[Dec-2021] Alibaba ACP-Sec1 Test Engine PDF - All Free Dumps from DumpsQuestion [Q49-Q72]

Share

[Dec-2021] Alibaba ACP-Sec1 Test Engine PDF - All Free Dumps from DumpsQuestion

Get New ACP-Sec1 Certification – Valid Exam Dumps Questions


Alibaba ACP-Sec1 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Core security products: basic operations and management of Anti-DDoS, Security Center, SSL Certificate, Content Moderation, Key Management Service
Topic 2
  • Characteristics, application scenarios and features of Alibaba Cloud security management-related products
Topic 3
  • Cloud service-related basic security protocols such as HTTP, FTP, TCP, UDP and ICMP
  • Understanding common security risks of the above products
Topic 4
  • Discovering DDoS attacks, brute force password cracking attacks
  • Security advantages of their combined solutions
Topic 5
  • Security application solution design, such as correct understanding and handling after receiving alerts from the console, e-mails or text messages
Topic 6
  • Understanding the positioning, main features, working principles and application scenarios of the above products
Topic 7
  • Characteristic, application scenarios, competitive edges and features of Alibaba Cloud Anti-DDos and WAF
Topic 8
  • Cloud computing-related product (ECS, Server Load Balancer, OSS, RDS, VPC and CDN) content
Topic 9
  • web SQL injections among other common security risks and taking appropriate measures for protection

 

NEW QUESTION 49
Data Risk Control feature has been integrated into Alibaba Cloud WAF. When this function is activated, a script must be embedded into the page that wishes to be protected under the corresponding domain name to check whether a client is trustworthy. Which type of script is it?

  • A. Vbscript
  • B. Java
  • C. C++
  • D. JavaScript

Answer: D

 

NEW QUESTION 50
When users log on to ECS instances through SSH or remote desktop from public Internet, Alibaba Cloud Security Center will monitor the log on behaviors If an IP address uses incorrect password to log on to an ECS instance for too many times, an alert "ECS instance suffers brute force password cracking" will be prompted If you receive this alert, which of the following is the safest way to handle this alert?

  • A. Inform all users on the service platform of changing their passwords, and eliminate simple passwords using technical measures
  • B. This alert does not matter and can be ignored.
  • C. Log on immediately to the ECS instance and check the logon logs If no abnormal logon success record is found ignore this alert.
  • D. Update the system user password immediately for the ECS instance, and enable the security group firewall to allow only specified IP addresses to connect to the ECS instance

Answer: D

 

NEW QUESTION 51
Various profit-oriented hacker groups exist on the Internet. They control a large number of server resources and can launch network attacks against a target server at any time Among those, one type of attack is common and destructive, which completely consumes resources of the target server so that normal customers cannot connect to the server Which of the following belongs to this type of attack?

  • A. XSS attack
  • B. Webshell attack
  • C. SQL injection
  • D. DDoS attack

Answer: D

 

NEW QUESTION 52
More than one CNAME record is generated for the same domain name when Alibaba Cloud Anti-DDoS Premium Service Instance is purchased for load balancing purpose.

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 53
When the agent of Alibaba Cloud Security Center running on a server, it normally uses less than 1% of the CPU and 10 MB of memory, which can void affecting the server's performance

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 54
Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications Which of the following functions are currently provided by CloudMonitor? (Number of correct answers: 4)

  • A. Custom firewall
  • B. Site monitoring
  • C. Custom monitoring
  • D. Cloud service monitoring
  • E. Alerting

Answer: B,C,D,E

 

NEW QUESTION 55
Alibaba Cloud ECS instances are common targets of hacker attacks. There are many types of attacks against ECS instances. Which of the following attacks specifically target the operating system of an ECS instance?
(Number of correct answers: 3)

  • A. Brute force RDP password cracking
  • B. Brute force SSH password cracking
  • C. Trojan or Webshell installation
  • D. SQL injection

Answer: A,B,C

 

NEW QUESTION 56
Alibaba Cloud Data Risk Control utilizes Alibaba Group's Big Data computing capabilities and industry-leading, risk decision making engine to address fraud threats in key service processes (such as account log on, online activity, payment) and avoid financial loss Which of the following is NOT an application scenario of Data Risk Control?

  • A. Application installation
  • B. Transaction rating
  • C. Account registration
  • D. Goods payment

Answer: A

 

NEW QUESTION 57
Anti-DDoS is one of the major products of Alibaba Cloud Security service Many websites have suffered DDoS attacks of different types. Therefore, accurate understanding of DDoS attacks is critical to the website security protection. Which of the following statements about DDoS attacks is the MOST accurate?

  • A. DDoS attacks primarily target a database
  • B. The main purpose of a DDoS attack is to prevent the target server from providing normal services
  • C. The purpose of a DDoS attack is to steal confidential information
  • D. A DDoS attack cracks the servers logon password by means of numerous attempts

Answer: B

 

NEW QUESTION 58
Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications.
Which of the following statements about CloudMonitor is accurate'?

  • A. To use CloudMonitor for ECS monitoring, there no agent needs to be installed in ECS.
  • B. CloudMonitor can monitor websites that are not deployed in Alibaba Cloud products.
  • C. CloudMonitor cannot be used through the Alibaba Cloud console
  • D. CloudMonitor must be independently bought and paid for activation

Answer: B

 

NEW QUESTION 59
baba Cloud security service provides in-depth defense Which of the following services is dedicated for host security?

  • A. Security Center
  • B. WAF
  • C. Anti-DDoS pro Service
  • D. Data Risk Control

Answer: C

 

NEW QUESTION 60
You want to buy an SSL certificate using Alibaba Cloud's SSL Certificates Service and deploy it in front of an Alibaba Cloud resource (such as Elastic Compute Service) What is the coned sequence of steps to follow?

  • A. 1 Select a certificate
    2 Enter request information and submit for review
    3 Manage the certificate
    4 Deploy the certificate in front of your Alibaba Cloud resources
  • B. 1 Enter request information and submit for review 2. Select a certificate
    3 Deploy the certificate in front of your Alibaba Cloud resources
    4 Manage the certificate
  • C. 1 Select a certificate
    2. Deploy the certificate in front of your Alibaba Cloud resources
    3. Enter request information and submit for review
    4. Manage the certificate
  • D. 1 Select a certificate
    2 Enter request information and submit for review
    3. Deploy the certificate in front of your Alibaba Cloud resources
    4. Manage the certificate

Answer: A

 

NEW QUESTION 61
When importing key material into Key Management Service (KMS), you will be given an import token and public encryption key valid for 24 hours. The public key KMS provides must be used to encrypt your key material before upload KMS allows you to choose different public key encryption algorithms Which ones are supported? (Number of correct answers; 3)

  • A. RSAES_OAEP_SHA_256
  • B. RSAES_OAEP_SHA_1
  • C. RSAES_ECDHE_V1 _5
  • D. RSAES PKCS1 V1 5

Answer: B,C,D

 

NEW QUESTION 62
For which of the following protection scenarios is Alibaba Cloud WAF applicable? (Number of correct answers: 5)

  • A. Data leakage prevention
  • B. Protection against SMS refresh and service data crawling
  • C. Brute force cracking protection
  • D. Defense against website trojans and tampering
  • E. Protection against malicious CC attacks
  • F. Virtual vulnerability patches

Answer: A,C,D,E,F

 

NEW QUESTION 63
Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?

  • A. Security group
  • B. Valid Login IP list
  • C. Webshell detection
  • D. Frequent logon location management

Answer: D

 

NEW QUESTION 64
When using Alibaba Cloud Anti-DDoS Service/WAF in China Mainland, you must finish ICP Filing beforehand.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 65
There is a limit on the number of Customer Master Keys (CMKs) that users can create using Key Management Service (KMS), but users can raise this limit by submitting a support ticket to Alibaba Cloud.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 66
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?

  • A. Associate the Security Center client with your Alibaba Cloud official website account.
  • B. You cannot check the reports on the Alibaba Cloud console.
  • C. You need to manually install the agent on the external server, and use a verification key to associate it with your account
  • D. Security Center does not support non-Alibaba Cloud servers

Answer: C

 

NEW QUESTION 67
Border Gateway Protocol (BGP) is mainly used for interconnection between autonomous systems (AS) on the Internet It. Controlling route transmission and selecting the best route Alibaba Cloud uses a BGP multi-line access mechanism for all its IDCs in China. Which of the followings are advantages of a BGP multi-line IDC?
(Number of correct answers 2)

  • A. High-speed interconnection
  • B. Larger bandwidth
  • C. Low bandwidth cost
  • D. Elimination of access barriers between North China and South China because China is big and North China and South China has different telecom operators

Answer: A,D

 

NEW QUESTION 68
The protection rules of Alibaba Cloud WAF are updated in real time after a user makes changes in WAF configuration page.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 69
Content Moderation Service is an API-based service Like many API services, it employs throttling to make sure that the service cannot be overwhelmed by a large number of simultaneous requests. What is the maximum number of requests per minute you can make against the Content Moderation API?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

 

NEW QUESTION 70
A customer built his website on Alibaba Cloud- To defend against Web attacks he activated Alibaba Cloud WAF However, a week later, the customer finds that his website has suffered intrusion. Which of the following actions should he take to ensure that WAF functions correctly and enhance system security?
(Number of correct answers: 4)

  • A. Check whether or not the DNS resolution results point to the WAF address
  • B. Configure a security group for the ECS instance.
  • C. Secure other HTTP services on the ECS instance using WAF
  • D. Resolve the website domain name to the site s source IP address
  • E. Use Security Center to remove Trojans and fix vulnerabilities
  • F. Delete all snapshots and clear the server

Answer: A,B,C,E

 

NEW QUESTION 71
Which of the following services can be protected by the Alibaba Cloud Security Center's anti-brute force password cracking function? (Number of answers 3)

  • A. Web service (HTTP)
  • B. MySQL database service SQLServer database service
  • C. File transfer service (FTP)
  • D. Windows remote desktop service (RDP) Linux remote control service (SSH)

Answer: A,B,C

 

NEW QUESTION 72
......

100% Passing Guarantee - Brilliant ACP-Sec1 Exam Questions PDF: https://www.dumpsquestion.com/ACP-Sec1-exam-dumps-collection.html