Eccouncil 312-76 ExamDisaster Recovery ProfessionalVersion = DemoTotal Questions in Original Product = 108http://www.passcertification.com/312-76.htmlPass CertificationNo1. Test Preparation Resource
PassCertification.com- 312-76 Exam Questions and Answers 1Question: 1Which of the following tools in Helix Windows Live is used to reveal the database passwordof password protected MDB files created using Microsoft Access or with Jet DatabaseEngine?A. Asterisk loggerB. FAUC. Access Pass ViewD. GalletaAnswer: CExplanation:Access Pass View is an application available in Windows Live side of the Helix. Thisapplication is used to reveal the database password of the password-protected MDB files,which are created by Microsoft Access or Jet Database Engine. In Access 2000/XP files, thisutility cannot recover passwords that contains more than 18 characters. Access Pass Viewutility shows only the main database password. It cannot recover the user-level passwords.Answer option A is incorrect. Asterisk logger is used to reveal the passwords stored behindthe asterisks in standard password text box. Asterisk Logger also displays the additionalinformation about the revealed password: The date/time that the password was revealed, thename of the application that contains the revealed password box, and the executable file ofthe application etc. Asterisk Logger also provides option for saving revealed passwords inHTML and text files. Answer option D is incorrect. Galleta is an application, which is used toexamine the contents of the cookie files. Galleta parses the information in a Cookie file andoutput the results in a field delimited manner so that it may be imported into spreadsheetprogram. Galleta is built to work on various platforms and will execute on Windows (throughCygwin), Mac OS X, and Linux. Answer option B is incorrect. Forensic Acquisition Utilities(FAU) is an Incident Response tool, which is used to make image of the systems memoryand any devices attached to the system. FAU contained a modified Windows version of theUnix utility dd that could image not only the hard drives but also memory. With the help ofForensic Acquisition Utilities (FAU), forensic investigators can use the search tools to findtext in the memory image, IP addresses, URLs and passwords.
PassCertification.com- 312-76 Exam Questions and Answers 2Question: 2Mark is the project manager of the HAR Project. The project is scheduled to last for eighteenmonths and six months already passed. Management asks Mark that how often the projectteam is participating in the risk reassessment of this project. What should Mark tellmanagement if he is following the best practices for risk management?A. At every status meeting of the project team, project risk management is an agenda item.B. Project risk management happens at every milestone.C. Project risk management has been concluded with the project planning.D. Project risk management is scheduled for every month in the 18-month project.Answer: AExplanation:Risk management is an ongoing project activity. It should be an agenda item at every projectstatus meeting. Answer option B is incorrect. Milestones are good times to do reviews, butrisk management should happen frequently. Answer option D is incorrect. This answer wouldonly be correct if the project has a status meeting just once per month in the project. Answeroption C is incorrect. Risk management happens throughout the project, as does projectplanning.Question: 3You work as a project manager for TYU project. You are planning for risk mitigation. Youneed to identify the risks that will need a more in-depth analysis. Which of the followingactivities will help you in this?A. Quantitative analysisB. Estimate activity durationC. Risk identificationD. Qualitative analysisAnswer: D
PassCertification.com- 312-76 Exam Questions and Answers 3Explanation:The qualitative analysis of risks identifies the risks that will need a more in-depth analysis.This is the part of the Perform Qualitative Risk Analysis process. Perform Qualitative RiskAnalysis is the process of prioritizing risks for further analysis and action. It combines risksand their probability of occurrences and ranks them accordingly. It enables organizations toimprove the projects performance by focusing on high-priority risks. Perform Qualitative RiskAnalysis is usually a rapid and cost-effective means of establishing priorities for Plan RiskResponses. It also lays the foundation for Perform Quantitative Risk Analysis. Answeroption C is incorrect. Risk identification is performed under the Identify Risk process. Itidentifies which risks may affect the project and documents their characteristics. Answeroption A is incorrect. Perform Quantitative Risk Analysis is the process of numericallyanalyzing the effect of identified risks on overall project objectives. This process generallyfollows the Perform Qualitative Risk Analysis process. It is performed on risks that havebeen prioritized by the Perform Qualitative Risk Analysis process as potentially andsubstantially impacting the projects competing demands. The Perform Quantitative RiskAnalysis should be repeated after Plan Risk Responses, as well as part of Monitor andControl Risks, to determine if the overall project risk has been decreased. Answer option Bis incorrect. The Estimate Activity Duration process is a part of the Planning process group.This process is not involved in in-depth analysis of a risk.Question: 4Della works as a security manager for SoftTech Inc. She is training some of the newlyrecruited personnel in the field of security management. She is giving a tutorial on DRP. Sheexplains that the major goal of a disaster recovery plan is to provide an organized way tomake decisions if a disruptive event occurs and asks for the other objectives of the DRP. Ifyou are among some of the newly recruited personnel in SoftTech Inc, what will be youranswer for her question?Each correct answer represents a part of the solution. Choose three.A. Guarantee the reliability of standby systems through testing and simulation.B. Protect an organization from major computer services failure.C. Minimize the risk to the organization from delays in providing services.D. Maximize the decision-making required by personnel during a disaster.Answer: B, C, and AExplanation:The goals of Disaster Recovery Plan include the following :It protects an organization from major computer services failure.It minimizes the risk to the organization from delays in providing services.It guarantees the reliability of standby systems through testing and simulation.It minimizes decision-making required by personnel during a disaster.
PassCertification.com- 312-76 Exam Questions and Answers 4Question: 5Which of the following BCP teams is the first responder and deals with the immediate effectsof the disaster?A. Emergency management teamB. Damage assessment teamC. Off-site storage teamD. Emergency action teamAnswer: DExplanation:The crucial aim of the emergency action team is to evacuate personnel and secure humanlife. It is the first responder for any disaster and deals with the immediate effects of thedisaster.Answer option A is incorrect. The emergency management team deals with the key decisionmaking and guides recovery teams and business personnel. It also handles financialarrangement, public relations, and media inquiries.Answer option B is incorrect. The damage assessment team assesses the damage of thedisaster in order to provide the estimate of time required to recover.Answer option C is incorrect. The offsite storage team is responsible for obtaining,packaging, and shipping media and records to the recovery facilities.Question: 6Which of the following response teams aims to foster cooperation and coordination inincident prevention, to prompt rapid reaction to incidents, and to promote information sharingamong members and the community at large?A. CERTB. CSIRTC. FedCIRCD. FIRSTAnswer: D
PassCertification.com- 312-76 Exam Questions and Answers 5Explanation:FIRST (Forum of Incident Response and Security Team) aims to foster cooperation andcoordination in incident prevention, to prompt rapid reaction to incidents, and to promoteinformation sharing among members and the community at large.Answer option C is incorrect. FedCIRC establishes a collaborative partnership of computerincident response, security and law enforcement professionals who work together to handlecomputer security incidents and to provide both proactive and reactive security services forthe U.S. Federal government.Answer option A is incorrect. CERT aims to alert the Internet community to vulnerabilitiesand attacks and to conduct research and training in the areas of computer security, includingincident response.Answer option B is incorrect. The entire potential, suspected, or known information securityincidents are reported to a Computer Security and Incident Response Team (CSIRT).Question: 7You are responsible for network and information security at a large hospital. It is a significantconcern that any change to any patient record can be easily traced back to the person whomade that change. What is this called?A. AvailabilityB. Non repudiationC. ConfidentialityD. Data ProtectionAnswer: BExplanation:Non repudiation refers to mechanisms that prevent a party from falsely denying involvementin some data transaction.Answer options A and C are incorrect. Availability and Confidentiality are part of the CIATriangle (Confidentiality, Integrity, and Availability). In this scenario, it is Integrity that is ofmost concern, not availability or confidentiality.Answer option D is incorrect. Data Protection is not a valid information security term.
PassCertification.com- 312-76 Exam Questions and Answers 6Question: 8Which of the following types of attacks occurs when an attacker successfully inserts anintermediary software or program between two communicating hosts?A. Password guessing attackB. Dictionary attackC. Man-in-the-middle attackD. Denial-of-service attackAnswer: CExplanation:When an attacker successfully inserts an intermediary software or program between twocommunicating hosts, it is known as man-in-the-middle attack.Answer option D is incorrect. A denial-of-service (DoS) attack is mounted with the objectiveof causing a negative impact on the performance of a computer or network. It is also knownas network saturation attack or bandwidth consumption attack. Attackers make denial-of-service attacks by sending a large number of protocol packets to a network. A DoS attackcan cause the following to occur:Saturate network resources. This causes a server to slow down or stop.Disrupt connections between two computers, thereby preventing communications betweenservices.Disrupt services to a specific computer.Answer option A is incorrect. A password guessing attack occurs when an unauthorized usertries to log on repeatedly to a computer or network by guessing usernames and passwords.Many password guessing programs that attempt to break passwords are available on theInternet. Following are the types of password guessing attacks:Brute force attackDictionary attackAnswer option B is incorrect. Dictionary attack is a type of password guessing attack. Thistype of attack uses a dictionary of common words to find out the password of a user. It canalso use common words in either upper or lower case to find a password. There are manyprograms available on the Internet to automate and execute dictionary attacks.
PassCertification.com- 312-76 Exam Questions and Answers 7Question: 9Which of the following statements best describes the difference between the role of a dataowner and the role of a data custodian?A. The custodian makes the initial information classification assignments and the operationsmanager implements the scheme.B. The custodian implements the information classification scheme after the initialassignment by the operations manager.C. The data custodian implements the information classification scheme after the initialassignment by the data owner.D. The data owner implements the information classification scheme after the initialassignment by the custodian.Answer: CExplanation:The data owner is responsible for the following:1.Ensuring that the appropriate security controls are in place2.Assigning the initial classification to the data to be protected3.Approving access requests from other parts of the organization4.Periodically reviewing the data classifications and access rightsThe data owners are mainly responsible for determining the data sensitivity or classificationlevels. Whereas, the data custodian has the responsibility for backup, retention, andrecovery of data. The data owner delegates these responsibilities to the custodian.Answer options D, B, and A are incorrect. These are invalid answers.Question: 10Which of the following cryptographic system services assures the receiver that the receivedmessage has not been altered?A. AuthenticationB. ConfidentialityC. Non-repudiationD. IntegrityAnswer: D
PassCertification.com- 312-76 Exam Questions and Answers 8Explanation:The integrity service of a cryptographic system assures the receiver that the receivedmessage has not been altered.Answer option A is incorrect. The authentication service of a cryptographic system proves ausers identity.Answer option C is incorrect. The non-repudiation service of a cryptographic system provesthat the sender really sent this message.Answer option B is incorrect. The confidentiality service of a cryptographic system ensuresthat the information will not be disclosed to any unauthorized person on a local network.
PassCertification.com- 312-76 Exam Questions and Answers 9Eccouncil 312-76 ExamDisaster Recovery ProfessionalVersion = DemoTotal Questions in Original Product = 108http://www.passcertification.com/312-76.htmlPass CertificationNo1. Test Preparation Resource