan?

    • Maintain a hard copy of the data stored on the server.
    • Remember which tape drive stores which server’s data.
    • Implement the cluster server.
    • Maintain a printed tape backup report.
  19. John, a novice web user, makes a new e-mail account and keeps his password as “apple”, his favorite fruit. John’s password is vulnerable to which of the following password cracking attacks?

    Each correct answer represents a complete solution. Choose all that apply.

    • Brute Force attack
    • Dictionary attack
    • Rule based attack
    • Hybrid attack
  20. Which of the following backup sites is a replica of the original site of an organization with full computer systems as well as near-complete backups of user data?

    • Hot backup site
    • Warm backup site
    • Mobile backup site
    • Cold backup site