Alibaba Cloud ACA-Sec1 Exam Practice Questions Answers

ACA Cloud Security Associate Questions and Answers

Question 1

Which of the following steps is not a valid step for using anti-DDOS pro?

Options:

configure to be protected domain name

add new DNS record

change source IP

if original server is using its own firewall, then need to add Anti-DDOS pro IP to its white

list

bind real customer identity to anti-DDOS pro IP

Question 2

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

Options:

Ping to the server

Simulate a DDoS attack on that server

Simulate a DoS attack on the server

Check if all the patches and required antivirus software has been loaded o the server

Question 3

Each host connecting to internet will face the potential attacks from internet as follows : ( the numbers of correct answers : 3)

Options:

Brute Force password hacking

Trojan planting

Content Compliance Requirement

Vulnerability scanning

Lack of storage resource

Question 4

Which of following elements are included in a TCP/IP based route table？ (the number of

correct answers: 3)

Options:

Network Destination

Netmask

Mac Address

Gateway IP

Port

Question 5

Which of the following application vulnerabilities are not as popular as others?

Options:

SQL Injection

XSS exploit

File uploading vulnerability

Kernel privilege breaking

Question 6

Please list the correct order of the following 4 steps to enable a WAF service : (1) upload

HTTPS CA and private key(HTTPS website only) (2) add the domain name that needs to be

protected (3) select the original IP address (4) add CNAME DNS record

Score 2

Options:

2314

2341

2431

2413

Question 7

Which of the following statements is NOT true about daily operation on server account

andpassword maintenance?

Options:

change'Administrator' to some other name

with'Server Guard protection In Allbaba Cloud,you can set password to some easy to

remember words.

except for some necessary accounts for system manogement,.dlsoble or delete other

seldomly used accounts

always set a complexed passwcwd using combination of numbers,letters and other

characters

Question 8

If Server Guard (product provided by Alibaba Cloud) report some brute force password hacking

attacks, the reporting information will include？ (the number of correct answers: 3)

Options:

Attack initiated time

Attack type

Tools attacker used

Attack source IP

Physical location of attacker

Question 9

Which of the following protocols is not an application level protocol in ISO/OSI 7 layer

networking model?

Options:

FTP

TCP

HTTP

SNMP

Question 10

Identify the attack where the purpose is to stop a workstation or service from functioning?

Options:

This attack is known as non-repudiation

This attack is known as TCP/IP hijacking

This attack is known as denial of service (DoS)

This attack is known as brute force

Question 11

By default, servers in VPC can't communicate with internet. By implementing which of the

following products these servers can gain the capability to communicate with internet? (the

number of correct answers: 3)

Options:

Elastic Public IP

CDN

EIP + SLB

EIP + NAT Gateway

DNS service

Question 12

What will the correct stops the traffic will flow through if the user used all following cloud service: WAF, Anti-DDOS pro, CDN.

Options:

CDN- >Anti-DDOS Pro->WAF->Original Website

Anti-DDOS Pro->CDN->WAF->Original website

CDN- >WAF->Anti-DDOS Pro->Original website

Anti-DDOS Pro->WAF->CDN->Original website

Question 13

In Linux OS, if you want to set a file access privilege to read, write, and execute for the

owner only, what octal number will reflect such settings correctly?

Score 2

Options:

755

700

777

766

Question 14

Which of following attacks could serve as a CC attack? (the number of correct answers: 3)

Score 1

Options:

SYN flood

ICMP flood

One host simulate many IP addresses

Attack through agent

Zombie network

Question 15

Customer who bought ECS server doesn't need to worry about :

Options:

Cloud infrastructure security

OS vulnerability inside ECS

Web service security inside ECS

ECS security group setting

Question 16

CC attacks can cause serious damages. Which of the following statements about CC attack is

not correct?

Score 2

Options:

CC attack will simulate real user requests

Will consume massive sever side resource

CC attack is done on network layer

The request generated by CC attack is hard to be distinguished from normal requests

Question 17

Which of the following function is NOT provided by 'Server Guard' vulnerability detection?

Options:

Trojan detection

weak password detection

sensitive data encryption

Linux system vulnerability scanning

Question 18

The Alibaba Cloud WAF protection strategy provides the following: (the number of correct

answers: 3)

Score 1

Options:

Loose

Strict

Normal

Regular

Early Warning

Question 19

In Windows OS what command can be used to open registry table and edit it?

Options:

Gpedit

Regedit

Gedit

Zedit

Question 20

In May 2017 a new blackmail virus WannaCry burst globally, using Windows OS open port 445 to initiate its attacks. What is the quickest way to prevent this kind of attacks?

Options:

disable port 445

set a highly complexed administrator password

encrypt all data on server side

put sensitive data in some hidden directory

Question 21

In Linux OS, if access control to a file is shown as '-rwxrw-r--' in shell command, which of the

following statements are true?

Score 2

Options:

This file is a text file

The access privilege of this user group is read only

The owner of this file has read/write/execution privilege to this file

Other users (outside of this user group) can execute this file

Question 22

Which of the following protocol can be considered as 'application' layer protocol in ISO/OSI 7 layer model?

Options:

TCP

UDP

SMTP

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Alibaba Cloud ACA-Sec1 Dumps

ACA Cloud Security Associate Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: