312-76 Practice Exam Questions with Answers EC-Council Disaster Recovery Professional v3 (EDRP) Certification

Server Virtualization consolidates multiple physical servers into virtual machines on fewer hosts, reducing costs, optimizing resources, and lowering cooling needs, as Lisa requires.

Option A (VDI):Desktop-focused, not server optimization.

Option B (OS Virtualization):Container-based, less broad than server virtualization.

Option C (Replication):Duplicates servers, not cost-saving.

“Server Virtualization reduces physical server count, cutting maintenance and cooling costs while optimizing resource use” (Module: Virtualization and Recovery, Section: Server Virtualization Benefits).

Walkthrough Testing involves team members reviewing the DR plan in a structured discussion to confirm effectiveness, identify bottlenecks, and uncover weaknesses, as Joan did.

Option B (Full Interruption):Live shutdown test, not discussion-based.

Option C (Parallel):Runs recovery alongside primary, not weakness-focused.

Option D (Simulation):Mimics disasters, not confirmation-based.

“Walkthrough Testing engages team members to validate DR plan effectiveness and pinpoint weaknesses through detailed review” (Module: Testing Disaster Recovery Plans, Section: Test Types).

An Incremental Backup only backs up files changed or added since the last backup (full or incremental), making it faster and less disruptive, ideal for Alan’s daily, small-volume needs.

Option B (Differential Backup):Backs up all changes since the last full backup, growing larger and slower over time.

Option C (Full System Backup):Copies everything, time-consuming and unnecessary here.

Option D (Online Data Backup):A method, not a type; could be any backup, but not specific.

“Incremental Backups minimize downtime by capturing only changes since the last backup, suitable for frequent, low-volume data updates” (Module: Data Backup and Recovery, Section: Backup Types).

Colocation Facilities involve renting space and infrastructure (e.g., cooling, power) in a shared data center, offering a cost-effective backup site solution, as Jack chose.

Option A (Hot Sites):Fully operational, expensive, not cost-focused.

Option B (Cold Sites):Basic space, no pre-installed infrastructure like cooling.

Option C (Warm Sites):Partially equipped, more costly than colocation.

“Colocation Facilities provide cost-efficient backup by renting shared data center resources, including cooling and security, ideal for budget-conscious organizations” (Module: Alternate Sites, Section: Site Types).

In PASIS architecture, increasing confidentiality (e.g., via encryption) increases storage requirements due to added overhead (e.g., metadata, keys).

Option A (Reaction):Not a PASIS feature.

Option B (Latency):May increase, but not direct as storage.

Option D (Durability):Unaffected by confidentiality.

“Higher confidentiality in PASIS, through encryption, directly increases storage needs due to additional data overhead” (Module: Survivable Storage Systems, Section: PASIS Trade-offs).

Time Machine is a built-in backup feature of macOS that allows users to automatically back up their entire system, including applications, system files, and personal data, to an external drive or network location. It enables users to restore their Mac to a previous state, such as before a problematic update, by selecting a specific backup point. In this scenario, Jack needs to revert his MacBook to the previous OS version due to issues with the beta update. Time Machine is the appropriate tool because it provides a user-friendly way to restore the system to a prior working state.

Option A (Time Shift):This is not a recognized feature in macOS. It seems to be a fictional or misnamed option.

Option B (Image Recovery):While image recovery refers to restoring a system from a disk image, it’s not a specific macOS feature and is less user-friendly than Time Machine for this purpose.

Option C (Snapshots):Snapshots are point-in-time copies of data, but in macOS, they are part of Time Machine’s local backup system and not a standalone feature Jack would directly use to restore his OS.

While EDRP focuses on enterprise disaster recovery, it covers backup and restoration tools like Time Machine under personal system recovery concepts, emphasizing the importance of regular backups for system restoration.

SYSVOL (System Volume) is a shared directory in Microsoft Server OS that stores domain public files, such as Group Policy objects and scripts, replicated across domain controllers.

Option A (ADFS):Active Directory Federation Services, unrelated to file storage.

Option C (inetpub):Hosts web server files, not domain-shared files.

Option D (Public Files):Too generic, not a specific directory.

“SYSVOL is a critical directory in Windows domains, replicating shared files across controllers for consistency and accessibility” (Module: Server Management, Section: Domain Operations).

Hardening secures systems (e.g., virtual machines) by disabling unnecessary components like interfaces, ports, and services, reducing attack surfaces.

Option A:Physical security, not VM-specific.

Option B (Defense-in-Depth):A layered strategy, not specific to disabling components.

Option C:Separates security functions, not about disabling.

“Hardening enhances VM security by disabling unused interfaces, ports, and services, minimizing vulnerabilities” (Module: Virtualization and Recovery, Section: Security Practices).

A Differential Backup captures all files changed or added since the last full backup, growing with each run, as described.

Option B (Full System Backup):Copies all data, not just changes.

Option C (Incremental Backup):Changes since the last backup (any type), not full.

Option D (Online Data Backup):Delivery method, not a type.

“Differential Backup targets files modified since the last full backup, providing a cumulative change set for recovery” (Module: Data Backup and Recovery, Section: Backup Types).

Colocation facilities provide shared infrastructure like cooling, power, and space (economic advantages) and support backups, but “recovery of servers” is not an inherent advantage—they don’t actively recover servers; that’s the tenant’s responsibility.

Option B (Backup):Supported via infrastructure for backup systems.

Option C (Cooling):A key feature of colocation.

Option D (Economic Advantages):Cost-sharing reduces expenses.

EDRP v3 notes colocation benefits like cooling and cost savings but excludes active server recovery as a facility-provided service (Module: Alternate Sites).

Managed Disaster Recovery (MDR) involves third-party services handling backups and offsite replication, providing a comprehensive solution for data protection and recovery. This fits the description of outsourcing backup and replication to an external provider.

Option A (Continuous Data Protection):Real-time backup technology, not inherently third-party or offsite-focused.

Option C (Tape Vaulting):Offsite tape storage, but not replication-focused and typically manual, not managed.

Option D (Disk Shadowing):A form of mirroring, not third-party or offsite by definition.

“Managed Disaster Recovery leverages third-party expertise for offsite replication and backups, ensuring robust data protection with minimal internal overhead” (Module: Disaster Recovery Strategies, Section: Managed Services).

Crisis Management involves strategies to handle sudden, significant events (e.g., disasters), focusing on immediate response and mitigation, as described.

Option A (Risk Assessment):Identifies risks, not manages events.

Option B (Application Recovery):Restores applications, not a broad strategy.

Option D (BIA):Analyzes impacts, not event handling.

“Crisis Management applies strategies to address sudden, disruptive events, ensuring organizational stability during emergencies” (Module: Crisis Management, Section: Overview).

Network Attached Storage (NAS) is a centralized storage solution connected to a network, allowing multiple users and devices to access and back up data efficiently. It’s ideal for Tom’s needs across multiple branches, offering centralized storage and simplified backup/recovery processes.

Option A (DAS):Direct Attached Storage is local to a single server, not centralized across a network.

Option C (PAS):This appears to be a typo; no such standard technology exists (possibly meant SAN or similar).

Option D (RAID):Redundant Array of Independent Disks enhances reliability but isn’t a centralized network solution.

EDRP v3 discusses NAS as a scalable, centralized storage option for backup and recovery in distributed environments (Module: Storage Technologies).

Updating the NIC driver can resolve VMQ issues by improving how the NIC handles virtual machine data queues, addressing slow transmission due to restrictions.

Option A:Storage performance doesn’t directly fix VMQ/NIC issues.

Option B:Bandwidth increase helps but doesn’t target the root VMQ problem.

Option D:Incorrect, as updating the driver is a valid fix.

“Updating NIC drivers resolves VMQ bottlenecks, enhancing data transmission speed between virtual machines by optimizing hardware handling” (Module: Virtualization and Recovery, Section: VM Performance).

Recovery Time Objective (RTO)refers to the amount of time a system, application, or process can be down before it causes significant harm to the business. In this scenario, the betting site determined that if the payment gateway system is down for more than an hour, it would result in substantial financial losses ($100,000) and customer attrition (15% short-term and 25% permanently). The focus on the acceptable downtime before these impacts occur aligns with the definition of RTO. The mention of "two hours" in the question seems to be a slight mismatch with the "more than an hour" in the description, but the context still points to RTO as the best fit, as it defines the target time frame for recovery.

Recovery Point Objective (RPO)refers to the amount of data loss (measured in time) a business can tolerate, not the duration of system downtime.

Maximum Tolerable Period of Disruption (MTPOD)is a broader term that encompasses the total time a business can withstand a disruption, including recovery and other factors, but it is less specific to the immediate system restoration time frame described here.

Work Recovery Time (WRT)is not a widely standardized term in this context and typically relates to the time needed to recover specific work processes, not the system downtime tolerance.

Thus,RTOis the most precise term for the time period the business can tolerate the payment gateway being unavailable.

A Functional Test mobilizes resources to test specific BCP components in a live setting, as Archie did.

Option B (Simulation):Mimics scenarios, not resource mobilization.

Option C (Checklist):Reviews steps, not active testing.

Option D (Orientation):Introduces plan, not resource-based.

“Functional Tests activate resources to validate BCP components, ensuring operational readiness” (Module: Testing Disaster Recovery Plans, Section: Test Types).

Recovery Point Objective (RPO) measures the data loss window, here 13 hours from the last backup (8:00 pm) to the disaster (9:00 am), not recovery time (8 hours). The ‘minus 13 hours’ phrasing is misleading; RPO is the correct term for potential data loss.

Option A (RTO):Time to restore (8 hours), not data loss.

Option B (MAO):Maximum downtime tolerance, not data-specific.

Option D (SPOF):A failure point, unrelated to time.

“RPO defines the time between the last backup and a disaster, indicating potential data loss, critical for planning” (Module: Recovery Metrics, Section: RPO Definition).

Business Continuity Management (BCM) is a comprehensive process that identifies threats, assesses their impacts, and builds resilience through planning and response strategies. It encompasses the entire lifecycle of continuity, protecting stakeholders, reputation, and value, as described.

Option A (BIA):A component of BCM, focusing only on impact assessment.

Option B (Risk Management):Identifies and mitigates risks but lacks BCM’s broad continuity focus.

Option D (Disaster Recovery):Focuses on IT recovery, narrower than BCM.

“Business Continuity Management (BCM) is a holistic approach to identify threats, assess impacts, and ensure resilience and response to protect organizational value and stakeholders” (Module: Business Continuity Management, Section: BCM Overview).

Qualitative Risk Assessment uses descriptive scales (e.g., Very High to Very Low) based on subjective judgment and interaction, as Jonathan did.

Option A (Quantitative):Numeric values, not descriptive.

Option B (Semi-Quantitative):Combines numbers and descriptions, not purely qualitative.

Option C (Semi-Qualitative):Not a standard term, likely a typo.

“Qualitative Risk Assessment ranks risks using descriptive categories like ‘Very High’ to ‘Very Low’ based on observation and input” (Module: Risk Management, Section: Assessment Methods).

An IIS Server (Internet Information Services) hosts websites on Windows, so corrupted hosting files indicate Fred needs to restore this server.

Option A (Application):Runs apps, not web hosting-specific.

Option C (Database):Stores data, not hosting files.

Option D (Catalog):Not a standard web hosting server.

“IIS Servers host web content; restoring them resolves issues with corrupted hosting files to restore site access” (Module: Server Management, Section: Web Server Recovery).

NFPA 1600 (National Fire Protection Association Standard on Disaster/Emergency Management and Business Continuity Programs) is a widely recognized standard that provides a comprehensiveframework for managing disasters and ensuring business continuity. It covers all phases—prevention, mitigation, preparedness, response, continuity, and recovery—and defines disasters explicitly.

Option B (ISO 27005):This is an information security risk management standard, not specific to disaster or business continuity programs.

Option C (INCITS 483-2012):This standard relates to virtualization security, not disaster management or business continuity.

Option D (ISO 27031):This focuses on ICT readiness for business continuity, a narrower scope than NFPA 1600.

EDRP v3 references NFPA 1600 as a key standard for disaster recovery and business continuity planning, emphasizing its holistic approach (Module: Business Continuity Management).

ISO 27031 focuses on ICT readiness for business continuity, providing methods to enhance IT resilience, as Max and Carl discussed.

Option B (ISO 27005):Risk management, not ICT continuity-specific.

Option C (ISO 22313):General BCM guidance, not ICT-focused.

Option D (INCITS 483-2012):Virtualization security, not continuity.

“ISO 27031 outlines processes to improve ICT readiness, ensuring IT supports business continuity effectively” (Module: Standards and Compliance, Section: ICT Continuity).

A Survivable Storage System is designed to maintain data integrity and access despite failures or attacks, as described (e.g., PASIS architecture).

Option B (Decentralized Computing):Broad computing model, not storage-specific.

Option C (Mirroring):Redundancy technique, not a full system.

Option D (Mainframe):Robust systems, but not survivability-focused.

“Survivable Storage Systems ensure data availability and integrity against failures and attacks across storage and network components” (Module: Survivable Storage Systems, Section: Overview).

The main objective of a Business Continuity (BC) test plan is to ensure the plan’s accuracy and relevance under adverse conditions, validating its effectiveness.

Option A:Secondary, not the primary goal.

Option C:Unplanned events may occur, but not the objective.

Option D:A consideration, not the main purpose.

“The primary objective of a BC test plan is to confirm its accuracy and relevance, ensuring it performs under disaster conditions” (Module: Testing Disaster Recovery Plans, Section: BC Testing Goals).

Grid Computing clusters computers in a distributed, parallel manner to solve large-scale problems, matching the question’s description.

Option A (Decentralized):Broad term, not specific to clustering.

Option C (Cloud Computing):Service-based, not necessarily parallel clustering.

Option D (Centralized):Opposite of distributed.

“Grid Computing leverages distributed, parallel clusters to process tasks collaboratively, enhancing computational resilience” (Module: Computing Models, Section: Grid Computing).

Tier 4 in DR tier models (e.g., SHARE) uses point-in-time copies (e.g., snapshots) for recovery, balancing cost and data loss.

Option B (Tier 5):Adds remote replication, not just point-in-time.

Option C (Tier 0):No backup.

Option D (Tier 6):Near-zero data loss, beyond simple copies.

“Tier 4 employs point-in-time copies to provide reliable recovery with moderate RPO, suitable for many organizations” (Module: Disaster Recovery Tiers, Section: Tier Definitions).

A Hot Site is a fully operational alternate site with duplicated systems and data, running in parallel to the primary site. It allows immediate failover and continuity of operations with minimal downtime, meeting John’s need for near-instant resumption.

Option A (Cold Site):A basic facility with power and space, requiring significant setup time.

Option B (Warm Site):Partially equipped, with some pre-installed systems, but not fully operational in real time.

Option D (Colocation Facilities):Shared data centers, not inherently designed for immediate failover.

“Hot Sites are fully redundant, mirrored environments that operate concurrently with primary sites, ensuring zero to minimal downtime during failover, ideal for critical operations” (Module: Alternate Sites, Section: Site Types).

A Virtual Tape Library (VTL) is a disk-based storage system designed to emulate traditional tape libraries, allowing organizations to use existing tape backup software with faster disk-based storage. It uses HDDs to mimic tape functionality, improving backup and recovery speed.

Option B (Mirroring):Involves duplicating data across drives, not emulating tape.

Option C (Disk-to-Disk):Refers to disk-based backups but not specifically tape emulation.

Option D (Snapshot):A point-in-time copy of data, not a tape-like system.

EDRP v3 covers VTL as a modern backup solution under storage technologies, noting its role in bridging tape and disk systems (Module: Data Backup and Recovery).

Disaster Recovery Management refers to the processes, policies, and procedures an organization uses to restore systems, applications, and data to normal operating conditions after a disruptive event, within a prescribed and acceptable time frame.

Business Continuity Management (BCM)focuses on ensuring the overall continuation of business operations during and after a disruption, which includes but is not limited to IT recovery.

Risk Managementinvolves identifying, assessing, and mitigating risks but does not specifically address the restoration process.

Recovery Managementis a vague term and not a standard industry-specific term for this context.

Offsite Backup stores data at a separate location (e.g., home or bunker) to protect against site-specific disasters, as described.

Option A (Near-line):Intermediate storage, not offsite-specific.

Option B (Onsite):Local, vulnerable to site issues.

Option C (Online):Cloud-based, not necessarily physical offsite.

“Offsite Backup safeguards data at remote locations, from simple offices to secure bunkers, against site-specific disasters” (Module: Data Backup and Recovery, Section: Backup Locations).

Peer-to-Peer (P2P) architecture connects individual computers to share resources and workloads directly, eliminating reliance on a central server. Rick’s solution fits this model by distributing the load across team members’ computers.

Option A (Three Tier):Involves separate layers (e.g., presentation, application, data), not load distribution.

Option B (Client-Server):Relies on a central server, which Rick removed.

Option D (N-Tier):A multi-layered architecture, not applicable here.

“Peer-to-Peer architecture decentralizes processing, leveraging interconnected nodes to balance loads, useful in resource-constrained environments” (Module: Network Architectures, Section: Decentralized Systems).

Overall Program Governance in a BCP audit evaluates the plan’s alignment with resilience and continuity goals, including funding adequacy, ensuring it supports organizational objectives effectively.

Option A (Ongoing Program Management):Focuses on day-to-day execution, not funding review.

Option C (Management of Process Changes):Tracks updates, not resilience or funding.

Option D (Overall Testing of the Plan):Validates functionality, not governance.

“Overall Program Governance assesses BCP effectiveness, resilience promotion, and funding balance to ensure sustainable continuity” (Module: Business Continuity Planning, Section: BCP Audit Phases).

Bootrec /RebuildBCD repairs the Boot Configuration Data (BCD) store, fixing boot manager corruption, as Matt needs for Windows Server 2012.

Option A (sfc /scannow):Scans system files, not boot-specific.

Option B (ntdsutil):Active Directory tool, not boot repair.

Option D (repadmin):Replication diagnostics, not boot-related.

“Bootrec /RebuildBCD in Windows recovery rebuilds the BCD store, resolving boot manager issues post-update” (Module: System Recovery, Section: Windows Recovery Commands).

High Availability (HA) ensures continuous operation by automatically switching to backup components (like virtual memory) during a failure, minimizing downtime, as in ABC Inc.’s case.

Option A (Deduplication):Removes redundant data, not a failover feature.

Option C (Fault Tolerance):Prevents failure impact but typically implies no interruption, not a switch.

Option D (Mirroring):Duplicates data, a component of HA, but not the full feature.

“High Availability maintains operations through automatic failover to backup resources, ensuring business continuity during component failures” (Module: System Resilience, Section: Availability Features).

Snapshot Replication copies the entire dataset (or changes) at a specific point in time to a replica, ideal for infrequent updates like ABC Inc.’s annual database refresh. It’s simple and suits low-frequency synchronization.

Option A (Merge Replication):Combines changes from multiple sources, complex for this case.

Option B (Transactional Replication):Tracks incremental changes in real time, overkill here.

Option C (SQL Server Replication):A general category, not a specific method.

“Snapshot Replication provides a point-in-time copy of data, efficient for infrequent updates where full synchronization is needed annually” (Module: Data Replication, Section: Replication Types).

The Protection Technologies Layer in a Recovery Management Model manages tools like replication and backup, ensuring hassle-free system recovery, as described.

Option B (Testing Simulation):Validates plans, not recovery execution.

Option C (Common Management):Coordinates, not tech-specific.

Option D (Analytics):Monitors, not recovery-focused.

“The Protection Technologies Layer controls replication and backup, enabling seamless system recovery post-disaster” (Module: Recovery Processes, Section: Recovery Management Model).

On-Premise Disk-Based Archiving uses local disk systems with tools for access and cataloging, incurring cooling and maintenance costs, as described.

Option A (Optical):Low cost, no cooling needs.

Option C (Legacy):Outdated systems, not specified here.

Option D (Cloud-Based):Offsite, minimal local maintenance costs.

“On-Premise Disk-Based Archiving offers accessible data cataloging with recurring costs for cooling and upkeep” (Module: Data Archiving, Section: Archiving Methods).

An Exchange Server (Microsoft) provides mail and calendar services, managing email, scheduling, and collaboration.

Option A (Application Server):Runs applications, not mail-specific.

Option B (Web Server):Hosts websites, not mail/calendar.

Option D (Domain Controller):Manages network authentication, not mail.

“Exchange Servers deliver email and calendar services, critical for communication continuity in organizations” (Module: Server Management, Section: Server Roles).

Terminal Objectives are the specific milestones or end goals of a training program, ensuring the BC training aim is met.

Option A (Time-Related):Time-focused, not milestones.

Option B (Development):Process-oriented, not end goals.

Option C (Routine):Daily tasks, not training-specific.

“Terminal Objectives define the key milestones to achieve BC training goals, ensuring preparedness aligns with program aims” (Module: Training and Awareness, Section: Training Objectives).

Business Impact Analysis (BIA) identifies critical resources, recovery order, and RTO/RPO, but assessing threat impact is part of risk assessment, not BIA’s primary objective.

Option B/C/D:Core BIA goals.

“BIA focuses on resource identification, recovery prioritization, and RTO/RPO, not direct threat impact assessment, which precedes it” (Module: Business Impact Analysis, Section: BIA Objectives).