EC-Council · EDRP
Validates the ability to develop and implement business continuity and disaster recovery plans, covering business impact analysis, risk assessment, recovery strategy development, emergency response procedures, recovery site management, and disaster recovery plan testing and maintenance.
Questions
623
Duration
240 minutes
Passing Score
70%
Difficulty
ProfessionalLast Updated
Feb 2026
Use this EDRP practice exam to prepare for EC-Council Certified Disaster Recovery Professional (EDRP) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 623 questions for EC-Council EDRP, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to patterns in your missed answers. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The EC-Council Certified Disaster Recovery Professional (EDRP), exam code 312-76, is a professional-level certification that validates a candidate's ability to plan, strategize, implement, and maintain comprehensive business continuity and disaster recovery (BC/DR) programs. The credential covers the full lifecycle of disaster preparedness: from conducting business impact analyses and risk assessments to designing recovery strategies, managing recovery sites, and testing and maintaining disaster recovery plans. It addresses data backup and recovery, virtualization-based recovery, centralized and decentralized system restoration, and telecommunications continuity.
The EDRP v3 curriculum aligns with major industry compliance frameworks including ISO 22301, ISO 22313, ISO 27001, ISO/IEC 27005, ISO 31000, ISO 31010, NFPA 1600, INCITS 483-2012, and the NIST NICE Framework. The program includes cloud-based virtual labs that allow candidates to practice BC/DR techniques in simulated enterprise environments. Recognized under DoD 8570/8140, the EDRP is accepted by U.S. government and military employers as a qualifying credential for information assurance and continuity roles.
The EDRP is designed for IT and information security professionals who are responsible for—or transitioning into—business continuity and disaster recovery roles. Ideal candidates include network and systems administrators, firewall and security administrators, risk assessment professionals, IT infrastructure managers, and cybersecurity analysts who need to formalize their BC/DR knowledge with a vendor-neutral, globally recognized credential.
The certification is also well-suited for IT managers and project managers who oversee organizational resilience programs, as well as professionals in regulated industries such as financial services, healthcare, and government who must demonstrate compliance with continuity standards. Candidates with at least a foundational understanding of IT infrastructure and information security will benefit most, though no strict prior certification is required.
There are no mandatory formal prerequisites to sit for the EDRP exam. However, EC-Council recommends that candidates have some practical experience in the IT BC/DR domain before attempting the certification. A working knowledge of IT infrastructure, basic information security concepts, and familiarity with organizational processes is strongly advised.
Candidates who have completed an official EC-Council course at an Accredited Training Center (ATC), an Academia Partner institution, or through the EC-Council iClass platform are automatically eligible to sit for the exam. Those who have not completed an official EC-Council course must submit an Exam Eligibility Application along with a non-refundable $100 USD fee and demonstrate a minimum of two years of work experience in the information security domain before being approved to test.
The EDRP exam (code 312-76) consists of 150 multiple-choice questions and must be completed within 4 hours. The passing score is 70%. The exam is delivered at authorized ECC Exam Centers and is also available at Pearson VUE testing centers worldwide. The certification is valid for three years, after which recertification is required through EC-Council Continuing Education (ECE) credits.
The exam tests knowledge across all core BC/DR domains rather than being divided into weighted sections with published percentages. Candidates are assessed on practical understanding of disaster recovery planning methodologies, risk and business impact analysis techniques, recovery strategies, and emergency response procedures. No unscored or survey questions have been officially disclosed by EC-Council.
EDRP-certified professionals are positioned for roles such as Disaster Recovery Specialist, Business Continuity Planner, IT Risk Manager, IT Infrastructure Manager, and Cybersecurity Analyst. Salaries for disaster recovery professionals in the United States typically range from approximately $75,000 to $125,000 annually, with median figures around $95,000 depending on experience, organization size, and location. The certification is recognized under DoD 8570/8140, making it particularly valuable for professionals seeking federal government, defense contractor, or military positions.
The global disaster recovery solutions market was valued at $10.93 billion in 2024 and is projected to reach $24.56 billion by 2029—a CAGR of roughly 17.5%—reflecting strong and growing employer demand for credentialed BC/DR professionals. Compared to alternatives such as the DRII CBCP (Certified Business Continuity Professional) or ISACA's CRISC, the EDRP is distinguished by its technical depth in IT systems recovery, its virtual lab component, and its alignment with EC-Council's broader cybersecurity certification ecosystem, making it a strong complement to credentials like CEH or CISSP for security-focused professionals.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 623 questions.
Preview — answers shown1. A financial services company performs full backups every Sunday and differential backups Monday through Saturday. On Friday afternoon, a ransomware attack corrupts the database. The backup administrator needs to restore the system. Which backup sets are required for complete recovery? (Select one!)
Explanation
Differential backups only require the most recent full backup plus the latest differential backup for complete recovery. Each differential backup contains all changes since the last full backup, making intermediate differentials unnecessary. Recovery requires exactly two backup sets: Sunday's full and Friday's differential. Options suggesting multiple differential backups misunderstand differential backup behavior—unlike incremental backups which require all backups in sequence, differential backups are cumulative and reference only the last full backup.
2. A virtualization administrator implements Hyper-V Replica for disaster recovery between two datacenters 500 miles apart. The replicated virtual machines include domain controllers, file servers, and application servers. The administrator needs to validate the DR setup without impacting production replication. Which Hyper-V failover type should be executed? (Select one!)
Explanation
Test Failover is specifically designed for validation and creates test virtual machines in an isolated network without impacting ongoing replication, allowing DR verification without production risk. Planned Failover is for actual recovery scenarios with graceful migration, requiring production shutdown and stopping replication during execution. Unplanned Failover is for emergency disaster situations when the primary site is unavailable, not for routine testing. Live Migration moves VMs between Hyper-V hosts for maintenance and load balancing, not for disaster recovery testing across sites.
3. A healthcare organization must comply with HIPAA contingency plan requirements for systems processing electronic protected health information. The compliance officer reviews current DR documentation to ensure regulatory alignment. Which three components are mandatory required specifications under HIPAA rather than addressable specifications? (Select three!)
Multiple correct answersExplanation
Data Backup Plan, Disaster Recovery Plan, and Emergency Mode Operation Plan are the three required specifications under HIPAA Section 164.308(a)(7). Required specifications must be implemented, while addressable specifications require assessment and documentation if not implemented. Testing and Revision is an addressable specification, not required. Criticality Analysis is an addressable specification, not required. Business Impact Analysis is not specifically mentioned in HIPAA contingency plan requirements, though it supports compliance.
4. A cloud architect implements disaster recovery for Azure virtual machines hosting a customer relationship management system. The organization requires recovery to a specific point in time with application-consistent state and the lowest possible RTO. Which Azure Site Recovery recovery point option should the architect configure? (Select one!)
Explanation
Latest processed recovery point provides the lowest RTO because Azure Site Recovery has already processed this recovery point, eliminating processing delays during failover. The question prioritizes RTO (fastest recovery) over RPO. Latest recovery point provides lowest RPO but requires processing time during failover, increasing RTO. Latest app-consistent recovery point ensures application consistency but introduces processing delays compared to latest processed. Custom recovery point allows selecting specific timestamps but adds selection and processing overhead, increasing RTO beyond latest processed.
5. A database team protects a mission-critical Oracle database using transaction log backups every 15 minutes with full backups performed nightly. During recovery from a storage failure that occurred at 2:45 PM, the team restores the full backup from the previous night and applies all transaction logs up to 2:30 PM. What recovery capability does transaction log backup provide that full backups alone cannot? (Select one!)
Explanation
Transaction logs record every database modification (INSERT, UPDATE, DELETE) enabling point-in-time recovery to any specific moment between full backups. By applying transaction logs sequentially, administrators can restore the database to any timestamp within the log retention period. Transaction log backups do not necessarily execute faster than full backups. They complement rather than eliminate differential backups. Transaction logs enable recovery but do not provide automatic failover, which requires separate replication or clustering technologies.
Certified Threat Intelligence Analyst (CTIA)
CTIA · 740 questions
Certified Cybersecurity Technician (CCT)
CCT · 630 questions
Certified Secure Computer User (CSCU)
CSCU · 630 questions
EC-Council Certified Encryption Specialist (ECES)
ECES · 627 questions
Ethical Hacking Essentials (EHE)
EHE · 627 questions
ICS/SCADA Cybersecurity
ICS-SCADA · 627 questions
$17.99
One-time access to this exam