ACA-Sec1 Sample Questions Answers

lower the risk of sensitive data leak

improve the usage of system resource

lower the cost of security protection

get instant alerts after attacks are detected

HTTP

ICMP

NTP

UDP

In order to get admin password

Steal confidential information

Causes the target server unable to process legitimate requests

If the target server has no vulnerabilities, the remote attack may still succeed.

it can only protect servers outside of Alibaba Cloud

it is free to charge

need to turn on manually

There is no service limitation for peak traffic

OS vulnerability

Hardware fault

Application Vulnerability

Hypervisor Vulnerability

Data Center Serviceability

SYN flood

ICMP flood

One host simulate many IP addresses

Attack through agent

Zombie network

HTTPD

IIS

Web Daemon

Apache

SQL injection

System Command Execution vulnerability

CSRF(cross site request fraud)vulnerability

File uploading vulnerability

HTTP must use port 80 and HTTPS must use port 443 to provide service

HTTPS is more secure than HTTP regarding the way they transfer data

Data transferred through HTTPs is under encryption

You must buy commercial CA before you setup your own web server with HTTPS service

Security group

Server Guard

Resource Access Management (RAM)

Situational awareness

2314

2341

2431

2413

Injection

Account or service flow hijacking

Denial of service

Multi-tenant isolation failure

Normal Mode

Protection Mode

Warning Mode

Restriction Mode

Painter.exe

Cmd.exe

Batch.exe

Term.exe

Watch

Find

Grep

Ca

brute Force password hacking detection and defense

suspicious remote login detection and warning

security vulnerability scanning and patching

anti-ddos

anti SQL injection

Brute Force password hacking

Trojan planting

Content Compliance Requirement

Vulnerability scanning

Lack of storage resource

Adding more search request together with the original one

adding an absolute true condition to bypass original request

use incorrect SQL function

use selfmade variable

adding ";" or "--" to change the original request purpose with new request attached

use WAF

change HTTP service to HTTPS service

resolve domain name to a disguised IP

change the service providing port

IP address

Port

Encryption algorism

Protocol

Router Location

they can do same thing

you can customize your private IP in a classic network

you can customize your private IP in VPC

servers inside VPC can only communicate to other VPC network

better CPU usage

fine grained access control to you server

enlarge your network bandwidth

apply QOS to a specific IP

IPV6 has bigger route table size

IPV6 address length upper limit is 128 bits

IPV6 has more simplified header

No network switch device is needed when using IPV6 protocol to transfer data

213

312

132

231

adjust firewall rule

adjust local security policy

update OS patch

stop the service itself

stop all guest role access

SQL Injection

XSS exploit

File uploading vulnerability

Kernel privilege breaking

Control Panel->Management Tool->Stop the running service

Control Panel->windows update->Stop

Create new firewall rule to stop service

Delete administrator role and related accounts

Source IP

URI

How long the detection should last

How frequently the page is visited by one single source IP

Target IP

OS system log

Application log

Hypervisor log

Cloud platform log

change'Administrator' to some other name

with'Server Guard protection In Allbaba Cloud,you can set password to some easy to

remember words.

except for some necessary accounts for system manogement,.dlsoble or delete other

seldomly used accounts

always set a complexed passwcwd using combination of numbers,letters and other

characters

A record

CNAME Record

TXT Record

MX Record

CC attack will simulate real user requests

Will consume massive sever side resource

CC attack is done on network layer

The request generated by CC attack is hard to be distinguished from normal requests

This file is a text file

The access privilege of this user group is read only

The owner of this file has read/write/execution privilege to this file

Other users (outside of this user group) can execute this file

Enterprise sub-account management and permission assignment

Resource operation and authorization management between enterprises

Temporary authorization management for untrusted client apps

Prevention of network attacks on enterprises

UDP stateless connectio

DNS 3 times hands shake

TCP 3 times hands shake

HTTP plain text transmission

Data received successfully

Delay of data reception

Slow access web resources

unauthorized access control

Update cache

turn on protection switch manually

add one protection rule

restart the whole WAF service

servers in VPC only configured with private network

any device internet reachable

government website

public DNS service

offline servers

Website is used for some illegal attempts

Public image or reputation of your company is damaged

Business is impacted

Physical server is damaged

FTP

TCP

HTTP

SNMP

technical skills show off of hacker

business competition

blackmail

help to find system vulnerability