ECCouncil 312-76Disaster Recover Professional Practice Exam Set 8

Which of the following documents helps disaster recovery team members in getting the alternate sites up and running?


Options are :

  • Technical guide (Correct)
  • Department-specific plan
  • Checklist
  • Executive summary

Answer : Technical guide

Which of the following DRP tests is plan distributed, and reviewed by the business units for its thoroughness and effectiveness?


Options are :

  • Walk-through drill
  • Checklist review (Correct)
  • Functional drill
  • Parallel test

Answer : Checklist review

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 2

Which of the following TCB components is a hardware, firmware, and software element that implements the reference monitor concept?


Options are :

  • Security Kerne (Correct)
  • Trusted path
  • Security perimeter
  • Trusted computer system

Answer : Security Kerne

Which of the following ensures that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level Agreement (SLA)?


Options are :

  • The Service Level Manager
  • The IT Security Manager (Correct)
  • The Configuration Manager
  • The IT Security Manager

Answer : The IT Security Manager

You are analyzing accounting information of a company. Which of the following components of configuration management should you use that involves periodic checks to determine the consistency and completeness of accounting information, and to verify that all configuration management policies are being followed?


Options are :

  • Configuration status accounting
  • Configuration identification
  • Configuration control
  • Configuration auditing (Correct)

Answer : Configuration auditing

ECCouncil 412-79v8 Certified Security Analyst (ECSA) Exam Set 3

In which of the following prototyping, a prototype of a system is built and then evolves into the final system?


Options are :

  • Throw-away prototyping
  • Incremental prototyping
  • Evolutionary prototyping (Correct)
  • Project prototyping

Answer : Evolutionary prototyping

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?


Options are :

  • Preparation (Correct)
  • Containment
  • Identification
  • Eradication

Answer : Preparation

Which of the following is a compromise between hot and cold sites?


Options are :

  • Reciprocal site
  • Warm site (Correct)
  • Mutual site
  • Mobile site

Answer : Warm site

ECCouncil 312-49v8 Computer Hacking Investigator Exam Set 5

Which of the following values specifies the acceptable latency of data that will be recovered?


Options are :

  • Recovery Target Objective
  • Recovery Point Objective (Correct)
  • Recovery Time Objective
  • Recovery Plan Objective

Answer : Recovery Point Objective

Which of the following terms best describes the presence of any potential event that causes an undesirable impact on the organization?


Options are :

  • Asset
  • Threat (Correct)
  • Risk
  • Vulnerability

Answer : Threat

In which of the following prototyping, a version of the system is built to check the requirements and is then discarded?


Options are :

  • Evolutionary prototyping
  • Throw-away prototyping (Correct)
  • Incremental prototyping
  • Project prototyping

Answer : Throw-away prototyping

ECCouncil 312-50 Certified Ethical Hacker Practice Test Set 6

Which of the following measurements of a disaster recovery plan are aimed at detecting unwanted events?


Options are :

  • Preventive measures
  • Detective measures (Correct)
  • Supportive measures
  • Corrective measures

Answer : Detective measures

Which of the following strategies is used to minimize the effects of a disruptive event on a company, and is created to prevent interruptions to normal business activity?


Options are :

  • Continuity of Operations Plan
  • Business Continuity Plan (Correct)
  • Disaster Recovery Plan
  • Contingency Plan

Answer : Business Continuity Plan

ECCouncil 412-79v8 Certified Security Analyst (ECSA) Exam Set 5

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • System development and maintenance (Correct)
  • Information security policy for the organization (Correct)
  • Business continuity management (Correct)
  • Personnel security (Correct)
  • System architecture management

Answer : System development and maintenance Information security policy for the organization Business continuity management Personnel security

Which of the following techniques is an encryption method that uses public-key encryption to encrypt and digitally sign e-mail messages during communication between e-mail clients?


Options are :

  • PGP (Correct)
  • IDEA
  • DES
  • AES

Answer : PGP

Which of the following measurements of a disaster recovery plan are aimed at avoiding an event from occurring?


Options are :

  • Detective measures
  • Preventive measures (Correct)
  • Supportive measures
  • Corrective measures

Answer : Preventive measures

ECCouncil ECSS Certified Security Specialist Practice Exam Set 6

Organizations must assess the safety of their workplaces and consider the ability of a business to continue despite risk impact. When assessing business continuity risks, the HR Professional must consider several different types of disasters, their probability, and impact on an organization. What category of disaster is best described as acts of terrorism, major thefts, sabotage, or labor disputes?


Options are :

  • System failures
  • Organized or deliberate disruptions (Correct)
  • Serious information security incidents
  • Environmental disasters

Answer : Organized or deliberate disruptions

Availability Management deals with the day-to-day availability of services. Which of the following takes over when a 'disaster' situation occurs?


Options are :

  • Service Continuity Management (Correct)
  • Capacity Management
  • Service Level Management
  • Service Reporting

Answer : Service Continuity Management

Which of the following governance bodies provides management, operational, and technical controls to satisfy the security requirements?


Options are :

  • Information Security Steering Committee
  • Senior Management (Correct)
  • Business Unit Manager
  • Chief Information Security Officer

Answer : Senior Management

ECCouncil ECSS Certified Security Specialist Practice Exam Set 3

Which of the following procedures can be broadly defined as the plan for the exchange of information before, during, or after a crisis event?


Options are :

  • Disaster Recovery Plan
  • Crisis Communication Plan (Correct)
  • Occupant Emergency Plan
  • Cyber Incident Response Plan

Answer : Crisis Communication Plan

Which of the following cryptographic system services proves a user's identity?


Options are :

  • Confidentiality
  • Non-repudiation
  • Authentication (Correct)
  • Integrity

Answer : Authentication

You are working as a Project Manager in your organization. You are nearing the final stages of project execution, and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?


Options are :

  • Risk audits
  • Qualitative risk analysis
  • Requested changes (Correct)
  • Quantitative risk analysis

Answer : Requested changes

ECCouncil 412-79 Certified Security Analyst (ECSA) Exam Set 5

Which of the following processes identifies the threats that can impact the business continuity of operations?


Options are :

  • Requirement analysis
  • Risk analysis
  • Function analysis
  • Business impact analysis (Correct)

Answer : Business impact analysis

Which of the following refers to the ability to ensure that the data is not modified or tampered with?


Options are :

  • Confidentiality
  • Availability
  • Integrity (Correct)
  • Non-repudiation

Answer : Integrity

Which of the following statements is related to residual risks?


Options are :

  • It is the probabilistic risk after implementing all security measures. (Correct)
  • It is a weakness or lack of safeguard that can be exploited by a threat.
  • It is the probabilistic risk before implementing all security measures.
  • It can be considered as an indicator of threats coupled with vulnerability

Answer : It is the probabilistic risk after implementing all security measures.

ECCouncil 712-50 Certified CISO (CCISO) Practice Exam Set 5

Software Development Life Cycle (SDLC) is a logical process used by the programmers to develop software. Which SDLC phase meets the following audit objectives?


Options are :

  • Evaluation and acceptance (Correct)
  • Definition
  • Initiation
  • Programming and training

Answer : Evaluation and acceptance

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?


Options are :

  • Structured walk-through test
  • Full-interruption test
  • Simulation test (Correct)
  • Parallel test

Answer : Simulation test

You are the project manager for a construction project. The project involves casting of a column in a very narrow space. Because of the lack of space, casting is highly dangerous. High technical skill will be required for casting that column. You decide to hire a local expert team for casting that column. Which of the following types of risk response are you following?


Options are :

  • Acceptance
  • Transference (Correct)
  • Avoidance
  • Mitigation

Answer : Transference

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 2

John, a novice web user, makes a new e-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply


Options are :

  • Rule based attack
  • Brute Force attack (Correct)
  • Hybrid attack (Correct)
  • Dictionary attack (Correct)

Answer : Brute Force attack Hybrid attack Dictionary attack

Which of the following phases involves getting the final senior management signoff and creating enterprise-wide awareness of the plan?


Options are :

  • Business Impact Assessment
  • Scope and Plan Initiation
  • Business Continuity Plan Development
  • Plan Approval and Implementation (Correct)

Answer : Plan Approval and Implementation

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions