ECCouncil 312-76 EC-Council Disaster Recovery Professional v3 (EDRP) Exam Practice Test

Colocation facilities provide shared infrastructure like cooling, power, and space (economic advantages) and support backups, but “recovery of servers” is not an inherent advantage—they don’t actively recover servers; that’s the tenant’s responsibility.

Option B (Backup):Supported via infrastructure for backup systems.

Option C (Cooling):A key feature of colocation.

Option D (Economic Advantages):Cost-sharing reduces expenses.

EDRP v3 notes colocation benefits like cooling and cost savings but excludes active server recovery as a facility-provided service (Module: Alternate Sites).

Global Load Balancing routes traffic across geographically distributed servers (e.g., London to Mumbai) to optimize performance and handle server loss, as described.

Option A (High-Availability):Ensures uptime, not geographic routing.

Option C (Failover):Switches to a backup, not load distribution.

Option D (Network Load Balancing):Local load sharing, not global.

“Global Load Balancing distributes traffic across global servers, mitigating slowdowns from server loss by rerouting effectively” (Module: System Resilience, Section: Traffic Management).

Simulation Testing mimics a real-life disaster without disrupting operations, testing software, communication, procedures, and personnel in a controlled environment, as Amy did.

Option A (Walkthrough Testing):A tabletop review, not a live simulation.

Option B (Parallel Testing):Runs recovery systems alongside primary ones, not mimicking disasters.

Option C (Full Interruption):Shuts down primary systems, more invasive than described.

“Simulation Testing replicates disaster scenarios to evaluate software, communication, and personnel response without operational disruption” (Module: Testing Disaster Recovery Plans, Section: Test Types).

Network Attached Storage (NAS) is a dedicated server designed for file storage and sharing over a network, perfectly matching the question’s description.

Option A (Data Virtualization):Abstracts data access, not a server.

Option B (Cloud Storage):Offsite storage service, not a dedicated server.

Option C (SAN):Block-level storage network, not file-focused.

“NAS is a dedicated file storage and sharing server, accessible over networks, ideal for centralized data management” (Module: Storage Technologies, Section: NAS Overview).

Continuous Data Protection (CDP) is a technology that continuously captures and saves data changes in real time or near real time, allowing for granular restore points. Unlike traditional backups that occur at scheduled intervals, CDP tracks every change to data, enabling recovery to any point in time before a failure. In this context, CDP is the best fit as it facilitates real-time data capture and recovery.

Option B (Mirroring):Mirroring duplicates data across two or more storage devices for redundancy but doesn’t inherently capture real-time changes for multiple restore points.

Option C (Virtual Tape Library):A VTL emulates tape storage using disk-based systems, primarily for backup, not real-time change capture.

Option D (Disk-to-Disk):D2D refers to backing up data from one disk to another, typically at scheduled intervals, not in real time.

EDRP v3 discusses CDP as an advanced backup technology under data protection strategies, highlighting its role in minimizing data loss by providing continuous recovery points (Module: Data Backup and Recovery).

Overall Program Governance in a BCP audit evaluates the plan’s alignment with resilience and continuity goals, including funding adequacy, ensuring it supports organizational objectives effectively.

Option A (Ongoing Program Management):Focuses on day-to-day execution, not funding review.

Option C (Management of Process Changes):Tracks updates, not resilience or funding.

Option D (Overall Testing of the Plan):Validates functionality, not governance.

“Overall Program Governance assesses BCP effectiveness, resilience promotion, and funding balance to ensure sustainable continuity” (Module: Business Continuity Planning, Section: BCP Audit Phases).

A Functional Test mobilizes resources to test specific BCP components in a live setting, as Archie did.

Option B (Simulation):Mimics scenarios, not resource mobilization.

Option C (Checklist):Reviews steps, not active testing.

Option D (Orientation):Introduces plan, not resource-based.

“Functional Tests activate resources to validate BCP components, ensuring operational readiness” (Module: Testing Disaster Recovery Plans, Section: Test Types).

A Differential Backup captures all files changed or added since the last full backup, growing with each run, as described.

Option B (Full System Backup):Copies all data, not just changes.

Option C (Incremental Backup):Changes since the last backup (any type), not full.

Option D (Online Data Backup):Delivery method, not a type.

“Differential Backup targets files modified since the last full backup, providing a cumulative change set for recovery” (Module: Data Backup and Recovery, Section: Backup Types).

Cloud Backup provides encrypted, secure data storage accessible anytime, anywhere via the internet, meeting the company’s needs.

Option A (Offsite):Offsite, but not necessarily accessible or encrypted by default.

Option C (Onsite):Local, not location-independent.

Option D (Hot Site):Recovery site, not a backup method.

“Cloud Backup ensures data security with encryption and offers ubiquitous access, ideal for flexible recovery needs” (Module: Data Backup and Recovery, Section: Cloud-Based Solutions).

Deduplication eliminates redundant data copies, reducing storage and bandwidth usage while minimizing data leak risks by centralizing control. It’s ideal for this scenario where multiple individual backups exist.

Option A (Data Erasure):Deletes data, not a solution for redundancy.

Option B (Data Remanence):Refers to residual data, not a fix here.

Option C (Failover):Switches to a backup system, unrelated to data management.

EDRP v3 highlights deduplication as a storage optimization technique to enhance efficiency and security (Module: Data Backup and Recovery).

The Planning Team is tasked with developing, implementing, and executing the disaster recovery plan, including testing, to ensure preparedness and effectiveness.

Option A (Operations Team):Focuses on daily operations, not DR planning.

Option B (Support Team):Provides technical assistance, not plan execution.

Option D (Technology Team):Manages IT systems, not the DR plan itself.

“The Planning Team oversees the creation, implementation, and testing of the DR plan, ensuring alignment with organizational goals” (Module: Disaster Recovery Teams, Section: Roles and Responsibilities).

The Disaster Recovery Coordinator manages the daily execution and maintenance of the DR program, making option B the most accurate responsibility. It reflects operational oversight, a core coordinator role.

Option A:More aligned with an auditor or compliance role.

Option C:Technical design, typically a technology team task.

Option D:Executive authority belongs to higher management, not the coordinator.

“The Disaster Recovery Coordinator handles day-to-day management, execution, and maintenance of the DR program, ensuring operational readiness” (Module: Disaster Recovery Teams, Section: Coordinator Roles).

Server Virtualization consolidates multiple physical servers into virtual machines on fewer hosts, reducing costs, optimizing resources, and lowering cooling needs, as Lisa requires.

Option A (VDI):Desktop-focused, not server optimization.

Option B (OS Virtualization):Container-based, less broad than server virtualization.

Option C (Replication):Duplicates servers, not cost-saving.

“Server Virtualization reduces physical server count, cutting maintenance and cooling costs while optimizing resource use” (Module: Virtualization and Recovery, Section: Server Virtualization Benefits).

Business Impact Analysis (BIA) identifies critical resources, recovery order, and RTO/RPO, but assessing threat impact is part of risk assessment, not BIA’s primary objective.

Option B/C/D:Core BIA goals.

“BIA focuses on resource identification, recovery prioritization, and RTO/RPO, not direct threat impact assessment, which precedes it” (Module: Business Impact Analysis, Section: BIA Objectives).

In the 3DR (Data Protection, Disaster Recovery, Doomsday Recovery) model, Remote Backup of Data Protection is termed the “doomsday recovery level,” representing the ultimate offsite safeguard against catastrophic loss.

Option A:Basic local protection, not doomsday-level.

Option B:Long-term storage, not recovery-focused.

Option C:General backup, not remote-specific.

“Remote Backup of Data Protection, dubbed the doomsday recovery level in 3DR, ensures data survival through offsite replication” (Module: Data Protection Strategies, Section: 3DR Model).

A Full-Scale Test implements the entire Business Continuity Plan (BCP) in a live environment, testing all components comprehensively.

Option A (Orientation):Introduces the plan, not implementation.

Option B (Functional):Tests specific functions, not the whole plan.

Option D (Simulation):Mimics scenarios, not full execution.

“Full-Scale Tests execute the entire BCP, validating all procedures and resources in a real-world scenario” (Module: Testing Disaster Recovery Plans, Section: Test Types).

A Team-wide BIA (Business Impact Analysis) evaluates interruptions specific to a department or team due to internal system failures, as described.

Option B (Organization-wide):Covers the entire organization, not department-specific.

Option C (Country-wide):Too broad, not system-focused.

Option D (Branch-wide):Branch-level, not necessarily team/department.

“Team-wide BIA assesses the impact of internal system failures on a specific department, tailoring continuity plans to team needs” (Module: Business Impact Analysis, Section: BIA Scope).

Business Impact Analysis (BIA) is a process to identify critical business functions and assess the impact of disruptions. Its components typically include executive sponsorship (to ensure leadership support), formation of a committee (to conduct the analysis), and feedback (to refine the process). Safety, while important in disaster recovery, is not a direct component of BIA, which focuses on operational and financial impacts rather than physical safety measures.

Option A (Feedback):Essential for validating and improving BIA findings.

Option B (Executive Sponsorship):Critical for resource allocation and authority.

Option D (Formation of Committee):Necessary for collaboration and execution.

EDRP v3 outlines BIA components, excluding safety as a core element, focusing instead on impact assessment and resource prioritization (Module: Business Impact Analysis).

PASIS (Pittsburgh Advanced Survivable Information Storage) integrates Decentralized Storage Systems, Data Redundancy and Encoding, and Dynamic Self-Maintenance for survivable storage, as Matt researched.

Option A:Centralized, not PASIS’s decentralized focus.

Option B:Distributed computing is broader than storage-specific.

Option D:Centralized, contradicts PASIS principles.

“PASIS architecture combines decentralized storage, redundancy with encoding, and self-maintenance for robust, survivable data systems” (Module: Survivable Storage Systems, Section: PASIS Components).

Latency is the time delay between a request and the system’s response, directly matching the question’s description.

Option A (Reaction):Not a technical term for delay.

Option B (Durability):Refers to data persistence, not response time.

Option C (Nonrepudiation):Ensures actions can’t be denied, unrelated to delay.

“Latency measures the delay in system response to requests, a critical factor in assessing recovery and performance” (Module: System Resilience, Section: Performance Metrics).

Distributed File System Replication (DFSR) synchronizes the SYSVOL folder across domain controllers in a Windows domain, ensuring consistency. The document’s answer (D) is incorrect; backups don’t synchronize live data.

Option A (Load Balancing):Distributes traffic, not file sync.

Option B (Failover):Switches to backups, not synchronization.

Option D (Data Backup):Copies data, not real-time sync.

“DFSR ensures SYSVOL synchronization across domain servers, maintaining uniform policy and file access” (Module: Server Management, Section: Domain Synchronization).

TheSYSVOL folderin a Windows domain environment contains critical data such as Group Policy objects and logon scripts, and it must be kept synchronized across multiple domain controllers within the same domain.Distributed File System Replication (DFSR)is the technology used in modern Windows Server environments (since Windows Server 2008 and later) to replicate and synchronize the SYSVOL folder across these servers. DFSR ensures that changes made to SYSVOL on one domain controller are efficiently replicated to others, maintaining consistency.

A. Load Balancing: This method distributes network or application traffic across multiple servers to optimize resource use and availability, but it does not handle file synchronization.

B. Failover: This refers to switching to a backup system in case of failure, not synchronizing data between servers.

D. Data Backup: This involves creating copies of data for recovery purposes, not real-time synchronization across servers.

Thus,Distributed File System Replication (DFSR)is the method that keeps the SYSVOL folder synchronized across multiple servers in the same domain.

Recovery Consistency Objective (RCO) measures the allowable deviation between actual and target data consistency, critical for ABC’s distributed data plan.

Option B (ROG):Data recovery detail level, not consistency.

Option C (RLS):Geographic recovery scope, not deviation.

Option D (RSR):Service resilience, not data consistency.

“RCO ensures minimal deviation in data consistency across distributed centers, vital for security and partial loss prevention” (Module: Recovery Metrics, Section: RCO Definition).

Business Impact Analysis (BIA) determines the potential impact of disruptions on business processes, identifying critical functions and consequences.

Option A (Risk Management):Mitigates risks, not impact-focused.

Option C (Risk Assessment):Identifies risks, not their impact.

Option D (Vulnerability Assessment):Finds weaknesses, not process impact.

“Business Impact Analysis (BIA) quantifies the effects of disruptions on business processes, a cornerstone of continuity planning” (Module: Business Impact Analysis, Section: BIA Purpose).

Windows Server Backup, accessed via Administrative Tools in Windows Server 2012, enables backup and restoration capabilities for Mike’s file server.

Option A:MMC is a framework, not the direct access point.

Option C/D (Server Migration):For server transitions, not backup.

“Windows Server Backup, launched from Administrative Tools, provides backup and restore functions in Windows Server 2012” (Module: System Recovery, Section: Windows Server Tools).

Risk response strategies include Acceptance (tolerating risk), Mitigation (reducing risk), and Sharing (transferring risk, e.g., insurance). Safety is a goal or outcome, not a risk response strategy.

Option A/B/D:Standard risk responses.

Option C (Safety):Not a recognized strategy.

“Risk response strategies—acceptance, mitigation, and sharing—address identified risks; safety is an objective, not a strategy” (Module: Risk Management, Section: Risk Response Strategies).

Deja Dup is Ubuntu’s native backup and restore tool, allowing Sam to recover deleted files from a previous backup.

Option B (Checkpoints):Hyper-V term, not Ubuntu.

Option C (Shadow Copy):Windows feature, not Ubuntu.

Option D (Snapshots):General term, not Ubuntu-specific.

“Deja Dup, Ubuntu’s native backup utility, enables file recovery from prior backups, simplifying restoration on Linux systems” (Module: System Recovery, Section: OS-Specific Tools).

ISO 22301 is the standard for societal security in Business Continuity Management Systems (BCMS), ensuring resilience against disasters, as Jess desires.

Option A (ISO 27031):ICT continuity, not societal focus.

Option C (NFPA 1600):Disaster management, broader than BCMS.

Option D (ISO 27005):Risk management, not continuity-specific.

“ISO 22301, the societal security standard for BCMS, ensures robust continuity planning for disaster resilience” (Module: Business Continuity Management, Section: Standards).

Crisis Management involves strategies to handle sudden, significant events (e.g., disasters), focusing on immediate response and mitigation, as described.

Option A (Risk Assessment):Identifies risks, not manages events.

Option B (Application Recovery):Restores applications, not a broad strategy.

Option D (BIA):Analyzes impacts, not event handling.

“Crisis Management applies strategies to address sudden, disruptive events, ensuring organizational stability during emergencies” (Module: Crisis Management, Section: Overview).

On-Premise Disk-Based Archiving uses local disk systems with tools for access and cataloging, incurring cooling and maintenance costs, as described.

Option A (Optical):Low cost, no cooling needs.

Option C (Legacy):Outdated systems, not specified here.

Option D (Cloud-Based):Offsite, minimal local maintenance costs.

“On-Premise Disk-Based Archiving offers accessible data cataloging with recurring costs for cooling and upkeep” (Module: Data Archiving, Section: Archiving Methods).

In disaster recovery (DR) tier classifications, often based on frameworks like theShare GrouporIBM’s DR tier model, the tiers represent increasing levels of recovery capability. Here’s a brief overview to explain:

Tier 1: Basic backup with offsite storage (e.g., tape backups), no real-time replication, and long recovery times.

Tier 2: Offsite backups with some improvements (e.g., electronic vaulting), but still no immediate recovery capability.

Tier 4: Point-in-time copies with more advanced backup solutions (e.g., disk-based replication), but typically lacks a fully operational hot site.

Tier 5: Transaction integrity with ahot site—a fully operational, mirrored site that can take over almost immediately with minimal data loss and downtime. Data is actively backed up and synchronized in real-time or near real-time.

Ahot siteis a fully equipped, operational duplicate of the primary site, ready to assume operations with little to no downtime. This capability aligns withTier 5, where data is backed up continuously or frequently, and the hot site ensures rapid recovery. Higher tiers (e.g., Tier 6 or 7) might involve zero data loss and instantaneous failover, but Tier 5 specifically fits the description of having a hot site with robust backup.

The Open Virtualization Format (OVF) is a standard developed by the Distributed Management Task Force (DMTF) for packaging and distributing virtual machines and software. It ensures interoperability across virtualization platforms, making it a key virtualization standard.

Option A (PCI DSS):A security standard for payment cards, not virtualization-related.

Option B (CSA):An organization, not a standard, focused on cloud security.

Option C (vCloud API):A VMware-specific API, not a DMTF standard.

“The Open Virtualization Format (OVF), established by the DMTF, standardizes virtual machine packaging for portability and compatibility across platforms” (Module: Virtualization and Cloud Computing, Section: Virtualization Standards).

Full Interruption Testing involves shutting down primary systems to test recovery processes, making it expensive (due to downtime costs) and disruptive to normal operations.

Option B (Simulation Testing):Mimics a disaster without stopping operations.

Option C (Parallel Testing):Runs recovery systems alongside primary ones, non-disruptive.

Option D (Checklist Testing):A review process, no operational impact.

“Full Interruption Testing, while thorough, incurs high costs and disrupts business by halting primary systems to validate recovery” (Module: Testing Disaster Recovery Plans, Section: Test Types).

Updating the NIC driver can resolve VMQ issues by improving how the NIC handles virtual machine data queues, addressing slow transmission due to restrictions.

Option A:Storage performance doesn’t directly fix VMQ/NIC issues.

Option B:Bandwidth increase helps but doesn’t target the root VMQ problem.

Option D:Incorrect, as updating the driver is a valid fix.

“Updating NIC drivers resolves VMQ bottlenecks, enhancing data transmission speed between virtual machines by optimizing hardware handling” (Module: Virtualization and Recovery, Section: VM Performance).

A vulnerability assessment follows a logical sequence:

d) List the threats that may occur– Identify potential threats first.

b) Estimate the probability of occurrence of each threat– Assess likelihood next.

a) Assess the potential impact of the threat on the organization– Evaluate impact after probability.

c) Assess the internal and external resources available to mitigate the identified threats– Finally, review mitigation resources.This order (d, b, a, c) ensures threats are identified before analyzing their likelihood, impact, and mitigation, aligning with standard risk assessment practices.

Option A (c, a, d, b):Starts with resources, illogical without threats.

Option C (b, d, c, a):Probability before listing threats is premature.

Option D (b, c, d, a):Probability and resources before threats is out of sequence.

“Vulnerability assessment begins with listing threats, followed by estimating probability, assessing impact, and evaluating mitigation resources in that order (d, b, a, c)” (Module: Risk Management, Section: Vulnerability Assessment Steps).

Grid Computing clusters computers in a distributed, parallel manner to solve large-scale problems, matching the question’s description.

Option A (Decentralized):Broad term, not specific to clustering.

Option C (Cloud Computing):Service-based, not necessarily parallel clustering.

Option D (Centralized):Opposite of distributed.

“Grid Computing leverages distributed, parallel clusters to process tasks collaboratively, enhancing computational resilience” (Module: Computing Models, Section: Grid Computing).

RAID 0 splits data across drives (striping) for performance but offers no redundancy, requiring a minimum of two drives.

Option B:RAID 5 minimum, not RAID 0.

Option C/D:Higher RAID levels, not RAID 0.

“RAID 0 uses striping across at least two drives for speed, sacrificing redundancy for performance” (Module: Storage Technologies, Section: RAID Levels).

RAID 3 uses striping with a dedicated parity drive, meeting all requirements: parity for reconstruction, good speed (sequential access), and lower cost than RAID 10 or RAID 1 (fewer drives than RAID 10). Option C duplicates RAID 1, likely a typo.

Option A (RAID 10):Mirroring and striping, expensive, no parity drive.

Option B/C (RAID 1):Mirroring, no parity, costly for multiple drives.

Option D (RAID 3):Parity-based, cost-effective, meets all criteria.

“RAID 3 employs a dedicated parity drive for data reconstruction, offering good performance and cost-efficiency for backup solutions” (Module: Storage Technologies, Section: RAID Levels).

Qualitative Risk Assessment uses descriptive scales (e.g., Very High to Very Low) based on subjective judgment and interaction, as Jonathan did.

Option A (Quantitative):Numeric values, not descriptive.

Option B (Semi-Quantitative):Combines numbers and descriptions, not purely qualitative.

Option C (Semi-Qualitative):Not a standard term, likely a typo.

“Qualitative Risk Assessment ranks risks using descriptive categories like ‘Very High’ to ‘Very Low’ based on observation and input” (Module: Risk Management, Section: Assessment Methods).

A centralized governance structure for Business Continuity and Risk Management typically includes Programs and Practices (strategies and processes), Enablement (resources and support), and Effectiveness (measuring outcomes). Authenticity, while important in security, is not a standard governance component.

Option A:Core to defining continuity practices.

Option B:Ensures implementation support.

Option C:Evaluates governance success.

“Centralized governance includes Programs and Practices, Enablement, and Effectiveness to ensure robust continuity; Authenticity is not a structural component” (Module: Governance Structures, Section: BC Governance).

A Threat is any circumstance or event with the potential to disrupt operations or degrade assets, as described.

Option A (Impact):Result of a threat, not the cause.

Option B (Vulnerability):Weakness exploited by threats.

Option C (Hazard):Natural danger, narrower than “threat.”

“A Threat is any potential event that can disrupt operations or assets, requiring identification for effective DR planning” (Module: Risk Management, Section: Threat Definitions).

Detailed Awareness Training targets key BCP execution staff, providing in-depth knowledge of framework, processes, and strategies, as described.

Option B (Simulation):Hands-on practice, not framework-focused.

Option C (Scenario):Scenario-based, not comprehensive training.

Option D (Introductory):Basic overview, not detailed.

“Detailed Awareness Training equips key BCP personnel with deep understanding of processes and strategies for effective execution” (Module: Training and Awareness, Section: Training Types).

A Cold Backup is performed when the database is offline, ensuring data consistency by avoiding changes during the process, as described.

Option A (Online Data Backup):Implies active system backup, not offline.

Option B (Hot Backup):Taken while the system is online.

Option C (Full System Backup):Broad term, not offline-specific.

“Cold Backup occurs with the database offline, ensuring a consistent snapshot without transaction interference” (Module: Data Backup and Recovery, Section: Backup Types).

Managed Disaster Recovery (MDR) involves third-party services handling backups and offsite replication, providing a comprehensive solution for data protection and recovery. This fits the description of outsourcing backup and replication to an external provider.

Option A (Continuous Data Protection):Real-time backup technology, not inherently third-party or offsite-focused.

Option C (Tape Vaulting):Offsite tape storage, but not replication-focused and typically manual, not managed.

Option D (Disk Shadowing):A form of mirroring, not third-party or offsite by definition.

“Managed Disaster Recovery leverages third-party expertise for offsite replication and backups, ensuring robust data protection with minimal internal overhead” (Module: Disaster Recovery Strategies, Section: Managed Services).

Tier 5 in the disaster recovery tier model (e.g., SHARE or IBM models) typically involves backing up data over a Wide Area Network (WAN) to a remote site, providing offsite redundancy with minimal data loss.

Option B (Tier 3):Basic offsite backup, often tape-based, not WAN-specific.

Option C (Tier 0):No backup, not applicable.

Option D (Tier 6):Advanced, often with zero data loss, beyond simple WAN backup.

“Tier 5 utilizes WAN connections for remote data backups, enhancing resilience with offsite replication and moderate RPO” (Module: Disaster Recovery Tiers, Section: Tier Definitions).

Colocation Facilities involve renting space and infrastructure (e.g., cooling, power) in a shared data center, offering a cost-effective backup site solution, as Jack chose.

Option A (Hot Sites):Fully operational, expensive, not cost-focused.

Option B (Cold Sites):Basic space, no pre-installed infrastructure like cooling.

Option C (Warm Sites):Partially equipped, more costly than colocation.

“Colocation Facilities provide cost-efficient backup by renting shared data center resources, including cooling and security, ideal for budget-conscious organizations” (Module: Alternate Sites, Section: Site Types).