Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: myex65

Home > Alibaba Cloud > Alibaba Security > ACA-Sec1

ACA-Sec1 ACA Cloud Security Associate Question and Answers

Question # 4

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

A.

Ping to the server

B.

Simulate a DDoS attack on that server

C.

Simulate a DoS attack on the server

D.

Check if all the patches and required antivirus software has been loaded o the server

Full Access
Question # 5

Which of the following statements are true for how to login to different ECS operating

system? (the number of correct answers: 2)

Score 1

A.

use 'remote desktop connection' for windows

B.

use 'ssh' tool for windows

C.

use 'remote desktop connection' for Linux

D.

use 'ssh' tool for Linux

Full Access
Question # 6

Which of the following service may under anti-DDOS attack?(the number of correct answers:

3)

Score 1

A.

servers in VPC only configured with private network

B.

any device internet reachable

C.

government website

D.

public DNS service

E.

offline servers

Full Access
Question # 7

When 'Server Guard' detects remote logon behavior, what information will be

shown on 'Server Guard' console?

A.

Illegal Logon!

B.

Migrated Already!

C.

Logon Successfully!

D.

Remote Logon Detected!

Full Access
Question # 8

After using WAF, if you find there are many user input data in the network traffic, you should apply:

A.

Loose protection policy

B.

Normal protection policy

C.

Strict protection policy

D.

Progression protection policy

Full Access
Question # 9

Which of the following statements about WAF data risk control feature is NOT true?

A.

this feature can only used for single page, can't be used to protect the whole domain

name

B.

WAF need to inject JavaScript piece into all pages under the same protected domain

name to decide if the client side is worth to trust

C.

direct access URL protected by this feature will have slider verification pop out

D.

this feature is not suitable for scenario needs to call API directly

Full Access
Question # 10

Which of the following statements about cloud security shared responsibilities model are

true? (the number of correct answers: 2)

A.

for users who is using IAAS service, they should be responsible for their business system

which is on top of cloud infrastructure

B.

cloud service provider should guarantee the security of all physical infrastructure

C.

the damage caused by attacks leveraging security vulnerability in customers' application

server should be charged to cloud service provider

D.

cloud user should also take care of some of the hardware maintenance and operation

work

Full Access
Question # 11

Which of following attacks could serve as a CC attack? (the number of correct answers: 3)

Score 1

A.

SYN flood

B.

ICMP flood

C.

One host simulate many IP addresses

D.

Attack through agent

E.

Zombie network

Full Access
Question # 12

The Alibaba Cloud WAF protection strategy provides the following: (the number of correct

answers: 3)

Score 1

A.

Loose

B.

Strict

C.

Normal

D.

Regular

E.

Early Warning

Full Access
Question # 13

Which of the following options is the top 1 web application security risk based on OWASP 2017

report?

A.

XSS Attack

B.

Server Information Theft

C.

Code Execution

D.

SQL Injection

Full Access
Question # 14

By default, servers in VPC can't communicate with internet. By implementing which of the

following products these servers can gain the capability to communicate with internet? (the

number of correct answers: 3)

A.

Elastic Public IP

B.

CDN

C.

EIP + SLB

D.

EIP + NAT Gateway

E.

DNS service

Full Access
Question # 15

Which of the following Keys in HTTP heads are related to cache control? (the number of correct answers: 3)

A.

Cache-Control

B.

Date

C.

Age

D.

Expires

E.

Host

Full Access
Question # 16

Which of the following DDoS descriptions are correct?

A.

In order to get admin password

B.

Steal confidential information

C.

Causes the target server unable to process legitimate requests

D.

If the target server has no vulnerabilities, the remote attack may still succeed.

Full Access
Question # 17

Identify the attack where the purpose is to stop a workstation or service from functioning?

A.

This attack is known as non-repudiation

B.

This attack is known as TCP/IP hijacking

C.

This attack is known as denial of service (DoS)

D.

This attack is known as brute force

Full Access
Question # 18

Inside cloud, hypervisor vulnerability could cause the following possible consequences: (the

number of correct answers: 3)

A.

One client host can access another client's data

B.

User service become unavailable

C.

Hacker can access host server directly

D.

Incorrect client resource usage calculating

Full Access
Question # 19

Which commands can be used to reload the operation system? (Correct Answers: 2)

A.

reload

B.

shutdown

C.

init

D.

restart

Full Access
Question # 20

CC attacks can cause serious damages. Which of the following statements about CC attack is

not correct?

Score 2

A.

CC attack will simulate real user requests

B.

Will consume massive sever side resource

C.

CC attack is done on network layer

D.

The request generated by CC attack is hard to be distinguished from normal requests

Full Access
Question # 21

Which of the following options could NOT be the reason that causes website

tampering

A.

Share password between different users

B.

Botnet attack

C.

system vulnerability is not fixed in time

D.

Wrong security configuration

Full Access
Question # 22

Alibaba Cloud will provide hot fix to address existing vulnerabilities. Which of the following

statements is true about this 'hot fix'?

A.

hot fix doesn't need to reboot physical host

B.

service will not be available during the hot fix

C.

hot fix means the host need to reach some temperature upper limit to be able to

proceed

D.

hot fix is transparent to end user

Full Access