Last Updated on July 18, 2021 by InfraExam

312-76 : EC-Council Disaster Recovery Professional : Part 07

  1. Which of the following modes of operation supports users with different clearances and data at various classification levels?

    • Dedicated
    • Limited Access
    • Compartmented
    • Multilevel mode
  2. Which of the following processes acts as a control measure that provides some amount of protection to the assets?

    • Risk
    • Countermeasure
    • Vulnerability
    • Safeguard
  3. In which of the following prototyping, a version of the system is built to check the requirements and is then discarded?

    • Evolutionary prototyping
    • Incremental prototyping
    • Project prototyping
    • Throw-away prototyping
  4. In which of the following prototyping, a prototype of a system is built and then evolves into the final system?

    • Project prototyping
    • Evolutionary prototyping
    • Throw-away prototyping
    • Incremental prototyping
  5. Which of the following terms best describes the presence of any potential event that causes an undesirable impact on the organization?

    • Threat
    • Risk
    • Vulnerability
    • Asset
  6. Which of the following DRP tests is plan distributed, and reviewed by the business units for its thoroughness and effectiveness?

    • Functional drill
    • Parallel test
    • Walk-through drill
    • Checklist review
  7. Which of the following SSE-CMM security engineering Process Areas (PA) specifies the security needs?

    • PA09
    • PA07
    • PA06
    • PA10
  8. Which of the following provides a means of predicting the outcome of the next software project conducted by an organization?

    • Software process capability
    • Software process maturity
    • Software process performance
    • Software security engineering
  9. Which of the following SSE-CMM security engineering Process Areas (PA) provides the security input?

    • PA06
    • PA09
    • PA07
    • PA08
  10. Which of the following terms describes the determination of the effect of changes to the information system on the security of the information system?

    • Verification
    • Authentication
    • Impact analysis
    • Validation analysis
  11. Which of the following processes helps the organization to identify appropriate controls for reducing or eliminating risk during the risk mitigation process?

    • Risk Assessment
    • Risk Acceptance
    • Risk Transference
    • Risk Identification
  12. Which of the following components in a TCB acts as the boundary that separates the TCB from the remainder of the system?

    • Abstraction
    • Trusted path
    • Trusted computer system
    • Security perimeter
  13. Which of the following TCB components is a hardware, firmware, and software element that implements the reference monitor concept?

    • Security perimeter
    • Security Kernel
    • Trusted computer system
    • Trusted path
  14. Which of the following terms describes the annually expected financial loss to an organization from a threat?

    • Annualized Loss Expectancy (ALE)
    • Annualized Rate of Occurrence (ARO)
    • Exposure factor (EF)
    • Single Loss Expectancy (SLE)
  15. Which of the following processes is NOT included in the risk mitigation?

    • Risk planning
    • Risk limitation
    • Risk identi?cation
    • Risk assumption
  16. Which of the following processes is used by organizations to set the risk tolerance, identify the potential risks, and prioritize the tolerance for risk?

    • Risk communication
    • Risk identification
    • Risk management
    • Risk analysis
  17. Which of the following security procedures is related to the SDLC’s implementation?

    • Risk assessment
    • Media sanitation
    • Security accreditation
    • Information preservation
  18. Which of the following security procedures is NOT related to the SDLC’s disposition?

    • Media sanitation
    • Information preservation
    • Hardware and software disposal
    • Security certification
  19. Which of the following individuals considers risk management in IT planning, budgeting, and meeting system performance requirements?

    • System and information owner
    • Chief information officer
    • Functional manager
    • Senior manager
  20. Which of the following values must ensure that the Maximum Tolerable Period of Disruption (MTPD) for each activity is not exceeded?

    • Recovery Plan Objective
    • Recovery Point Objective
    • Recovery Time Objective
    • Recovery Impact Objective