312-76 Sample Questions Answers

A Synthetic Backup combines a full backup with subsequent incremental backups to create an updated full backup, as described.

Option A (Incremental):Only changes, not combined with full.

Option B (Differential):Changes since last full, not synthesized.

Option D (Incremental Forever):Continuous incrementals, not full synthesis.

“Synthetic Backup merges a full backup with incrementals, creating an efficient, updated full copy for recovery” (Module: Data Backup and Recovery, Section: Backup Techniques).

Crisis Management involves strategies to handle sudden, significant events (e.g., disasters), focusing on immediate response and mitigation, as described.

Option A (Risk Assessment):Identifies risks, not manages events.

Option B (Application Recovery):Restores applications, not a broad strategy.

Option D (BIA):Analyzes impacts, not event handling.

“Crisis Management applies strategies to address sudden, disruptive events, ensuring organizational stability during emergencies” (Module: Crisis Management, Section: Overview).

An Exchange Server (Microsoft) provides mail and calendar services, managing email, scheduling, and collaboration.

Option A (Application Server):Runs applications, not mail-specific.

Option B (Web Server):Hosts websites, not mail/calendar.

Option D (Domain Controller):Manages network authentication, not mail.

“Exchange Servers deliver email and calendar services, critical for communication continuity in organizations” (Module: Server Management, Section: Server Roles).

The Review Phase of scenario training occurs after execution and involves a debrief with participants to gather feedback, assess performance, and identify improvements. This aligns with the question’s focus on obtaining feedback post-training.

Option A (Execution Phase):The active running of the scenario, no debrief yet.

Option C (Warning Phase):Not a standard phase; implies pre-event alerts.

Option D (Planning Phase):Prepares the scenario, not for feedback collection.

“The Review Phase follows scenario execution, involving a debrief to collect participant feedback and refine the training process” (Module: Training and Awareness, Section: Training Phases).

Network Attached Storage (NAS) is a centralized storage solution connected to a network, allowing multiple users and devices to access and back up data efficiently. It’s ideal for Tom’s needs across multiple branches, offering centralized storage and simplified backup/recovery processes.

Option A (DAS):Direct Attached Storage is local to a single server, not centralized across a network.

Option C (PAS):This appears to be a typo; no such standard technology exists (possibly meant SAN or similar).

Option D (RAID):Redundant Array of Independent Disks enhances reliability but isn’t a centralized network solution.

EDRP v3 discusses NAS as a scalable, centralized storage option for backup and recovery in distributed environments (Module: Storage Technologies).

Risk Valuation assesses risk likelihood and impact (e.g., failure percentages), as Remy did by evaluating fire safety’s effect on investment risk.

Option A (RORAC):Financial return metric, not risk evaluation.

Option B (Value at Risk):Quantifies loss potential, not likelihood shift.

Option C (RAROC):Adjusts returns for risk, not direct evaluation.

“Risk Valuation estimates the probability and impact of risks, such as facility vulnerabilities, to inform investment decisions” (Module: Risk Management, Section: Risk Evaluation Methods).

Time scales for assessment are a critical BIA consideration, defining the period over which impacts are evaluated (e.g., hours, days).

Option A/B/D:Mitigation strategies, not BIA components.

“BIA requires defining time scales for assessing disruption impacts, ensuring accurate prioritization of processes” (Module: Business Impact Analysis, Section: BIA Methodology).

A Mobile Recovery Center is a portable, transportable unit that can be deployed anywhere as a temporary operating environment post-disaster.

Option B (Crisis Command):Centralized coordination, not mobile.

Option C (Cold Site):Fixed, basic facility.

Option D (Colocation):Shared fixed data center.

“Mobile Recovery Centers provide a movable operating environment, deployable on transportable units for flexible recovery” (Module: Alternate Sites, Section: Mobile Solutions).

Server Clustering connects multiple servers into a unified resource, improving scalability and protecting against failures, as Jack implemented.

Option A (Mirroring):Data duplication, not scalability-focused.

Option B (Deduplication):Storage optimization, not clustering.

Option C (Failover):Backup switching, not unified resource.

“Server Clustering unifies computing resources, enhancing scalability and resilience against application and site failures” (Module: Clustering Technologies, Section: Clustering Benefits).

A Threat is any circumstance or event with the potential to disrupt operations or degrade assets, as described.

Option A (Impact):Result of a threat, not the cause.

Option B (Vulnerability):Weakness exploited by threats.

Option C (Hazard):Natural danger, narrower than “threat.”

“A Threat is any potential event that can disrupt operations or assets, requiring identification for effective DR planning” (Module: Risk Management, Section: Threat Definitions).

Failover automatically switches to a secondary server when the primary fails, requiring constant coordination, meeting the hospital’s zero-downtime need.

Option A (Replication):Copies data, not automatic switchover.

Option C (Deduplication):Reduces redundancy, not failover.

Option D (Point in Time):Restores to a point, not real-time switch.

“Failover ensures immediate switch to a secondary server, maintaining operations with no downtime via constant synchronization” (Module: System Resilience, Section: Failover Solutions).

Durability in PASIS (Pittsburgh Advanced Survivable Information Storage) ensures data remains recoverable despite node failures, using redundancy and encoding, enabling James to retrieve data post-earthquake.

Option B (Availability):Ensures access, not recovery after loss.

Option C (Reaction):Not a PASIS feature.

Option D (Integrity):Ensures data accuracy, not recovery.

“Durability in PASIS architecture guarantees data recovery from failed nodes through redundancy and encoding, enhancing survivability” (Module: Survivable Storage Systems, Section: PASIS Features).

Grid Computing clusters computers in a distributed, parallel manner to solve large-scale problems, matching the question’s description.

Option A (Decentralized):Broad term, not specific to clustering.

Option C (Cloud Computing):Service-based, not necessarily parallel clustering.

Option D (Centralized):Opposite of distributed.

“Grid Computing leverages distributed, parallel clusters to process tasks collaboratively, enhancing computational resilience” (Module: Computing Models, Section: Grid Computing).

Deduplication eliminates redundant data copies, reducing storage and bandwidth usage while minimizing data leak risks by centralizing control. It’s ideal for this scenario where multiple individual backups exist.

Option A (Data Erasure):Deletes data, not a solution for redundancy.

Option B (Data Remanence):Refers to residual data, not a fix here.

Option C (Failover):Switches to a backup system, unrelated to data management.

EDRP v3 highlights deduplication as a storage optimization technique to enhance efficiency and security (Module: Data Backup and Recovery).

Continuous Data Protection (CDP) is a technology that continuously captures and saves data changes in real time or near real time, allowing for granular restore points. Unlike traditional backups that occur at scheduled intervals, CDP tracks every change to data, enabling recovery to any point in time before a failure. In this context, CDP is the best fit as it facilitates real-time data capture and recovery.

Option B (Mirroring):Mirroring duplicates data across two or more storage devices for redundancy but doesn’t inherently capture real-time changes for multiple restore points.

Option C (Virtual Tape Library):A VTL emulates tape storage using disk-based systems, primarily for backup, not real-time change capture.

Option D (Disk-to-Disk):D2D refers to backing up data from one disk to another, typically at scheduled intervals, not in real time.

EDRP v3 discusses CDP as an advanced backup technology under data protection strategies, highlighting its role in minimizing data loss by providing continuous recovery points (Module: Data Backup and Recovery).

Load Balancing distributes web traffic across multiple servers (Zoe’s three) to optimize performance and prevent overload, as described.

Option A (Point in Time Recovery):Restores data, not traffic management.

Option C (Clustering):Groups servers for redundancy, not load distribution alone.

Option D (High-Availability):Ensures uptime, not necessarily load balancing.

“Load Balancing evenly distributes traffic across servers, enhancing efficiency and preventing crashes under high demand” (Module: System Resilience, Section: Traffic Management).

Overall Program Governance in a BCP audit evaluates the plan’s alignment with resilience and continuity goals, including funding adequacy, ensuring it supports organizational objectives effectively.

Option A (Ongoing Program Management):Focuses on day-to-day execution, not funding review.

Option C (Management of Process Changes):Tracks updates, not resilience or funding.

Option D (Overall Testing of the Plan):Validates functionality, not governance.

“Overall Program Governance assesses BCP effectiveness, resilience promotion, and funding balance to ensure sustainable continuity” (Module: Business Continuity Planning, Section: BCP Audit Phases).

Cloud Backup provides encrypted, secure data storage accessible anytime, anywhere via the internet, meeting the company’s needs.

Option A (Offsite):Offsite, but not necessarily accessible or encrypted by default.

Option C (Onsite):Local, not location-independent.

Option D (Hot Site):Recovery site, not a backup method.

“Cloud Backup ensures data security with encryption and offers ubiquitous access, ideal for flexible recovery needs” (Module: Data Backup and Recovery, Section: Cloud-Based Solutions).

The Data Protection Continuum is a conceptual framework (often depicted graphically) that illustrates various data protection tools and services, balancing their costs against recovery time objectives (RTO). It helps organizations choose appropriate strategies, from basic backups to advanced replication, based on cost and recovery speed.

Option A (3DR):Likely a typo or unrelated term; not a standard concept.

Option B (Continuous Data Protection):A specific technology, not a broad representation.

Option D (Data Backup):A general process, not a graphical framework.

“The Data Protection Continuum provides a visual model to evaluate data protection options, aligning tools like snapshots, CDP, and replication with cost and RTO requirements, aiding strategic decision-making” (Module: Data Protection Strategies, Section: Protection Frameworks).

The Disaster Management Executive Committee oversees high-level planning, research, development, and implementation of the disaster recovery plan across the organization, fitting the described role.

Option A:General team, not specific to development/implementation.

Option C:Chairpersons lead, not execute development.

Option D:Coordinators manage execution, not full development.

“The Disaster Management Executive Committee directs research, development, and organization-wide implementation of the DR plan” (Module: Disaster Recovery Teams, Section: Team Roles).

A centralized governance structure for Business Continuity and Risk Management typically includes Programs and Practices (strategies and processes), Enablement (resources and support), and Effectiveness (measuring outcomes). Authenticity, while important in security, is not a standard governance component.

Option A:Core to defining continuity practices.

Option B:Ensures implementation support.

Option C:Evaluates governance success.

“Centralized governance includes Programs and Practices, Enablement, and Effectiveness to ensure robust continuity; Authenticity is not a structural component” (Module: Governance Structures, Section: BC Governance).

Recovery Time Objective (RTO)refers to the amount of time a system, application, or process can be down before it causes significant harm to the business. In this scenario, the betting site determined that if the payment gateway system is down for more than an hour, it would result in substantial financial losses ($100,000) and customer attrition (15% short-term and 25% permanently). The focus on the acceptable downtime before these impacts occur aligns with the definition of RTO. The mention of "two hours" in the question seems to be a slight mismatch with the "more than an hour" in the description, but the context still points to RTO as the best fit, as it defines the target time frame for recovery.

Recovery Point Objective (RPO)refers to the amount of data loss (measured in time) a business can tolerate, not the duration of system downtime.

Maximum Tolerable Period of Disruption (MTPOD)is a broader term that encompasses the total time a business can withstand a disruption, including recovery and other factors, but it is less specific to the immediate system restoration time frame described here.

Work Recovery Time (WRT)is not a widely standardized term in this context and typically relates to the time needed to recover specific work processes, not the system downtime tolerance.

Thus,RTOis the most precise term for the time period the business can tolerate the payment gateway being unavailable.

Tier 6 in DR tier models (e.g., SHARE) provides automated recovery of data and applications with near-zero downtime and data loss, fitting Phil’s scenario.

Option A (Tier 4):Point-in-time copies, less automated.

Option B (Tier 7):Fully mirrored, zero loss, more than needed here.

Option D (Tier 2):Basic offsite backup, not automated.

“Tier 6 offers automated recovery of data and applications, minimizing manual intervention and downtime” (Module: Disaster Recovery Tiers, Section: Tier Definitions).

A Storage Area Network (SAN) is a dedicated high-speed network that separates storage devices from servers and user networks, providing centralized block-level storage access.

Option A (NAS):Network Attached Storage uses the user network, not a dedicated one.

Option B (SCSI):Small Computer System Interface, a protocol, not a network (likely a typo for SAS).

Option D (SAS):Serial Attached SCSI, a drive interface, not a network.

“SANs provide a dedicated storage network, isolating storage from server and user traffic for efficiency and security” (Module: Storage Technologies, Section: SAN Overview).

Colocation Facilities involve renting space and infrastructure (e.g., cooling, power) in a shared data center, offering a cost-effective backup site solution, as Jack chose.

Option A (Hot Sites):Fully operational, expensive, not cost-focused.

Option B (Cold Sites):Basic space, no pre-installed infrastructure like cooling.

Option C (Warm Sites):Partially equipped, more costly than colocation.

“Colocation Facilities provide cost-efficient backup by renting shared data center resources, including cooling and security, ideal for budget-conscious organizations” (Module: Alternate Sites, Section: Site Types).

SYSVOL (System Volume) is a shared directory in Microsoft Server OS that stores domain public files, such as Group Policy objects and scripts, replicated across domain controllers.

Option A (ADFS):Active Directory Federation Services, unrelated to file storage.

Option C (inetpub):Hosts web server files, not domain-shared files.

Option D (Public Files):Too generic, not a specific directory.

“SYSVOL is a critical directory in Windows domains, replicating shared files across controllers for consistency and accessibility” (Module: Server Management, Section: Domain Operations).

Three-tier architecture in decentralized computing consists of Client (presentation), Application Server (logic), and Database Server (data), as standard layers.

Option A/B/C:Include unrelated or incorrect terms (e.g., Peer-to-Peer).

“Three-tier architecture comprises Client, Application Server, and Database Server, decentralizing functions for scalability” (Module: Network Architectures, Section: Tiered Architectures).

An Incremental Backup only backs up files changed or added since the last backup (full or incremental), making it faster and less disruptive, ideal for Alan’s daily, small-volume needs.

Option B (Differential Backup):Backs up all changes since the last full backup, growing larger and slower over time.

Option C (Full System Backup):Copies everything, time-consuming and unnecessary here.

Option D (Online Data Backup):A method, not a type; could be any backup, but not specific.

“Incremental Backups minimize downtime by capturing only changes since the last backup, suitable for frequent, low-volume data updates” (Module: Data Backup and Recovery, Section: Backup Types).

A Hot Backup occurs while systems are online and active, suitable for Matt’s real-time, no-downtime requirement.

Option A (Incremental):Fast but not inherently downtime-free.

Option B (Cold Backup):Requires downtime, offline systems.

Option D (Online Data Backup):Similar, but less specific than “Hot Backup.”

“Hot Backups enable data protection without downtime, critical for real-time systems like financial platforms” (Module: Data Backup and Recovery, Section: Backup Techniques).

A Simulation Test mimics a specific disaster scenario to evaluate the BCP’s effectiveness, as Roger did.

Option B (Orientation):Introduces the plan, not scenario-based.

Option C (Checklist):Reviews steps, not a simulation.

Option D (Tabletop):Discussion-based, not a live simulation.

“Simulation Tests replicate disaster scenarios to assess BCP response, testing procedures in a controlled environment” (Module: Testing Disaster Recovery Plans, Section: Test Types).

System Recovery is the process of restoring a system’s applications and data to a previous state within an acceptable timeframe, as described.

Option A (System Migration):Moving systems, not restoring.

Option B (System Backup):Creating copies, not restoration.

Option C (System Replication):Duplicating data, not recovery.

“System Recovery restores applications and data to a prior state within defined timeframes, ensuring operational continuity post-disaster” (Module: System Recovery, Section: Recovery Processes).

Virtualization creates multiple logical servers on one physical server, as Matt did to maximize resources.

Option A (Mirroring):Data duplication, not server creation.

Option C (Deduplication):Reduces redundancy, not server-related.

Option D (Snapshot):Point-in-time copies, not logical servers.

“Virtualization enables multiple logical servers on a single physical host, optimizing resource use for cost-effective operations” (Module: Virtualization and Recovery, Section: Virtualization Basics).

Managed Disaster Recovery (MDR) involves third-party services handling backups and offsite replication, providing a comprehensive solution for data protection and recovery. This fits the description of outsourcing backup and replication to an external provider.

Option A (Continuous Data Protection):Real-time backup technology, not inherently third-party or offsite-focused.

Option C (Tape Vaulting):Offsite tape storage, but not replication-focused and typically manual, not managed.

Option D (Disk Shadowing):A form of mirroring, not third-party or offsite by definition.

“Managed Disaster Recovery leverages third-party expertise for offsite replication and backups, ensuring robust data protection with minimal internal overhead” (Module: Disaster Recovery Strategies, Section: Managed Services).

“Resume” refers to restarting or recommencing business operations post-disaster as systems become available, aligning with business continuity goals.

Option A (Return):Too vague, not a specific DR term.

Option C (Reduce):Unrelated to restarting operations.

Option D (Recover):Focuses on data/system restoration, not operational resumption.

EDRP v3 uses “resume” to describe the phase of restoring business functions after recovery (Module: Business Continuity Management).

An IIS Server (Internet Information Services) hosts websites on Windows, so corrupted hosting files indicate Fred needs to restore this server.

Option A (Application):Runs apps, not web hosting-specific.

Option C (Database):Stores data, not hosting files.

Option D (Catalog):Not a standard web hosting server.

“IIS Servers host web content; restoring them resolves issues with corrupted hosting files to restore site access” (Module: Server Management, Section: Web Server Recovery).

Windows Server Backup, accessed via Administrative Tools in Windows Server 2012, enables backup and restoration capabilities for Mike’s file server.

Option A:MMC is a framework, not the direct access point.

Option C/D (Server Migration):For server transitions, not backup.

“Windows Server Backup, launched from Administrative Tools, provides backup and restore functions in Windows Server 2012” (Module: System Recovery, Section: Windows Server Tools).

Simulation Testing mimics a real-life disaster without disrupting operations, testing software, communication, procedures, and personnel in a controlled environment, as Amy did.

Option A (Walkthrough Testing):A tabletop review, not a live simulation.

Option B (Parallel Testing):Runs recovery systems alongside primary ones, not mimicking disasters.

Option C (Full Interruption):Shuts down primary systems, more invasive than described.

“Simulation Testing replicates disaster scenarios to evaluate software, communication, and personnel response without operational disruption” (Module: Testing Disaster Recovery Plans, Section: Test Types).

A Storage Cluster uses mounted file systems to enable multiple servers to read and write data simultaneously to a shared storage pool, as described.

Option B (High-Performance):Focuses on computation, not file systems.

Option C (Failover):Switches to backups, not shared file access.

Option D (High-Availability):Ensures uptime, not necessarily mounted file systems.

“Storage Clusters utilize mounted file systems for concurrent read/write access, ensuring data consistency across nodes” (Module: Clustering Technologies, Section: Cluster Types).

Non-Authoritative Active Directory Restoration is used to restore a domain controller’s Active Directory database from a backup when other domain controllers in the domain are still operational. It allows the restored server to synchronize with the intact servers, updating its directory to the current state. Since Zane’s other servers have intact Active Directories, this method ensures consistency without overwriting domain-wide data.

Option A (Server Migration):Involves moving services to a new server, not restoring AD.

Option B (Data Replication):A general process, not specific to AD restoration.

Option C (Authoritative Restoration):Used when the restored AD data must override others, not applicable here.

“Non-Authoritative Active Directory Restoration recovers a domain controller by leveraging replication from other intact controllers, ensuring domain consistency without forcing changes” (Module: System Recovery, Section: Active Directory Recovery).

Exit Criteria define the conditions for test completion, here 90% pass rate, indicating successful DR plan validation.

Option A (Entry Criteria):Conditions to start testing, not finish.

Option C (STLC):Broad testing process, not specific criteria.

Option D (Suspension):Conditions to pause testing, not success.

“Exit Criteria, such as a 90% pass rate, determine when DR testing is successfully completed, ensuring plan reliability” (Module: Testing Disaster Recovery Plans, Section: Test Criteria).

Return on Risk Adjusted Capital (RORAC) is a financial metric often used to allocate funds for risk mitigation, including emergency reserves like James’ $20,000 for virtual connections. It reflects the return expected after accounting for risk costs.

Option A (RAROC):Similar, but typically broader, not specific to emergency funds.

Option B (RAPM):A management approach, not a fund term.

Option C (RARORAC):A variant, less commonly used in this context.

“RORAC quantifies funds set aside for risk scenarios, such as emergency recovery costs, ensuring financial preparedness aligns with risk exposure” (Module: Risk Management, Section: Financial Metrics).

NFPA 1600 (National Fire Protection Association Standard on Disaster/Emergency Management and Business Continuity Programs) is a widely recognized standard that provides a comprehensiveframework for managing disasters and ensuring business continuity. It covers all phases—prevention, mitigation, preparedness, response, continuity, and recovery—and defines disasters explicitly.

Option B (ISO 27005):This is an information security risk management standard, not specific to disaster or business continuity programs.

Option C (INCITS 483-2012):This standard relates to virtualization security, not disaster management or business continuity.

Option D (ISO 27031):This focuses on ICT readiness for business continuity, a narrower scope than NFPA 1600.

EDRP v3 references NFPA 1600 as a key standard for disaster recovery and business continuity planning, emphasizing its holistic approach (Module: Business Continuity Management).