Pre-Winter Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

312-76 Sample Questions Answers

Questions 4

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

Options:

A.

RAID-0

B.

RAID-1

C.

RAID-5

D.

RAID-10

Buy Now
Questions 5

Which of the following command line tools are available in Helix Live acquisition tool on Windows?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

netstat

B.

whois

C.

cab extractors

D.

ipconfig

Buy Now
Questions 6

Which of the following TCB components is a hardware, firmware, and software element that

implements the reference monitor concept?

Options:

A.

Security perimeter

B.

Security Kernel

C.

Trusted computer system

D.

Trusted path

Buy Now
Questions 7

Which of the following cryptographic system services ensures that the information will not be disclosed to any unauthorized person on a local network?

Options:

A.

Non-repudiation

B.

Confidentiality

C.

Integrity

D.

Authentication

Buy Now
Questions 8

Which of the following statements is related to residual risks?

Options:

A.

It is the probabilistic risk before implementing all security measures.

B.

It can be considered as an indicator of threats coupled with vulnerability.

C.

It is a weakness or lack of safeguard that can be exploited by a threat.

D.

It is the probabilistic risk after implementing all security measures.

Buy Now
Questions 9

Fill in the blank with the appropriate phrase.

____________ privilege escalation is the process of attempting to access sources with a higher access, such as a user account trying to access admin privileges.

Options:

A.

Vertical

Buy Now
Questions 10

Which of the following documents is necessary to continue the business in the event of disaster or emergency?

Options:

A.

Legal value

B.

Recourse record

C.

Fiscal value

D.

Vital record

Buy Now
Questions 11

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

Options:

A.

Quantitative analysis

B.

Estimate activity duration

C.

Risk identification

D.

Qualitative analysis

Buy Now
Questions 12

Which of the following terms describes the determination of the effect of changes to the

information system on the security of the information system?

Options:

A.

Verification

B.

Authentication

C.

Impact analysis

D.

Validation analysis

Buy Now
Questions 13

Which of the following plans provides procedures for recovering business operations immediately following a disaster?

Options:

A.

Business recovery plan

B.

Continuity of operation plan

C.

Disaster recovery plan

D.

Business continuity plan

Buy Now
Questions 14

Which of the following procedures is to reduce the risk to personnel, property, and other assets while minimizing work disorders in the event of an emergency?

Options:

A.

Occupant Emergency Plan

B.

Disaster Recovery Plan

C.

Cyber Incident Response Plan

D.

Crisis Communication Plan

Buy Now
Questions 15

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

Options:

A.

Snooping

B.

Patent

C.

Utility model

D.

Copyright

Buy Now
Questions 16

Which of the following cryptographic system services ensures that the information will not be disclosed to any unauthorized person on a local network?

Options:

A.

Non-repudiation

B.

Confidentiality

C.

Authentication

D.

Integrity

Buy Now
Questions 17

A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the following are the parts of a project plan?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Risk identification

B.

Project schedule

C.

Risk analysis

D.

Team members list

E.

Security Threat

Buy Now
Questions 18

Which of the following Tier 1 policies will identify who is responsible for what?

Options:

A.

Scope

B.

Responsibilities

C.

Compliance or Consequences

D.

Topic

Buy Now
Questions 19

Which of the following is the simulation of the disaster recovery plans?

Options:

A.

Walk-through test

B.

Full operational test

C.

Paper test

D.

Preparedness test

Buy Now
Questions 20

Which of the following processes involves taking measures to alter or improve the risk position of an asset throughout the company?

Options:

A.

Risk transference

B.

Risk avoidance

C.

Risk reduction

D.

Risk acceptance

Buy Now
Questions 21

Software Development Life Cycle (SDLC) is a logical process used by the programmers to develop software. Which SDLC phase meets the following audit objectives? l System and data are validated. l System meets all user requirements.

l System meets all control requirements.

Options:

A.

Definition

B.

Initiation

C.

Programming and training

D.

Evaluation and acceptance

Buy Now
Questions 22

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Options:

A.

Emergency action team

B.

Emergency-management team

C.

Damage-assessment team

D.

Off-site storage team

Buy Now
Questions 23

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Business continuity management

B.

Information security policy for the organization

C.

Personnel security

D.

System architecture management

E.

System development and maintenance

Buy Now
Questions 24

Which of the following parts of BS 7799 covers risk analysis and management?

Options:

A.

Part 2

B.

Part 4

C.

Part 1

D.

Part 3

Buy Now
Questions 25

Which of the following BCP teams assesses the damage of the disaster in order to provide the estimate of the time required to recover?

Options:

A.

Emergency action team

B.

Off-site storage team

C.

Emergency management team

D.

Damage assessment team

Buy Now
Questions 26

Which of the following sources is the best for developing Recovery Time Objectives (RTO)?

Options:

A.

Industry averages

B.

Tape restore data

C.

Business impact analysis

D.

Past recovery test results

Buy Now
Questions 27

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

Options:

A.

Qualitative analysis

B.

Estimate activity duration

C.

Quantitative analysis

D.

Risk identification

Buy Now
Questions 28

Which of the following steps has the goal to reduce the level of risk to the IT system and its data to an acceptable level?

Options:

A.

Recommended Controls

B.

Results Documentation

C.

Impact Analysis

D.

Risk Determination

Buy Now
Questions 29

Which of the following terms best describes the presence of any potential event that causes an undesirable impact on the organization?

Options:

A.

Threat

B.

Risk

C.

Vulnerability

D.

Asset

Buy Now
Questions 30

Which of the following statements about disaster recovery plan documentation are true?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

The documentation regarding a disaster recovery plan should be stored in backup tapes.

B.

The documentation regarding a disaster recovery plan should be stored in floppy disks.

C.

The disaster recovery plan documentation should be stored onsite only.

D.

The disaster recovery plan documentation should be stored offsite only.

Buy Now
Questions 31

Which of the following statements about a certification authority (CA) is true?

Options:

A.

It is a business-to-consumer (B2C) commerce model that is used for high-volume transacti ons.

B.

It is a non-profit organization that sets security standards for e-commerce.

C.

It issues physical certificates that confirm the identity of entities.

D.

It is a trusted third-party organization that issues digital certificates to create digital signatures and public key pairs.

Buy Now
Questions 32

Which of the following are common applications that help in replicating and protecting critical information at the time of disaster?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Asynchronous replication

B.

Synchronous replication

C.

Tape backup

D.

Disk mirroring

Buy Now
Questions 33

Which of the following documents provides a high-level view of the entire organization's disaster recovery efforts?

Options:

A.

Technical guides

B.

Executive summary

C.

Checklists

D.

Department-specific plans

Buy Now
Questions 34

In which of the following scenarios is database backup transferred to a remote site in a bulk

transfer fashion?

Options:

A.

Remote journaling

B.

Emergency response

C.

Remote mirroring

D.

Electronic vaulting

Buy Now
Questions 35

Which of the following security procedures is related to the SDLC's implementation?

Options:

A.

Risk assessment

B.

Media sanitation

C.

Security accreditation

D.

Information preservation

Buy Now
Questions 36

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

Options:

A.

RTA

B.

RPO

C.

RCO

D.

RTO

Buy Now
Questions 37

You work as a senior project manager in SoftTech Inc. You are working on a software project using configuration management. Through configuration management, you are decomposing the verification system into identifiable, understandable, manageable, traceable units that are known as Configuration Items (CIs). According to you, which of the following processes is known as the decomposition process of a verification system into Configuration Items?

Options:

A.

Configuration auditing

B.

Configuration identification

C.

Configuration status accounting

D.

Configuration control

Buy Now
Questions 38

Which of the following authorizes and documents all the changes in the IT Infrastructure and its components (Configuration Items) in order to maintain a minimum amount of interruptive effects upon the running operation?

Options:

A.

The IT Security Manager

B.

The Configuration Manager

C.

The Change Manager

D.

The Service Level Manager

Buy Now
Questions 39

Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

Options:

A.

Identification phase

B.

Preparation phase

C.

Differential phase

D.

Eradication phase

Buy Now
Questions 40

Which of the following sources is the best for developing Recovery Time Objectives (RTO)?

Options:

A.

Tape restore data

B.

Past recovery test results

C.

Industry averages

D.

Business impact analysis

Buy Now
Questions 41

Which of the following global (Tier 1) policies de?nes what speci?cally the policy is going to

address?

Options:

A.

Responsibilities

B.

Scope

C.

Compliance or Consequences

D.

Topic

Buy Now
Questions 42

Mark is the project manager of the HAR Project. The project is scheduled to last for eighteen months and six months already passed. Management asks Mark that how often the project team is participating in the risk reassessment of this project. What should Mark tell management if he is following the best practices for risk management?

Options:

A.

At every status meeting of the project team, project risk management is an agenda item.

B.

Project risk management happens at every milestone.

C.

Project risk management has been concluded with the project planning.

D.

Project risk management is scheduled for every month in the 18-month project.

Buy Now
Questions 43

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

Options:

A.

Containment

B.

Preparation

C.

Identification

D.

Eradication

Buy Now
Questions 44

Which of the following systems monitors the operating system detecting inappropriate activity, writing to log files, and triggering alarms?

Options:

A.

Host-based ID system

B.

Behavior-based ID system

C.

Network-based ID system

D.

Signature-Based ID system

Buy Now
Questions 45

Which of the following types of attacks occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts?

Options:

A.

Password guessing attack

B.

Dictionary attack

C.

Man-in-the-middle attack

D.

Denial-of-service attack

Buy Now
Questions 46

Fill the measurement of SFX form factor style power supply in the blank space.

The SFX form factor style power supply is ___________mm wide, mm deep, and mm in height.

Options:

A.

100

Buy Now
Questions 47

You are responsible for network and information security at a large hospital. It is a significant concern that any change to any patient record can be easily traced back to the person who made that change. What is this called?

Options:

A.

Non repudiation

B.

Data Protection

C.

Availability

D.

Confidentiality

Buy Now
Questions 48

Drag and drop the appropriate team names in front of their respective responsibilities.

Options:

A.

Buy Now
Questions 49

Which of the following types of agreement can be a legally binding formal or informal "contract"?

Options:

A.

Non-disclosure agreement

B.

Consulting agreement

C.

Cooperative agreement

D.

Service level agreement

Buy Now
Questions 50

Which of the following SSE-CMM security engineering Process Areas (PA) specifies the security needs?

Options:

A.

PA10

B.

PA06

C.

PA09

D.

PA07

Buy Now
Questions 51

Which of the following documents helps disaster recovery team members in getting the alternate sites up and running?

Options:

A.

Technical guide

B.

Executive summary

C.

Department-specific plan

D.

Checklist

Buy Now
Questions 52

Software Development Life Cycle (SDLC) is a logical process used by the programmers to develop software. Which SDLC phase meets the following audit objectives?

System and data are validated.

System meets all user requirements.

System meets all control requirements.

Options:

A.

Definition

B.

Evaluation and acceptance

C.

Initiation

D.

Programming and training

Buy Now
Questions 53

Which of the following governance bodies provides management, operational, and technical controls to satisfy the security requirements?

Options:

A.

Chief Information Security Officer

B.

Senior Management

C.

Business Unit Manager

D.

Information Security Steering Committee

Buy Now
Questions 54

Which of the following actions can be performed by using the principle of separation of duties?

Options:

A.

Developing job descriptions

B.

Identifying critical positions

C.

Conducting background investigation

D.

Reducing the opportunity for fraud

Buy Now
Questions 55

You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

Options:

A.

Snow

B.

ImageHide

C.

Blindside

D.

Stealth

Buy Now
Questions 56

Which of the following measurements of a disaster recovery plan are aimed at detecting unwanted events?

Options:

A.

Preventive measures

B.

Detective measures

C.

Supportive measures

D.

Corrective measures

Buy Now
Questions 57

Which of the following is a category of an automated Incident detection process?

Options:

A.

Catastrophe Theory

B.

Input detection

C.

Control theory

D.

OODA looping

Buy Now
Questions 58

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

Options:

A.

RTA

B.

RPO

C.

RCO

D.

RTO

Buy Now
Questions 59

Which of the following cryptographic system services proves a user's identity?

Options:

A.

Confidentiality

B.

Non-repudiation

C.

Integrity

D.

Authentication

Buy Now
Questions 60

Which of the following measurements of a disaster recovery plan are aimed at detecting unwanted events?

Options:

A.

Detective measures

B.

Corrective measures

C.

Supportive measures

D.

Preventive measures

Buy Now
Questions 61

Which of the following types of control gives an instance of the audit log?

Options:

A.

Preventive

B.

Detection

C.

Containment

D.

Recovery

Buy Now
Questions 62

Which of the following events occurs in a system when there is a TCB failure and the recovery

procedures cannot return the system to a secure state?

Options:

A.

Fault tolerance

B.

Cold start

C.

Fail-over

D.

Fail-soft

Buy Now
Questions 63

Which of the following processes measures the maturity level of the security program?

Options:

A.

Risk analysis

B.

GAP analysis

C.

Risk assessment

D.

Risk mitigation

Buy Now
Questions 64

Which of the following actions can be performed by using the principle of separation of duties?

Options:

A.

Developing job descriptions

B.

Identifying critical positions

C.

Conducting background investigation

D.

Reducing the opportunity for fraud

Buy Now
Questions 65

You work as a senior project manager in SoftTech Inc. You are working on a software project using configuration management. Through configuration management, you are decomposing the verification system into identifiable, understandable, manageable, traceable units that are known as Configuration Items (CIs). According to you, which of the following processes is known as the

decomposition process of a verification system into Configuration Items?

Options:

A.

Configuration status accounting

B.

Configuration identification

C.

Configuration auditing

D.

Configuration control

Buy Now
Questions 66

Which of the following values must ensure that the Maximum Tolerable Period of Disruption

(MTPD) for each activity is not exceeded?

Options:

A.

Recovery Plan Objective

B.

Recovery Point Objective

C.

Recovery Time Objective

D.

Recovery Impact Objective

Buy Now
Questions 67

Which of the following acts of information security governance affects the financial institutions?

Options:

A.

Sarbanes-Oxley Act of 2002

B.

Health Insurance Privacy and Accountability Act (HIPAA)

C.

California Database Security Breach Information Act

D.

Gramm-Leach-Bliley Act of 1999

Buy Now
Questions 68

Which of the following plans provides procedures for recovering business operations immediately following a disaster?

Options:

A.

Business recovery plan

B.

Continuity of operation plan

C.

Business continuity plan

D.

Disaster recovery plan

Buy Now
Questions 69

Fill the appropriate power supply form factor in the blank space.

_________form factor is similar to LPX form factor in physical dimensions.

Options:

A.

ATX

Buy Now
Questions 70

Which of the following measurements of a disaster recovery plan are aimed at avoiding an event from occurring?

Options:

A.

Corrective measures

B.

Detective measures

C.

Preventive measures

D.

Supportive measures

Buy Now
Questions 71

Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?

Options:

A.

Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps

B.

Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system

C.

Volatile data, file slack, registry, memory dumps, file system, system state backup, internet traces

D.

Volatile data, file slack, file system, registry, memory dumps, system state backup, internet traces

Buy Now
Questions 72

Which of the following tools in Helix Windows Live is used to reveal the database password of password protected MDB files created using Microsoft Access or with Jet Database Engine?

Options:

A.

Asterisk logger

B.

FAU

C.

Access Pass View

D.

Galleta

Buy Now
Questions 73

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Options:

A.

Emergency management team

B.

Damage assessment team

C.

Off-site storage team

D.

Emergency action team

Buy Now
Questions 74

Which of the following phases involves getting the final senior management signoff and creating enterprise-wide awareness of the plan?

Options:

A.

Business Impact Assessment

B.

Business Continuity Plan Development

C.

Plan Approval and Implementation

D.

Scope and Plan Initiation

Buy Now
Questions 75

Which of the following systems helps to detect the "abuse of privileges" attack that does not

actually involve exploiting any security vulnerability?

Options:

A.

Signature-Based ID system

B.

Network-Based ID system

C.

Statistical Anomaly-Based ID system

D.

Host-Based ID system

Buy Now
Questions 76

Which of the following systems monitors the operating system detecting inappropriate activity, writing to log files, and triggering alarms?

Options:

A.

Host-based ID system

B.

Behavior-based ID system

C.

Network-based ID system

D.

Signature-Based ID system

Buy Now
Questions 77

Which of the following phases is the first step towards creating a business continuity plan?

Options:

A.

Business Impact Assessment

B.

Plan Approval and Implementation

C.

Business Continuity Plan Development

D.

Scope and Plan Initiation

Buy Now
Questions 78

Which of the following statements are true about an APW (Air Pressurized Water) extinguisher?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It is a golden color extinguisher that is filled with about 9.5 gallons (approx. 39 liters) of ordinary tap water.

B.

It uses water and pressure to stifle the heat of fire.

C.

It is also known as a class C fire extinguisher.

D.

It should never be used on grease fires, electrical fires, or class D fires.

Buy Now
Questions 79

You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?

Options:

A.

Risk audits

B.

Qualitative risk analysis

C.

Quantitative risk analysis

D.

Requested changes

Buy Now
Questions 80

You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

Options:

A.

Eradication

B.

Identification

C.

Containment

D.

Recovery

Buy Now
Questions 81

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Options:

A.

Emergency action team

B.

Emergency-management team

C.

Damage-assessment team

D.

Off-site storage team

Buy Now
Questions 82

Which of the following are some of the parts of a project plan?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Risk identification

B.

Project schedule

C.

Risk analysis

D.

Team members list

Buy Now
Questions 83

Which of the following types of storage requires some direct human action in order to make

access to the storage media physically possible?

Options:

A.

Near-line

B.

Off-line

C.

On-line

D.

Far-line

Buy Now
Questions 84

You are the project manager for a construction project. The project involves casting of a column in a very narrow space. Because of the lack of space, casting is highly dangerous. High technical skill will be required for casting that column. You decide to hire a local expert team for casting that column. Which of the following types of risk response are you following?

Options:

A.

Transference

B.

Mitigation

C.

Avoidance

D.

Acceptance

Buy Now
Questions 85

Della works as a security manager for SoftTech Inc. She is training some of the newly recruited personnel in the field of security management. She is giving a tutorial on DRP. She explains that the major goal of a disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and asks for the other objectives of the DRP. If you are among some of the newly recruited personnel in SoftTech Inc, what will be your answer for her question?

Each correct answer represents a part of the solution. Choose three.

Options:

A.

Maximize the decision-making required by personnel during a disaster.

B.

Guarantee the reliability of standby systems through testing and simulation.

C.

Protect an organization from major computer services failure.

D.

Minimize the risk to the organization from delays in providing services.

Buy Now
Questions 86

Which of the following Tier 1 policies will identify who is responsible for what?

Options:

A.

Responsibilities

B.

Compliance or Consequences

C.

Scope

D.

Topic

Buy Now
Questions 87

Which of the following processes measures the maturity level of the security program?

Options:

A.

Risk analysis

B.

GAP analysis

C.

Risk assessment

D.

Risk mitigation

Buy Now
Exam Code: 312-76
Exam Name: Disaster Recovery Professional Practice Test
Last Update: Oct 7, 2024
Questions: 290
$64  $159.99
$48  $119.99
$40  $99.99
buy now 312-76