WGU C795 EVALUATION EXAM UPDATED QUESTIONS AND
SOLUTIONS RATED A+
✔✔Vulnerability scanning techniques - ✔✔Connect
Discovery
Web
Network
✔✔incremental backup - ✔✔A type of partial backup that involves copying only the data
items that have changed since the last partial backup. This produces a set of
incremental backup files, each containing the results of one day's transactions
✔✔ Common Vulnerabilities and Exposures (CVE) - ✔✔Provides a naming system for
describing security vulnerabilities.
✔✔Common Vulnerability Scoring System (CVSS) - ✔✔provides a standardized scoring
system for describing the severity of security vulnerabilities.
✔✔Common Configuration Enumeration (CCE) - ✔✔provides a naming system for
system configuration issues.
✔✔Common Platform Enumeration (CPE) - ✔✔provides a naming system for operating
systems, applications, and devices.
✔✔Extensible Configuration Checklist Description Format (XCCDF) - ✔✔provides a
language for specifying security checklists.
✔✔Open Vulnerability and Assessment Language (OVAL) - ✔✔provides a language for
describing security testing procedures.
✔✔Vulnerability scans automatically - ✔✔probe systems, applications, and networks,
looking for weaknesses that may be exploited by an attacker.
✔✔differential backup - ✔✔A type of partial backup that involves copying all changes
made since the last full backup. Thus, each new differential backup file contains the
cumulative effects of all activity since the last full backup.
✔✔Electronic Vaulting - ✔✔A storage scenario in which database backups are
transferred to a remote site in a bulk transfer fashion. The remote location may be a
dedicated alternative recovery site (such as a hot site) or simply an offsite location
managed within the company or by a contractor for the purpose of maintaining backup
data
, ✔✔full backup - ✔✔A complete copy of data contained on the protected device on the
backup media.
✔✔Full-interruption tests - ✔✔operate like parallel tests, but they involve actually
shutting down operations at the primary site and shifting them to the recovery site.
✔✔Parallel tests - ✔✔represent the next level in testing and involve relocating
personnel to the alternate recovery site and implementing site activation procedures.
✔✔Simulation tests - ✔✔are similar to the structured walk-throughs. In simulation tests,
disaster recovery team members are presented with a scenario and asked to develop
an appropriate response without shutting down operations.
✔✔Structured walk-through - ✔✔takes testing one step further. In this type of test, often
referred to as a table-top exercise, members of the disaster recovery team gather in a
large conference room and role-play a disaster scenario.
✔✔Read-through test - ✔✔-simplest type of DRP test
-copies of the DRP is distributed to members of the disaster recovery team (DRT) for
review
-ensures key personnel are aware of their responsibilities and have knowledge
refreshed
-provides a chance for obsolete info to be updated
-helps update personnel lists
✔✔T&A training and awareness - ✔✔o Orientation training for all new employees
o Initial training for employees taking on a new disaster recovery role for the first time
o Detailed refresher training for disaster recovery team members
Brief awareness refreshers for all other employees
✔✔Disk to Disk - ✔✔disk storage has become increasingly inexpensive. With drive
capacities now measured in terabytes, tape and optical media can't cope with data
volume requirements anymore. Many enterprises now use disk-to-disk (D2D) backup
solutions for some portion of their disaster recovery strategy.
✔✔Software escrow arrangement - ✔✔is a unique tool used to protect a company
against the failure of a software developer to provide adequate support for its products
or against the possibility that the developer will go out of business and no technical
support will be available for the product.
✔✔Remote Mirroring - ✔✔Maintaining a live database server at the backup site. It is the
most advanced database backup solution.
SOLUTIONS RATED A+
✔✔Vulnerability scanning techniques - ✔✔Connect
Discovery
Web
Network
✔✔incremental backup - ✔✔A type of partial backup that involves copying only the data
items that have changed since the last partial backup. This produces a set of
incremental backup files, each containing the results of one day's transactions
✔✔ Common Vulnerabilities and Exposures (CVE) - ✔✔Provides a naming system for
describing security vulnerabilities.
✔✔Common Vulnerability Scoring System (CVSS) - ✔✔provides a standardized scoring
system for describing the severity of security vulnerabilities.
✔✔Common Configuration Enumeration (CCE) - ✔✔provides a naming system for
system configuration issues.
✔✔Common Platform Enumeration (CPE) - ✔✔provides a naming system for operating
systems, applications, and devices.
✔✔Extensible Configuration Checklist Description Format (XCCDF) - ✔✔provides a
language for specifying security checklists.
✔✔Open Vulnerability and Assessment Language (OVAL) - ✔✔provides a language for
describing security testing procedures.
✔✔Vulnerability scans automatically - ✔✔probe systems, applications, and networks,
looking for weaknesses that may be exploited by an attacker.
✔✔differential backup - ✔✔A type of partial backup that involves copying all changes
made since the last full backup. Thus, each new differential backup file contains the
cumulative effects of all activity since the last full backup.
✔✔Electronic Vaulting - ✔✔A storage scenario in which database backups are
transferred to a remote site in a bulk transfer fashion. The remote location may be a
dedicated alternative recovery site (such as a hot site) or simply an offsite location
managed within the company or by a contractor for the purpose of maintaining backup
data
, ✔✔full backup - ✔✔A complete copy of data contained on the protected device on the
backup media.
✔✔Full-interruption tests - ✔✔operate like parallel tests, but they involve actually
shutting down operations at the primary site and shifting them to the recovery site.
✔✔Parallel tests - ✔✔represent the next level in testing and involve relocating
personnel to the alternate recovery site and implementing site activation procedures.
✔✔Simulation tests - ✔✔are similar to the structured walk-throughs. In simulation tests,
disaster recovery team members are presented with a scenario and asked to develop
an appropriate response without shutting down operations.
✔✔Structured walk-through - ✔✔takes testing one step further. In this type of test, often
referred to as a table-top exercise, members of the disaster recovery team gather in a
large conference room and role-play a disaster scenario.
✔✔Read-through test - ✔✔-simplest type of DRP test
-copies of the DRP is distributed to members of the disaster recovery team (DRT) for
review
-ensures key personnel are aware of their responsibilities and have knowledge
refreshed
-provides a chance for obsolete info to be updated
-helps update personnel lists
✔✔T&A training and awareness - ✔✔o Orientation training for all new employees
o Initial training for employees taking on a new disaster recovery role for the first time
o Detailed refresher training for disaster recovery team members
Brief awareness refreshers for all other employees
✔✔Disk to Disk - ✔✔disk storage has become increasingly inexpensive. With drive
capacities now measured in terabytes, tape and optical media can't cope with data
volume requirements anymore. Many enterprises now use disk-to-disk (D2D) backup
solutions for some portion of their disaster recovery strategy.
✔✔Software escrow arrangement - ✔✔is a unique tool used to protect a company
against the failure of a software developer to provide adequate support for its products
or against the possibility that the developer will go out of business and no technical
support will be available for the product.
✔✔Remote Mirroring - ✔✔Maintaining a live database server at the backup site. It is the
most advanced database backup solution.
