Pass Your Alibaba Exam with ACA-Sec1 Exam Dumps (Updated 145 Questions)
ACA-Sec1 Exam Dumps - Alibaba Practice Test Questions
NEW QUESTION 72
Which of the following steps is not a valid step for using anti-DDOS pro?
- A. configure to be protected domain name
- B. add new DNS record
- C. change source IP
- D. if original server is using its own firewall, then need to add Anti-DDOS pro IP to its white list
- E. bind real customer identity to anti-DDOS pro IP
Answer: E
NEW QUESTION 73
For internet communication, to setup the connection and data transition between source and destination, which of the following information you will need? (the number of correct answers: 3) Score 1
- A. IP address
- B. Protocol
- C. Encryption algorism
- D. Router Location
- E. Port
Answer: A,B
NEW QUESTION 74
Which of the following shell command can be used to check disk usage in a Linux OS ECS
- A. Echo
- B. Free -m
- C. Ps -e -o
- D. Df -h
Answer: D
NEW QUESTION 75
Which of the following options is the top 1 web application security risk based on OWASP 2017 report?
- A. SQL Injection
- B. Server Information Theft
- C. Code Execution
- D. XSS Attack
Answer: A
NEW QUESTION 76
Which of the following protocol can be considered as 'application' layer protocol in ISO/OSI 7 layer model?
- A. IP
- B. TCP
- C. UDP
- D. SMTP
Answer: D
NEW QUESTION 77
Which of the following service may under anti-DDOS attack?(the number of correct answers:
3)
Score 1
- A. any device internet reachable
- B. public DNS service
- C. government website
- D. servers in VPC only configured with private network
- E. offline servers
Answer: A,B,C
NEW QUESTION 78
Using RAM, Alibaba Cloud users can create and manage user accounts and control the operation permissions these user accounts possess for resources under your account. Which of the following descriptions of a RAM usage scenario is NOT correct?
- A. Resource operation and authorization management between enterprises
- B. Temporary authorization management for untrusted client apps
- C. Enterprise sub-account management and permission assignment
- D. Prevention of network attacks on enterprises
Answer: D
NEW QUESTION 79
Which of the following security issues is considered by the OWASP to be the most dangerous issue facing cloud computing?
- A. Denial of service
- B. Injection
- C. Multi-tenant isolation failure
- D. Account or service flow hijacking
Answer: B
NEW QUESTION 80
. In the ISO/OSI 7 layers networking model, which of the following functions are provided for the 'network layer'? (the number of correct answers: 2)
- A. end to end reliable and transparent data transition
- B. Routing
- C. congestion handling
- D. physical connection
Answer: B,C
NEW QUESTION 81
Inside cloud, hypervisor vulnerability could cause the following possible consequences: (the number of correct answers: 3)
- A. User service become unavailable
- B. Incorrect client resource usage calculating
- C. Hacker can access host server directly
- D. One client host can access another client's data
Answer: A,C,D
NEW QUESTION 82
What design flaw of TCP/IP protocol does SYN flood attack use?
- A. HTTP plain text transmission
- B. DNS 3 times hands shake
- C. TCP 3 times hands shake
- D. UDP stateless connectio
Answer: C
NEW QUESTION 83
Which of the followings are not the reasons for a DDoS attack?
- A. Destroying of confidentiality
- B. Destroying of business credit
- C. Destroying of availability
- D. Destroying of integrity
Answer: A,B,D
NEW QUESTION 84
Which command in Redhat Linux shell can be used to check if some specific string is included in a bunch of text files?
- A. Watch
- B. Grep
- C. Ca
- D. Find
Answer: B
NEW QUESTION 85
Please list the correct order of the following 4 steps to enable a WAF service : (1) upload HTTPS CA and private key(HTTPS website only) (2) add the domain name that needs to be protected (3) select the original IP address (4) add CNAME DNS record Score 2
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
NEW QUESTION 86
Which of the following protocols will not be used for a SYN Flood attack?
- A. UDP
- B. TCP
- C. IPX/SPX
- D. AppleTalk
Answer: A,C,D
NEW QUESTION 87
Which commands can be used to reload the operation system? (Correct Answers: 2)
- A. reload
- B. init
- C. restart
- D. shutdown
Answer: C
NEW QUESTION 88
Which of the following methods can't be used to prevent SQL injection attack?
- A. Use secured function call
- B. Strict input check
- C. Warning message for abnormal input
- D. SQL precompiling and variable binding
Answer: C
NEW QUESTION 89
What of the followings will happen if encounter DoS or DDoS attack?
- A. Data received successfully
- B. Slow access web resources
- C. Delay of data reception
- D. unauthorized access control
Answer: B,C
NEW QUESTION 90
Which of the following statements are true about the difference between HTTP and HTTPS
? (the number of correct answers: 2)
- A. HTTP must use port 80 and HTTPS must use port 443 to provide service
- B. HTTPS is more secure than HTTP regarding the way they transfer data
- C. Data transferred through HTTPs is under encryption
- D. You must buy commercial CA before you setup your own web server with HTTPS service
Answer: B,C
NEW QUESTION 91
Identify the attack where the purpose is to stop a workstation or service from functioning?
- A. This attack is known as denial of service (DoS)
- B. This attack is known as TCP/IP hijacking
- C. This attack is known as non-repudiation
- D. This attack is known as brute force
Answer: A
NEW QUESTION 92
What status transition flow a TCP client will go through in order to proactively establish connection and disconnect it?
- A. SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->TIME_WAIT
- B. SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->CLOSE_WAIT
- C. SYNC_RCVD- ->ESTABLISHED-->CLOSE_WAIT-->TIME_WAIT-->LAST_ACK
- D. SYNC_SENT- ->SYNC_RCVD-->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2
Answer: A
NEW QUESTION 93
Which of the following statements are true for how to login to different ECS operating system? (the number of correct answers: 2) Score 1
- A. use 'remote desktop connection' for windows
- B. use 'ssh' tool for windows
- C. use 'remote desktop connection' for Linux
- D. use 'ssh' tool for Linux
Answer: A,D
NEW QUESTION 94
Which of the following options can be considered as Physical environment security risks in IT infrastructure
- A. Room temperature
- B. Data encryption
- C. Rain
- D. Sounder
Answer: A,C,D
NEW QUESTION 95
CC customized protection rule supports you to define customized configuration setting.
Which of following items can be self-defined? (the number of correct answers: 3)
- A. Target IP
- B. URI
- C. How long the detection should last
- D. How frequently the page is visited by one single source IP
- E. Source IP
Answer: B,C,D
NEW QUESTION 96
......
Alibaba ACA-Sec1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
Pass Your ACA-Sec1 Exam Easily with Accurate PDF Questions: https://testinsides.actualpdf.com/ACA-Sec1-real-questions.html
