ECCouncil 312-76 EC-Council Disaster Recovery Professional v3 (EDRP) Exam Practice Test

Restoration involves repairing a damaged site or establishing a new one to enable operations, focusing on infrastructure recovery.

Option B (Resumption):Refers to restarting operations, not site repair/setup.

Option C (Response):Immediate actions during a disaster, not post-disaster site work.

Option D (Business Continuity):A broader strategy, not specific to site restoration.

EDRP v3 defines restoration as rebuilding or replacing physical infrastructure post-disaster (Module: Disaster Recovery Planning).

A Synthetic Backup combines a full backup with subsequent incremental backups to create an updated full backup, as described.

Option A (Incremental):Only changes, not combined with full.

Option B (Differential):Changes since last full, not synthesized.

Option D (Incremental Forever):Continuous incrementals, not full synthesis.

“Synthetic Backup merges a full backup with incrementals, creating an efficient, updated full copy for recovery” (Module: Data Backup and Recovery, Section: Backup Techniques).

Confidentiality in PASIS ensures data is protected from unauthorized access, using encryption and access controls, aligning with Jessie’s goal of restricting access to authorized employees.

Option A (Reaction):Not a PASIS feature.

Option C (Availability):Ensures access, not restriction.

Option D (Maintenance):Not a security feature.

“Confidentiality in PASIS architecture secures data against unauthorized access, employing encryption and controls to safeguard critical information” (Module: Survivable Storage Systems, Section: PASIS Features).

“Resume” refers to restarting or recommencing business operations post-disaster as systems become available, aligning with business continuity goals.

Option A (Return):Too vague, not a specific DR term.

Option C (Reduce):Unrelated to restarting operations.

Option D (Recover):Focuses on data/system restoration, not operational resumption.

EDRP v3 uses “resume” to describe the phase of restoring business functions after recovery (Module: Business Continuity Management).

Managed Disaster Recovery (MDR) involves third-party services handling backups and offsite replication, providing a comprehensive solution for data protection and recovery. This fits the description of outsourcing backup and replication to an external provider.

Option A (Continuous Data Protection):Real-time backup technology, not inherently third-party or offsite-focused.

Option C (Tape Vaulting):Offsite tape storage, but not replication-focused and typically manual, not managed.

Option D (Disk Shadowing):A form of mirroring, not third-party or offsite by definition.

“Managed Disaster Recovery leverages third-party expertise for offsite replication and backups, ensuring robust data protection with minimal internal overhead” (Module: Disaster Recovery Strategies, Section: Managed Services).

Scalability refers to a system’s ability to handle increased demand by adding resources, such as Joan’s addition of virtual memory to accommodate traffic spikes and reduce delays.

Option A (Transparency):Hides system complexity, not resource expansion.

Option B (Openness):Relates to system accessibility, not capacity.

Option D (Monotonicity):A mathematical property, irrelevant here.

“Scalability enhances system performance by adding resources like memory or nodes to manage increased loads, critical for maintaining service levels” (Module: System Resilience, Section: Scalability Concepts).

OS-Based Virtualization (e.g., containerization) uses software like containers (Docker, LXC) or virtual engines to run multiple isolated instances on a single OS kernel, as described.

Option A (Data Virtualization):Abstracts data access, not container-based.

Option B (Network Virtualization):Virtualizes network resources, not OS-based.

Option C (Desktop Virtualization):Virtualizes desktops, not container-specific.

“OS-Based Virtualization leverages containers or virtual engines to isolate applications on a shared OS, enhancing efficiency” (Module: Virtualization and Recovery, Section: Virtualization Types).

Crisis Management involves strategies to handle sudden, significant events (e.g., disasters), focusing on immediate response and mitigation, as described.

Option A (Risk Assessment):Identifies risks, not manages events.

Option B (Application Recovery):Restores applications, not a broad strategy.

Option D (BIA):Analyzes impacts, not event handling.

“Crisis Management applies strategies to address sudden, disruptive events, ensuring organizational stability during emergencies” (Module: Crisis Management, Section: Overview).

RAID 1 (mirroring) duplicates data across two disks, ensuring an identical copy is maintained, as Will implemented.

Option A (RAID 0):Striping, no redundancy.

Option C (RAID 3):Parity with striping, not full duplication.

Option D (RAID 5):Parity across multiple disks, not mirroring.

“RAID 1 mirrors data across two disks, providing an exact copy for redundancy and immediate backup availability” (Module: Storage Technologies, Section: RAID Levels).

Recovery Point Objective (RPO) measures the data loss window, here 13 hours from the last backup (8:00 pm) to the disaster (9:00 am), not recovery time (8 hours). The ‘minus 13 hours’ phrasing is misleading; RPO is the correct term for potential data loss.

Option A (RTO):Time to restore (8 hours), not data loss.

Option B (MAO):Maximum downtime tolerance, not data-specific.

Option D (SPOF):A failure point, unrelated to time.

“RPO defines the time between the last backup and a disaster, indicating potential data loss, critical for planning” (Module: Recovery Metrics, Section: RPO Definition).

Recovery Time Objective (RTO)refers to the amount of time a system, application, or process can be down before it causes significant harm to the business. In this scenario, the betting site determined that if the payment gateway system is down for more than an hour, it would result in substantial financial losses ($100,000) and customer attrition (15% short-term and 25% permanently). The focus on the acceptable downtime before these impacts occur aligns with the definition of RTO. The mention of "two hours" in the question seems to be a slight mismatch with the "more than an hour" in the description, but the context still points to RTO as the best fit, as it defines the target time frame for recovery.

Recovery Point Objective (RPO)refers to the amount of data loss (measured in time) a business can tolerate, not the duration of system downtime.

Maximum Tolerable Period of Disruption (MTPOD)is a broader term that encompasses the total time a business can withstand a disruption, including recovery and other factors, but it is less specific to the immediate system restoration time frame described here.

Work Recovery Time (WRT)is not a widely standardized term in this context and typically relates to the time needed to recover specific work processes, not the system downtime tolerance.

Thus,RTOis the most precise term for the time period the business can tolerate the payment gateway being unavailable.

Return on Risk Adjusted Capital (RORAC) is a financial metric often used to allocate funds for risk mitigation, including emergency reserves like James’ $20,000 for virtual connections. It reflects the return expected after accounting for risk costs.

Option A (RAROC):Similar, but typically broader, not specific to emergency funds.

Option B (RAPM):A management approach, not a fund term.

Option C (RARORAC):A variant, less commonly used in this context.

“RORAC quantifies funds set aside for risk scenarios, such as emergency recovery costs, ensuring financial preparedness aligns with risk exposure” (Module: Risk Management, Section: Financial Metrics).

A Disaster Management Plan identifies personnel for research, development, and implementation of disaster-related strategies, broader than just DR, as Jake did.

Option A (BCP):Focuses on continuity, not personnel identification alone.

Option C (IT Recovery):IT-specific, narrower scope.

Option D (DRP):Recovery-focused, not as broad as management.

“The Disaster Management Plan assigns personnel for research, development, and implementation, encompassing all disaster response aspects” (Module: Disaster Recovery Planning, Section: Management Plans).

Backup Integrity Testing is the process of verifying that backed-up data remains safe, secure, andreadable after operations such as updates, restores, or retrievals. This involves checking for corruption, ensuring data consistency, and confirming that the backup can be successfully restored. In disaster recovery, this is a critical step to ensure that backups are reliable when needed.

Option A (Database Authentication):Refers to verifying user access, not data integrity.

Option B (Database Consolidation):Involves merging databases, not testing backup integrity.

Option C (Database Integrity Testing):Focuses on database consistency, not specifically backup verification.

“Backup Integrity Testing ensures that data backups remain uncorrupted and usable post-operation. This process includes validation checks after updates or restores to guarantee recoverability, a key component of data protection strategies” (Module: Data Backup and Recovery, Section: Backup Validation Techniques).

Snapshot Replication copies the entire dataset (or changes) at a specific point in time to a replica, ideal for infrequent updates like ABC Inc.’s annual database refresh. It’s simple and suits low-frequency synchronization.

Option A (Merge Replication):Combines changes from multiple sources, complex for this case.

Option B (Transactional Replication):Tracks incremental changes in real time, overkill here.

Option C (SQL Server Replication):A general category, not a specific method.

“Snapshot Replication provides a point-in-time copy of data, efficient for infrequent updates where full synchronization is needed annually” (Module: Data Replication, Section: Replication Types).

Windows Server Backup, accessed via Administrative Tools in Windows Server 2012, enables backup and restoration capabilities for Mike’s file server.

Option A:MMC is a framework, not the direct access point.

Option C/D (Server Migration):For server transitions, not backup.

“Windows Server Backup, launched from Administrative Tools, provides backup and restore functions in Windows Server 2012” (Module: System Recovery, Section: Windows Server Tools).

A Survivable Storage System is designed to maintain data integrity and access despite failures or attacks, as described (e.g., PASIS architecture).

Option B (Decentralized Computing):Broad computing model, not storage-specific.

Option C (Mirroring):Redundancy technique, not a full system.

Option D (Mainframe):Robust systems, but not survivability-focused.

“Survivable Storage Systems ensure data availability and integrity against failures and attacks across storage and network components” (Module: Survivable Storage Systems, Section: Overview).

A Snapshot is a point-in-time copy of a virtual machine’s state, including its data, configuration, and memory, taken at regular intervals. It allows Phil to revert to the last saved version after a crash, preserving the VM’s architecture. This is common in virtualization platforms like VMware or Hyper-V.

Option B (Mirroring):Duplicates data in real time, not a point-in-time backup.

Option C (CDP):Captures every change continuously, more granular than needed here.

Option D (D2D):Transfers data between disks, not specific to VM state capture.

“Snapshots provide point-in-time backups of virtual machines, capturing their full state for quick recovery, ideal for experimental or critical workloads” (Module: Virtualization and Recovery, Section: VM Backup Methods).

A Hot Backup occurs while systems are online and active, suitable for Matt’s real-time, no-downtime requirement.

Option A (Incremental):Fast but not inherently downtime-free.

Option B (Cold Backup):Requires downtime, offline systems.

Option D (Online Data Backup):Similar, but less specific than “Hot Backup.”

“Hot Backups enable data protection without downtime, critical for real-time systems like financial platforms” (Module: Data Backup and Recovery, Section: Backup Techniques).

RAID 0 splits data across drives (striping) for performance but offers no redundancy, requiring a minimum of two drives.

Option B:RAID 5 minimum, not RAID 0.

Option C/D:Higher RAID levels, not RAID 0.

“RAID 0 uses striping across at least two drives for speed, sacrificing redundancy for performance” (Module: Storage Technologies, Section: RAID Levels).

Recovery Service Scalability (RSS) measures a recovery solution’s capacity to handle multiple applications or data sets and the maximum data size it can manage, reflecting its scalability.

Option B (RLS):Refers to the geographic scope of recovery, not capacity.

Option C (RPO):Measures data loss tolerance, not scalability.

Option D (RSR):Focuses on resilience, not size or number of applications.

EDRP v3 defines RSS as a metric for evaluating recovery solution scalability, critical for large-scale environments (Module: Recovery Metrics).

Network Attached Storage (NAS) is a centralized storage solution connected to a network, allowing multiple users and devices to access and back up data efficiently. It’s ideal for Tom’s needs across multiple branches, offering centralized storage and simplified backup/recovery processes.

Option A (DAS):Direct Attached Storage is local to a single server, not centralized across a network.

Option C (PAS):This appears to be a typo; no such standard technology exists (possibly meant SAN or similar).

Option D (RAID):Redundant Array of Independent Disks enhances reliability but isn’t a centralized network solution.

EDRP v3 discusses NAS as a scalable, centralized storage option for backup and recovery in distributed environments (Module: Storage Technologies).

Proven Reliability is a hallmark of mainframes, known for uptime and robustness in critical applications.

Option B (Openness):More for open systems, not mainframes.

Option C (Pluralism):Not a technical feature.

Option D (Transparency):Not a mainframe characteristic.

“Mainframes feature proven reliability, supporting continuous operation for mission-critical environments” (Module: Computing Systems, Section: Mainframe Features).

Polly estimated theImpact, which is the magnitude of damage (here, $200,000) resulting from a risk event (data leak). This drove her decision to upgrade, comparing it to the cost.

Option B (Hazard):A potential source of harm, not the damage estimate.

Option C (Likelihood):Probability of occurrence, not addressed here.

Option D (Vulnerability):Weakness (vulnerable server), not the damage itself.

“Impact, the estimated magnitude of loss from a risk event, such as a data leak costing $200,000, guides mitigation decisions in risk assessment” (Module: Risk Management, Section: Risk Factors).

Bare Metal Recovery (BMR) restores a system from backups to a new, blank machine (no OS/software), automating the process to a prior state, as the IT team did.

Option B (System Restore):Windows feature, not full system recovery.

Option C (Mirroring):Real-time duplication, not recovery.

Option D (System Image):Similar, but less automated/full-system focus.

“Bare Metal Recovery automates full system restoration to new hardware from backups, ideal for rapid, accurate recovery” (Module: System Recovery, Section: Recovery Methods).

Exit Criteria define the conditions for test completion, here 90% pass rate, indicating successful DR plan validation.

Option A (Entry Criteria):Conditions to start testing, not finish.

Option C (STLC):Broad testing process, not specific criteria.

Option D (Suspension):Conditions to pause testing, not success.

“Exit Criteria, such as a 90% pass rate, determine when DR testing is successfully completed, ensuring plan reliability” (Module: Testing Disaster Recovery Plans, Section: Test Criteria).

Deja Dup is Ubuntu’s native backup and restore tool, allowing Sam to recover deleted files from a previous backup.

Option B (Checkpoints):Hyper-V term, not Ubuntu.

Option C (Shadow Copy):Windows feature, not Ubuntu.

Option D (Snapshots):General term, not Ubuntu-specific.

“Deja Dup, Ubuntu’s native backup utility, enables file recovery from prior backups, simplifying restoration on Linux systems” (Module: System Recovery, Section: OS-Specific Tools).

Load Balancing distributes web traffic across multiple servers (Zoe’s three) to optimize performance and prevent overload, as described.

Option A (Point in Time Recovery):Restores data, not traffic management.

Option C (Clustering):Groups servers for redundancy, not load distribution alone.

Option D (High-Availability):Ensures uptime, not necessarily load balancing.

“Load Balancing evenly distributes traffic across servers, enhancing efficiency and preventing crashes under high demand” (Module: System Resilience, Section: Traffic Management).

ISO/IEC 27005 is an information security risk management standard that requires identifying, assessing, and prioritizing risks (like George’s exercise) to develop a mitigation plan. It fits his prioritization of electrical surges.

Option A (ISO 27001):Broad security management, not risk-specific.

Option B (INCITS 483-2012):Virtualization security, not risk management.

Option C (ISO 27031):ICT continuity, narrower than 27005.

“ISO/IEC 27005 guides organizations in risk identification, assessment, and prioritization, forming the basis for security and DR planning” (Module: Risk Management, Section: Standards).

In disaster recovery (DR) tier classifications, often based on frameworks like theShare GrouporIBM’s DR tier model, the tiers represent increasing levels of recovery capability. Here’s a brief overview to explain:

Tier 1: Basic backup with offsite storage (e.g., tape backups), no real-time replication, and long recovery times.

Tier 2: Offsite backups with some improvements (e.g., electronic vaulting), but still no immediate recovery capability.

Tier 4: Point-in-time copies with more advanced backup solutions (e.g., disk-based replication), but typically lacks a fully operational hot site.

Tier 5: Transaction integrity with ahot site—a fully operational, mirrored site that can take over almost immediately with minimal data loss and downtime. Data is actively backed up and synchronized in real-time or near real-time.

Ahot siteis a fully equipped, operational duplicate of the primary site, ready to assume operations with little to no downtime. This capability aligns withTier 5, where data is backed up continuously or frequently, and the hot site ensures rapid recovery. Higher tiers (e.g., Tier 6 or 7) might involve zero data loss and instantaneous failover, but Tier 5 specifically fits the description of having a hot site with robust backup.

High Availability (HA) ensures continuous operation by automatically switching to backup components (like virtual memory) during a failure, minimizing downtime, as in ABC Inc.’s case.

Option A (Deduplication):Removes redundant data, not a failover feature.

Option C (Fault Tolerance):Prevents failure impact but typically implies no interruption, not a switch.

Option D (Mirroring):Duplicates data, a component of HA, but not the full feature.

“High Availability maintains operations through automatic failover to backup resources, ensuring business continuity during component failures” (Module: System Resilience, Section: Availability Features).

A Functional Test mobilizes resources to test specific BCP components in a live setting, as Archie did.

Option B (Simulation):Mimics scenarios, not resource mobilization.

Option C (Checklist):Reviews steps, not active testing.

Option D (Orientation):Introduces plan, not resource-based.

“Functional Tests activate resources to validate BCP components, ensuring operational readiness” (Module: Testing Disaster Recovery Plans, Section: Test Types).

Server Clustering connects multiple servers into a unified resource, improving scalability and protecting against failures, as Jack implemented.

Option A (Mirroring):Data duplication, not scalability-focused.

Option B (Deduplication):Storage optimization, not clustering.

Option C (Failover):Backup switching, not unified resource.

“Server Clustering unifies computing resources, enhancing scalability and resilience against application and site failures” (Module: Clustering Technologies, Section: Clustering Benefits).

The Protection Technologies Layer in a Recovery Management Model manages tools like replication and backup, ensuring hassle-free system recovery, as described.

Option B (Testing Simulation):Validates plans, not recovery execution.

Option C (Common Management):Coordinates, not tech-specific.

Option D (Analytics):Monitors, not recovery-focused.

“The Protection Technologies Layer controls replication and backup, enabling seamless system recovery post-disaster” (Module: Recovery Processes, Section: Recovery Management Model).

Cloud Backup provides encrypted, secure data storage accessible anytime, anywhere via the internet, meeting the company’s needs.

Option A (Offsite):Offsite, but not necessarily accessible or encrypted by default.

Option C (Onsite):Local, not location-independent.

Option D (Hot Site):Recovery site, not a backup method.

“Cloud Backup ensures data security with encryption and offers ubiquitous access, ideal for flexible recovery needs” (Module: Data Backup and Recovery, Section: Cloud-Based Solutions).

Continuous Data Protection (CDP) is a technology that continuously captures and saves data changes in real time or near real time, allowing for granular restore points. Unlike traditional backups that occur at scheduled intervals, CDP tracks every change to data, enabling recovery to any point in time before a failure. In this context, CDP is the best fit as it facilitates real-time data capture and recovery.

Option B (Mirroring):Mirroring duplicates data across two or more storage devices for redundancy but doesn’t inherently capture real-time changes for multiple restore points.

Option C (Virtual Tape Library):A VTL emulates tape storage using disk-based systems, primarily for backup, not real-time change capture.

Option D (Disk-to-Disk):D2D refers to backing up data from one disk to another, typically at scheduled intervals, not in real time.

EDRP v3 discusses CDP as an advanced backup technology under data protection strategies, highlighting its role in minimizing data loss by providing continuous recovery points (Module: Data Backup and Recovery).

In PASIS architecture, increasing confidentiality (e.g., via encryption) increases storage requirements due to added overhead (e.g., metadata, keys).

Option A (Reaction):Not a PASIS feature.

Option B (Latency):May increase, but not direct as storage.

Option D (Durability):Unaffected by confidentiality.

“Higher confidentiality in PASIS, through encryption, directly increases storage needs due to additional data overhead” (Module: Survivable Storage Systems, Section: PASIS Trade-offs).

Introductory Awareness Training provides a basic overview of the BCP framework, processes, and strategies for employees with minimal execution roles, as Jack intended.

Option B (Simulation):Hands-on disaster simulation, too advanced.

Option C (Scenario):Specific scenario-based, not broad awareness.

Option D (Detailed Awareness):In-depth, for key personnel, not basic.

“Introductory Awareness Training educates non-core staff on BCP basics—framework, processes, and strategies—for general preparedness” (Module: Training and Awareness, Section: Training Types).

The Open Virtualization Format (OVF) is a standard developed by the Distributed Management Task Force (DMTF) for packaging and distributing virtual machines and software. It ensures interoperability across virtualization platforms, making it a key virtualization standard.

Option A (PCI DSS):A security standard for payment cards, not virtualization-related.

Option B (CSA):An organization, not a standard, focused on cloud security.

Option C (vCloud API):A VMware-specific API, not a DMTF standard.

“The Open Virtualization Format (OVF), established by the DMTF, standardizes virtual machine packaging for portability and compatibility across platforms” (Module: Virtualization and Cloud Computing, Section: Virtualization Standards).

Terminal Objectives are the specific milestones or end goals of a training program, ensuring the BC training aim is met.

Option A (Time-Related):Time-focused, not milestones.

Option B (Development):Process-oriented, not end goals.

Option C (Routine):Daily tasks, not training-specific.

“Terminal Objectives define the key milestones to achieve BC training goals, ensuring preparedness aligns with program aims” (Module: Training and Awareness, Section: Training Objectives).

On-Premise Disk-Based Archiving uses local disk systems with tools for access and cataloging, incurring cooling and maintenance costs, as described.

Option A (Optical):Low cost, no cooling needs.

Option C (Legacy):Outdated systems, not specified here.

Option D (Cloud-Based):Offsite, minimal local maintenance costs.

“On-Premise Disk-Based Archiving offers accessible data cataloging with recurring costs for cooling and upkeep” (Module: Data Archiving, Section: Archiving Methods).

A vulnerability assessment follows a logical sequence:

d) List the threats that may occur– Identify potential threats first.

b) Estimate the probability of occurrence of each threat– Assess likelihood next.

a) Assess the potential impact of the threat on the organization– Evaluate impact after probability.

c) Assess the internal and external resources available to mitigate the identified threats– Finally, review mitigation resources.This order (d, b, a, c) ensures threats are identified before analyzing their likelihood, impact, and mitigation, aligning with standard risk assessment practices.

Option A (c, a, d, b):Starts with resources, illogical without threats.

Option C (b, d, c, a):Probability before listing threats is premature.

Option D (b, c, d, a):Probability and resources before threats is out of sequence.

“Vulnerability assessment begins with listing threats, followed by estimating probability, assessing impact, and evaluating mitigation resources in that order (d, b, a, c)” (Module: Risk Management, Section: Vulnerability Assessment Steps).

An IIS Server (Internet Information Services) hosts websites on Windows, so corrupted hosting files indicate Fred needs to restore this server.

Option A (Application):Runs apps, not web hosting-specific.

Option C (Database):Stores data, not hosting files.

Option D (Catalog):Not a standard web hosting server.

“IIS Servers host web content; restoring them resolves issues with corrupted hosting files to restore site access” (Module: Server Management, Section: Web Server Recovery).

Physical data loss occurs due to physical damage to storage media (e.g., James damaging the hard drive), making data unreadable, as described.

Option A (Logical):Software or file system issues, not physical damage.

Option B (Natural Disaster):Environmental events (e.g., flood), not accidental damage.

Option D (Data Corruption):Data alteration, not physical inaccessibility.

“Physical data loss results from hardware damage, such as a broken hard drive, rendering data inaccessible due to physical failure” (Module: Data Backup and Recovery, Section: Types of Data Loss).

Simulation Testing mimics a real-life disaster without disrupting operations, testing software, communication, procedures, and personnel in a controlled environment, as Amy did.

Option A (Walkthrough Testing):A tabletop review, not a live simulation.

Option B (Parallel Testing):Runs recovery systems alongside primary ones, not mimicking disasters.

Option C (Full Interruption):Shuts down primary systems, more invasive than described.

“Simulation Testing replicates disaster scenarios to evaluate software, communication, and personnel response without operational disruption” (Module: Testing Disaster Recovery Plans, Section: Test Types).