New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Alibaba Cloud ACA-Sec1 Dumps Questions Answers

Page: 1 / 6
Total 147 questions

ACA Cloud Security Associate Questions and Answers

Question 1

Which of the following steps is not a valid step for using anti-DDOS pro?

Options:

A.

configure to be protected domain name

B.

add new DNS record

C.

change source IP

D.

if original server is using its own firewall, then need to add Anti-DDOS pro IP to its white

list

E.

bind real customer identity to anti-DDOS pro IP

Buy Now
Question 2

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

Options:

A.

Ping to the server

B.

Simulate a DDoS attack on that server

C.

Simulate a DoS attack on the server

D.

Check if all the patches and required antivirus software has been loaded o the server

Question 3

Each host connecting to internet will face the potential attacks from internet as follows : ( the numbers of correct answers : 3)

Options:

A.

Brute Force password hacking

B.

Trojan planting

C.

Content Compliance Requirement

D.

Vulnerability scanning

E.

Lack of storage resource

Question 4

Which of following elements are included in a TCP/IP based route table? (the number of

correct answers: 3)

Options:

A.

Network Destination

B.

Netmask

C.

Mac Address

D.

Gateway IP

E.

Port

Question 5

Which of the following application vulnerabilities are not as popular as others?

Options:

A.

SQL Injection

B.

XSS exploit

C.

File uploading vulnerability

D.

Kernel privilege breaking

Question 6

Please list the correct order of the following 4 steps to enable a WAF service : (1) upload

HTTPS CA and private key(HTTPS website only) (2) add the domain name that needs to be

protected (3) select the original IP address (4) add CNAME DNS record

Score 2

Options:

A.

2314

B.

2341

C.

2431

D.

2413

Question 7

Which of the following statements is NOT true about daily operation on server account

andpassword maintenance?

Options:

A.

change'Administrator' to some other name

B.

with'Server Guard protection In Allbaba Cloud,you can set password to some easy to

remember words.

C.

except for some necessary accounts for system manogement,.dlsoble or delete other

seldomly used accounts

D.

always set a complexed passwcwd using combination of numbers,letters and other

characters

Question 8

If Server Guard (product provided by Alibaba Cloud) report some brute force password hacking

attacks, the reporting information will include? (the number of correct answers: 3)

Options:

A.

Attack initiated time

B.

Attack type

C.

Tools attacker used

D.

Attack source IP

E.

Physical location of attacker

Question 9

Which of the following protocols is not an application level protocol in ISO/OSI 7 layer

networking model?

Options:

A.

FTP

B.

TCP

C.

HTTP

D.

SNMP

Question 10

Identify the attack where the purpose is to stop a workstation or service from functioning?

Options:

A.

This attack is known as non-repudiation

B.

This attack is known as TCP/IP hijacking

C.

This attack is known as denial of service (DoS)

D.

This attack is known as brute force

Question 11

By default, servers in VPC can't communicate with internet. By implementing which of the

following products these servers can gain the capability to communicate with internet? (the

number of correct answers: 3)

Options:

A.

Elastic Public IP

B.

CDN

C.

EIP + SLB

D.

EIP + NAT Gateway

E.

DNS service

Question 12

What will the correct stops the traffic will flow through if the user used all following cloud service: WAF, Anti-DDOS pro, CDN.

Options:

A.

CDN- >Anti-DDOS Pro->WAF->Original Website

B.

Anti-DDOS Pro->CDN->WAF->Original website

C.

CDN- >WAF->Anti-DDOS Pro->Original website

D.

Anti-DDOS Pro->WAF->CDN->Original website

Question 13

In Linux OS, if you want to set a file access privilege to read, write, and execute for the

owner only, what octal number will reflect such settings correctly?

Score 2

Options:

A.

755

B.

700

C.

777

D.

766

Question 14

Which of following attacks could serve as a CC attack? (the number of correct answers: 3)

Score 1

Options:

A.

SYN flood

B.

ICMP flood

C.

One host simulate many IP addresses

D.

Attack through agent

E.

Zombie network

Question 15

Customer who bought ECS server doesn't need to worry about :

Options:

A.

Cloud infrastructure security

B.

OS vulnerability inside ECS

C.

Web service security inside ECS

D.

ECS security group setting

Question 16

CC attacks can cause serious damages. Which of the following statements about CC attack is

not correct?

Score 2

Options:

A.

CC attack will simulate real user requests

B.

Will consume massive sever side resource

C.

CC attack is done on network layer

D.

The request generated by CC attack is hard to be distinguished from normal requests

Question 17

Which of the following function is NOT provided by 'Server Guard' vulnerability detection?

Options:

A.

Trojan detection

B.

weak password detection

C.

sensitive data encryption

D.

Linux system vulnerability scanning

Question 18

The Alibaba Cloud WAF protection strategy provides the following: (the number of correct

answers: 3)

Score 1

Options:

A.

Loose

B.

Strict

C.

Normal

D.

Regular

E.

Early Warning

Question 19

In Windows OS what command can be used to open registry table and edit it?

Options:

A.

Gpedit

B.

Regedit

C.

Gedit

D.

Zedit

Question 20

In May 2017 a new blackmail virus WannaCry burst globally, using Windows OS open port 445 to initiate its attacks. What is the quickest way to prevent this kind of attacks?

Options:

A.

disable port 445

B.

set a highly complexed administrator password

C.

encrypt all data on server side

D.

put sensitive data in some hidden directory

Question 21

In Linux OS, if access control to a file is shown as '-rwxrw-r--' in shell command, which of the

following statements are true?

Score 2

Options:

A.

This file is a text file

B.

The access privilege of this user group is read only

C.

The owner of this file has read/write/execution privilege to this file

D.

Other users (outside of this user group) can execute this file

Question 22

Which of the following protocol can be considered as 'application' layer protocol in ISO/OSI 7 layer model?

Options:

A.

TCP

B.

UDP

C.

IP

D.

SMTP

Page: 1 / 6
Total 147 questions