Last Updated on July 18, 2021 by InfraExam

312-76 : EC-Council Disaster Recovery Professional : Part 09

  1. Which of the following types of controls focuses on stopping a security breach from taking place in the first place?

    • Detection
    • Containment
    • Preventive
    • Recovery
  2. Which of the following types of control gives an instance of the audit log?

    • Preventive
    • Detection
    • Containment
    • Recovery
  3. Which of the following systems monitors the operating system detecting inappropriate activity, writing to log files, and triggering alarms?

    • Behavior-based ID system
    • Network-based ID system
    • Signature-Based ID system
    • Host-based ID system
  4. Which of the following systems commonly resides on a discrete network segment and monitors the traffic on that network segment?

    • Host-Based ID system
    • Statistical Anomaly-Based ID system
    • Signature-Based ID system
    • Network-Based ID system
  5. Which of the following systems helps to detect the “abuse of privileges” attack that does not actually involve exploiting any security vulnerability?

    • Signature-Based ID system
    • Network-Based ID system
    • Statistical Anomaly-Based ID system
    • Host-Based ID system
  6. Which of the following sub-processes of IT Service Continuity Management is used to make sure that all members of IT staff with responsibilities for fighting disasters are aware of their exactduties?

    • ITSCM Training and Testing
    • ITSCM Support
    • ITSCM Review
    • Design Services for Continuity
  7. Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

    • Business Continuity Strategy
    • Index of Disaster-Relevant Information
    • Disaster Invocation Guideline
    • Availability/ ITSCM/ Security Testing Schedule

    Fill the measurement of SFX form factor style power supply in the blank space.

    The SFX form factor style power supply is ______ mm wide, ______ mm deep, and ______ mm in height.

    • 100,125,63.5
  9. Which of the following statements are true about security risks?

    Each correct answer represents a complete solution. Choose three.

    • They can be mitigated by reviewing and taking responsible actions based on possible risks.
    • They can be analyzed and measured by the risk analysis process.
    • They are considered an indicator of threats coupled with vulnerability.
    • They can be removed completely by taking proper actions.
  10. Which of the following processes involves reducing the risk until it reaches a level acceptable to an organization?

    • Risk Mitigation
    • Risk Transference
    • Risk Avoidance
    • Risk Acceptance
  11. Which of the following classification schemes is considered to be of a personal nature and is intended for company use only?

    • Sensitive information
    • Private information
    • Public information
    • Confidential information
  12. In which of the following DRP tests does a business unit management meet to review the plan?

    • Simulation test
    • Parallel test
    • Structured walk-through test
    • Full-interruption test
  13. In risk analysis, which of the following can be identified as a consequence of a disaster?

    • Loss of stockholder confidence
    • Loss of competitive edge
    • Loss of operating capability
    • Loss of goodwill
  14. Which of the following processes involves taking measures to alter or improve the risk position of an asset throughout the company?

    • Risk transference
    • Risk avoidance
    • Risk reduction
    • Risk acceptance
  15. Which of the following plans provides procedures for disseminating status reports to personnel and the public?

    • Disaster Recovery Plan (DRP)
    • Crisis Communication Plan (CCP)
    • Emergency Response Plan (ERP)
    • Cyber Incident Response Plan (CIRP)
  16. In which of the following managing styles does the manager supervise subordinates very closely and give detail directions?

    • The coaching style
    • The supporting style
    • The delegating style
    • The directing style
  17. Which of the following TCB techniques involves viewing system components at a high level and ignoring or segregating its specific details?

    • Trusted computer system
    • Security perimeter
    • Abstraction
    • Trusted patha
  18. Which of the following processes measures the maturity level of the security program?

    • Risk analysis
    • GAP analysis
    • Risk assessment
    • Risk mitigation
  19. Which of the following maturity levels of the software CMM focuses on competent people and heroics?

    • Initiating level
    • Defined level
    • Managed level
    • Repeatable level
  20. Which of the following individuals incorporates risk assessment in training programs for the organization’s personnel?

    • Chief information officer
    • Information system security officer
    • Functional manager
    • Security awareness trainer