Achieve The Utmost Performance In ACP-Sec1 Exam Pass Guaranteed [Q47-Q71]

Achieve The Utmost Performance In ACP-Sec1 Exam Pass Guaranteed

Achive your Success with Latest Alibaba ACP-Sec1 Exam

Alibaba ACP-Sec1 Exam Syllabus Topics:

Topic	Details
Topic 1	Discovering DDoS attacks, brute force password cracking attacks Security advantages of their combined solutions
Topic 2	web SQL injections among other common security risks and taking appropriate measures for protection
Topic 3	Cloud service-related basic security protocols such as HTTP, FTP, TCP, UDP and ICMP Understanding common security risks of the above products
Topic 4	Security application solution design, such as correct understanding and handling after receiving alerts from the console, e-mails or text messages
Topic 5	Characteristics, application scenarios and features of Alibaba Cloud security management-related products
Topic 6	Characteristic, application scenarios, competitive edges and features of Alibaba Cloud Anti-DDos and WAF
Topic 7	Core security products: basic operations and management of Anti-DDoS, Security Center, SSL Certificate, Content Moderation, Key Management Service
Topic 8	Cloud computing-related product (ECS, Server Load Balancer, OSS, RDS, VPC and CDN) content

 

NEW QUESTION 47
When you receive a security alert from Alibaba Cloud Security Center, which of the following actions should you do?

• A. There is no need to care about the alert Alibaba Cloud Security Center will handle it.
• B. Shield the alert because it is not important
• C. The alert is dangerous You must immediately report it to the police
• D. Once you receive an alert, you need to determine the specific risk and perform troubleshooting For example, change the password, or upgrade application software

Answer: D

 

NEW QUESTION 48
Alibaba Cloud Security Center is consisted of light-weight Agents and cloud engine to provide functions such as webshell scanning and removal, day vulnerability repair, security baseline inspection, and host access control, to protect the server security. Which of the following processes is NOT included in Security Center Agent?

• A. AliHids
• B. AliYunDunUpdate
• C. All Safe
• D. AliYunDun

Answer: C

 

NEW QUESTION 49
Alibaba Cloud WAF identifies attacks using human/robot detection, Big Data analysis, model analysis, and other related techniques. Which of the following CC attack defense modes does WAF provide to meet the protection requirements of users? (Number of correct answers 2)

• A. Threat
• B. Attack emergency
• C. Normal
• D. Exception

Answer: B,C

 

NEW QUESTION 50
When the agent of Alibaba Cloud Security Center running on a server, it normally uses less than 1% of the CPU and 10 MB of memory, which can void affecting the server's performance

• A. False
• B. True

Answer: B

 

NEW QUESTION 51
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?

• A. Security Center does not support non-Alibaba Cloud servers
• B. You need to manually install the agent on the external server, and use a verification key to associate it with your account
• C. Associate the Security Center client with your Alibaba Cloud official website account.
• D. You cannot check the reports on the Alibaba Cloud console.

Answer: B

 

NEW QUESTION 52
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)

• A. Port access control
• B. Precision access control
• C. CC protection
• D. Web application attack protection

Answer: A,C,D

 

NEW QUESTION 53
In a public cloud environment Alibaba Cloud is responsible for security of cloud computing infrastructure (such as the IDC environment, physical server O&M, and virtualization layer of cloud products). However, you still need to perform necessary security optimization measures for the Cloud products you purchased Which of the following actions do you think are safe?

• A. For easy management, change the administrator password for the ECS instance to 123456.
• B. To reduce the communication cost, five administrators of the company use the root account to log on to the ECS instance.
• C. To enable colleagues working at home to update data, open public IP addresses for ApsaraDB for RDS instances, and allow all IP addresses to connect to the instances
• D. After buying an ECS instance, enable the security group firewall for the ECS instance through the console, and only allow a management IP address to remotely log on to the ECS instance.

Answer: D

 

NEW QUESTION 54
After a customer uses Alibaba Cloud Anti-DDoS Premium Service, a 502 error is prompted. Which of the followings are the possible causes of the error? (Number of correct answers 3)

• A. The service was configured using the IP address method instead of the CI
• B. Network congestion or jitter occurred
• C. The IP address of the origin site is exposed and suffered an attack
• D. The Anti-DDoS Service IP range was not released As a result, the origin site is blocked.

Answer: B,C,D

 

NEW QUESTION 55
Cloud computing service security requires the joint effort of the cloud service supplier (such as Alibaba Cloud), independent software vendor (ISV), and users The failure of any party to fulfill their responsibilities may lead to security risks. Which of the following are the responsibilities of the cloud computing service users? (Number of correct answers 2)

• A. Regularly change the service system password
• B. Strengthen information security management in the company to prevent sensitive information leakage
• C. Ensure multi-channel power supply in the Cloud data center
• D. Provide security protection for physical infrastructure

Answer: A,B

 

NEW QUESTION 56
Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)

• A. 0
• B. 1
• C. 2
• D. 3

Answer: A,B

 

NEW QUESTION 57
You want to buy an SSL certificate using Alibaba Cloud's SSL Certificates Service and deploy it in front of an Alibaba Cloud resource (such as Elastic Compute Service) What is the coned sequence of steps to follow?

• A. 1 Select a certificate
  2 Enter request information and submit for review
  3 Manage the certificate
  4 Deploy the certificate in front of your Alibaba Cloud resources
• B. 1 Enter request information and submit for review 2. Select a certificate
  3 Deploy the certificate in front of your Alibaba Cloud resources
  4 Manage the certificate
• C. 1 Select a certificate
  2 Enter request information and submit for review
  3. Deploy the certificate in front of your Alibaba Cloud resources
  4. Manage the certificate
• D. 1 Select a certificate
  2. Deploy the certificate in front of your Alibaba Cloud resources
  3. Enter request information and submit for review
  4. Manage the certificate

Answer: A

 

NEW QUESTION 58
Alibaba Cloud WAF cannot protect against large traffic DDoS attacks which can be solved by Alibaba Cloud Ant-DDoS Service.

• A. False
• B. True

Answer: B

 

NEW QUESTION 59
User A is the system administrator of a company, who often takes business trips to Shanghai Each time when he remotely logs on to the Shanghai an alert is reported, prompting "Someone is remotely logging on to the server Please pay attention to your server security" Which of the following methods can be used to quickly and automatically resolve this issue?

• A. Log on to the Alibaba Cloud Security Center, and add a frequent logon location to the configuration item of Security Center.
• B. Call a friend, who is a famous hacker in the industry, for help.
• C. Open a ticket immediately to consult Alibaba Cloud engineers
• D. Ask the company leaders for help

Answer: A

 

NEW QUESTION 60
Data Risk Control feature has been integrated into Alibaba Cloud WAF. When this function is activated, a script must be embedded into the page that wishes to be protected under the corresponding domain name to check whether a client is trustworthy. Which type of script is it?

• A. JavaScript
• B. C++
• C. Vbscript
• D. Java

Answer: A

 

NEW QUESTION 61
Your applications are deployed on Alibaba Cloud ECS instances. You want to collect indicators by yourself for application layer monitoring. Which of the following functions provided by Alibaba Cloud CloudMonitor can be used for indicator collection, aggregation, and alerting?

• A. Custom monitoring
• B. Cloud service monitoring
• C. Site monitoring
• D. CloudMonitor cannot meet these requirements

Answer: A

 

NEW QUESTION 62
A customer built his website on Alibaba Cloud- To defend against Web attacks he activated Alibaba Cloud WAF However, a week later, the customer finds that his website has suffered intrusion. Which of the following actions should he take to ensure that WAF functions correctly and enhance system security?
(Number of correct answers: 4)

• A. Use Security Center to remove Trojans and fix vulnerabilities
• B. Check whether or not the DNS resolution results point to the WAF address
• C. Configure a security group for the ECS instance.
• D. Resolve the website domain name to the site s source IP address
• E. Delete all snapshots and clear the server
• F. Secure other HTTP services on the ECS instance using WAF

Answer: A,B,C,F

 

NEW QUESTION 63
To improve ECS instance security, the administrator does not want users on public network to check whether an ECS instance is online using the ping command. Which of the following reinforcement measures designed by the administrator is NOT feasible?

• A. Enable an operating system firewall for the ECS instance, and reject ICMP for public network access.
• B. Enable a security group, and reject ICMP for public network access.
• C. Resolve the IP address of the ECS instance to an uncommon level 4 domain name, and point the promotional domain name to the level 4 domain name through CNAME
• D. Enable a security group and only allow access from ports 80 and 25 of the public network through TCP

Answer: C

 

NEW QUESTION 64
Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?

• A. Valid Login IP list
• B. Frequent logon location management
• C. Security group
• D. Webshell detection

Answer: B

 

NEW QUESTION 65
Alibaba Cloud ECS instances are common targets of hacker attacks. There are many types of attacks against ECS instances. Which of the following attacks specifically target the operating system of an ECS instance?
(Number of correct answers: 3)

• A. Brute force SSH password cracking
• B. SQL injection
• C. Brute force RDP password cracking
• D. Trojan or Webshell installation

Answer: A,C,D

 

NEW QUESTION 66
You have helped a customer set up a content filtering solution based on Content Moderation service However, the customer is complaining that certain images are getting incorrectly flagged as pornographic content. What can you do to help fix this?

• A. Open a ticket with Alibaba Cloud support, and send them a copy of the images, so that they can tune Content Moderation's detection algorithms
• B. Modify the images until Content Moderation service starts marking them as pornographic.
• C. Create an "Image Library" from the Content Moderation console and add the images to the Image Library's whitelist
• D. Ask your customer to use different images on their site

Answer: C

 

NEW QUESTION 67
Alibaba Cloud Ant.-DDoS Premium Service is an advanced DDoS protection product It can defend against layer 4 and layer 7 attacks. Which of the following statements about Alibaba Cloud Anti-DDoS Premium Service is FALSE?

• A. Anti-DDoS Premium Service provides precise traffic reports and attack details in real time to keep you informed of the current service details on time
• B. You can adjust the anti-DDoS elastic protection threshold to a higher level at any time, with the service interruption period no longer than 3 minutes
• C. Anti-DDoS Premium Service defends against various DDoS attacks, including but not limited to ICMP flood, UDP flood, TCP flood. SYN flood, and ACK flood attacks
• D. Anti-DDoS Premium Service supports 2 billing modes: Unlimited and Insurance.

Answer: D

 

NEW QUESTION 68
In which of the following scenarios is Alibaba Cloud Security Center applicable? (Number of correct answers
3)

• A. Penetration testing
• B. Setting up web server to provide web service to public
• C. Batch server security O&M
• D. Network security protection for ad campaigns or other activities
• E. Creating an ECS with generic software

Answer: A,C,D

 

NEW QUESTION 69
An Alibaba Cloud user buys an ECS instance and deploys Tomcat on it Which of the following is the easiest way for the user to monitor whether port 8080 (used by Tomcat) on this ECS instance is functioning normally or not?

• A. Buy a third-party monitoring tool
• B. Use Alibaba Cloud CloudMonitor s site monitor feature to create a new Monitoring Task to monitor the port status.
• C. Write a script for detection and report the data to CloudMonitor.
• D. Log on to the ECS instance every hour to check the port using the command line.

Answer: B

 

NEW QUESTION 70
Which of the following services can be protected by the Alibaba Cloud Security Center's anti-brute force password cracking function? (Number of answers 3)

• A. Windows remote desktop service (RDP) Linux remote control service (SSH)
• B. Web service (HTTP)
• C. MySQL database service SQLServer database service
• D. File transfer service (FTP)

Answer: B,C,D

 

NEW QUESTION 71
......

Revolutionary Guide To Exam Alibaba Dumps: https://www.actualtorrent.com/ACP-Sec1-questions-answers.html