312-76試験無料問題集（302題）「EC-COUNCIL EC-Council Disaster Recovery Professional (EDRP) 認定」

出題：1

Which of the following cryptographic system services ensures that the information will not be disclosed to any unauthorized person on a local network?

A. Integrity

B. Non-repudiation

C. Confidentiality

D. Authentication

正解：C 解答を投票する

出題：2

Which of the following systems helps to detect the "abuse of privileges" attack that does not actually involve exploiting any security vulnerability?

A. Network-Based ID system

B. Statistical Anomaly-Based ID system

C. Signature-Based ID system

D. Host-Based ID system

正解：B 解答を投票する

出題：3

Which of the following activities includes initiation, development and acquisition, implementation and installation, operational maintenance, and disposal?

A. Risk Management Framework

B. System Development Life Cycle (SDLC)

C. Risk Management Life Cycle

D. Capability Maturity Model (CMM)

正解：B 解答を投票する

出題：4

In which of the following scenarios is database backup transferred to a remote site in a bulk transfer fashion?

A. Remote journaling

B. Emergency response

C. Electronic vaulting

D. Remote mirroring

正解：C 解答を投票する

出題：5

You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?

A. RAID-1

B. RAID-0

C. RAID-5

D. RAID-10

正解：A 解答を投票する

出題：6

Which of the following systems commonly resides on a discrete network segment and monitors the traffic on that network segment?

A. Network-Based ID system

B. Statistical Anomaly-Based ID system

C. Signature-Based ID system

D. Host-Based ID system

正解：A 解答を投票する

出題：7

Which of the following actions can be performed by using the principle of separation of duties?

A. Conducting background investigation

B. Identifying critical positions

C. Reducing the opportunity for fraud

D. Developing job descriptions

正解：C 解答を投票する

出題：8

Which of the following activities includes initiation, development and acquisition, implementation and installation, operational maintenance, and disposal?

A. Risk Management Framework

B. System Development Life Cycle (SDLC)

C. Risk Management Life Cycle

D. Capability Maturity Model (CMM)

正解：B 解答を投票する

出題：9

Which of the following options is an activity of observing the content that appears on a computer monitor or watching what a user is typing?

A. Utility model

B. Patent

C. Copyright

D. Snooping

正解：D 解答を投票する

出題：10

Which of the following is a category of an automated Incident detection process?

A. OODA looping

B. Catastrophe Theory

C. Input detection

D. Control theory

正解：B 解答を投票する

出題：11

Pete works as a Network Security Officer for Gentech Inc. He wants to encrypt his network traffic.
The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will he use to fulfill this requirement?

A. DES

B. PGP

C. IDEA

D. AES

正解：A 解答を投票する

出題：12

Which of the following control measures are considered while creating a disaster recovery plan?
Each correct answer represents a part of the solution. Choose three.

A. Preventive measures

B. Detective measures

C. Corrective measures

D. Supportive measures

正解：A,B,C 解答を投票する

出題：13

Which of the following terms best describes the presence of any potential event that causes an undesirable impact on the organization?

A. Asset

B. Risk

C. Vulnerability

D. Threat

正解：D 解答を投票する

出題：14

Which of the following cryptographic system services assures the receiver that the received message has not been altered?

A. Integrity

B. Non-repudiation

C. Confidentiality

D. Authentication

正解：A 解答を投票する

出題：15

A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated?

A. Security law

B. Copyright law

C. Privacy law

D. Trademark law

正解：C 解答を投票する

出題：16

BS 7799 is an internationally recognized ISM standard that provides high level, conceptual recommendations on enterprise security. BS 7799 is basically divided into three parts. Which of the following statements are true about BS 7799?
Each correct answer represents a complete solution. Choose all that apply.

A. BS 7799 Part 2 was adopted by ISO as ISO/IEC 27001 in November 2005.

B. BS 7799 Part 3 was published in 2005, covering risk analysis and management.

C. BS 7799 Part 1 was adopted by ISO as ISO/IEC 27001 in November 2005.

D. BS 7799 Part 1 was a standard originally published as BS 7799 by the British Standards Institute (BSI) in 1995.

正解：A,B,D 解答を投票する

出題：17

Fill in the blank with the appropriate phrase.
____________ privilege escalation is the process of attempting to access sources with a higher access, such as a user account trying to access admin privileges.

正解：

Vertical

出題：18

Which of the following components in a TCB acts as the boundary that separates the TCB from the remainder of the system?

A. Trusted computer system

B. Security perimeter

C. Trusted path

D. Abstraction

正解：B 解答を投票する

出題：19

Which of the following elements of BCP process includes the areas of plan implementation, plan testing, and ongoing plan maintenance, and also involves defining and documenting the continuity strategy?

A. Scope and plan initiation

B. Plan approval and implementation

C. Business impact assessment

D. Business continuity plan development

正解：D 解答を投票する

出題：20

Which of the following cryptographic system services assures the receiver that the received message has not been altered?

A. Integrity

B. Non-repudiation

C. Confidentiality

D. Authentication

正解：A 解答を投票する

312-76試験無料問題集「EC-COUNCIL EC-Council Disaster Recovery Professional (EDRP) 認定」