Winter Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. Alibaba Cloud
  3. Alibaba Security
  4. ACP-Sec1
  5. ACP Cloud Security Professional Questions and Answers

ACP-Sec1 Sample Questions Answers

Questions 4

Various profit-oriented hacker groups exist on the Internet. They control a large number of server resources and can launch network attacks against a target server at any time Among those, one type of attack is common and destructive, which completely consumes resources of the target server so that normal customers cannot connect to the server Which of the following belongs to this type of attack?

Options:

A.

XSS attack

B.

Webshell attack

C.

DDoS attack

D.

SQL injection

Buy Now
Questions 5

If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?

Options:

A.

Associate the Security Center client with your Alibaba Cloud official website account.

B.

Security Center does not support non-Alibaba Cloud servers

C.

You need to manually install the agent on the external server, and use a verification key to associate it with your account

D.

You cannot check the reports on the Alibaba Cloud console.

Buy Now
Questions 6

Which of the following methods can be used to download the metric data of Alibaba Cloud CloudMonitor?

Options:

A.

Download the data through Open APIs

B.

You can download the data through both the console and Open APIs

C.

You can only view the reports, but cannot download them.

D.

Download the data from the console

Buy Now
Questions 7

Alibaba Cloud's Content Moderation service cannot detect advertising or spam content.

Options:

A.

True

B.

False

Buy Now
Questions 8

Which of the following configurations is NOT a feature provided by Alibaba Cloud Web Application Firewall product?

Options:

A.

Blocked Regions

B.

HTTP ACL Policy

C.

Data Leakage Prevention

D.

Crawler Detection

Buy Now
Questions 9

Anti-DDoS is one of the major products of Alibaba Cloud Security service Many websites have suffered DDoS attacks of different types. Therefore, accurate understanding of DDoS attacks is critical to the website security protection. Which of the following statements about DDoS attacks is the MOST accurate?

Options:

A.

The main purpose of a DDoS attack is to prevent the target server from providing normal services

B.

A DDoS attack cracks the servers logon password by means of numerous attempts

C.

The purpose of a DDoS attack is to steal confidential information

D.

DDoS attacks primarily target a database

Buy Now
Questions 10

Alibaba Cloud's CloudMonitor can not only monitor ECS instances in a secure and efficient way, but also monitor HTTP sites of clients' servers in data centers However, in the latter case, Alibaba Cloud does not provide monitor agent so users need to develop their own scripts to collect data

Options:

A.

True

B.

False

Buy Now
Questions 11

Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)

Options:

A.

Port access control

B.

CC protection

C.

Web application attack protection

D.

Precision access control

Buy Now
Questions 12

More and more blackmail attacks (using hacking tools or ransomware) have been detected among recent network security events, causing ever greater damage and financial loss. Which of the following measures can help Alibaba Cloud customers reduce risks in blackmail attacks? (Number of correct answers 3)

Options:

A.

Enable images and snapshots for ECS instances, back up data every day, and keep more than three redundant copies

B.

Deploy different service applications on servers with the same security level and security domain, and ensure unified policy management and defense

C.

Use strong passwords with more than 15 characters for the accounts of all types of cloud services

D.

When remotely operating and maintaining an ECS instance use the superuser account for login at all times

E.

If remote O&M is required use IpsecVPN or SSL VPN remote solutions

Buy Now
Questions 13

If an ECS instance needs to be accessed by other applications from internet, a corresponding "port" must be enabled For example, HTTP applications work on port 80, while FTP applications work on port 21 If an administrator configures network security policies for this ECS instance, which of the following policies is the safest?

Options:

A.

After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens ports 0-1024 for public networks

B.

After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens only the required service ports for public networks

C.

The administrator wants to build multiple applications on an ECS instance. For easy management, the administrator uses default settings and allows any IP address to access required service ports

D.

After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens all ports for public networks

Buy Now
Questions 14

The ScheduleKeyDeletion function lets you schedule a time to delete Key Management Service (KMS) keys. How far in the future can a key deletion event be scheduled?

Options:

A.

7 days

B.

30 days

C.

15 days

D.

60 days

Buy Now
Questions 15

Which of the following services can be protected by the Alibaba Cloud Security Center's anti-brute force password cracking function? (Number of answers 3)

Options:

A.

Windows remote desktop service (RDP) Linux remote control service (SSH)

B.

Web service (HTTP)

C.

MySQL database service SQLServer database service

D.

File transfer service (FTP)

Buy Now
Questions 16

You applied for an SSL certificate through Alibaba Cloud's SSL Certificates Service During the application, you selected "Manual" at the "CSR "" step. You now want to install your certificate on a server running Apache What must you do?

Options:

A.

You must revoke your certificate and re-apply, this time choosing "Automatic" at the "CSR Generation" step. Otherwise, the SSL certificate cannot be downloaded

B.

You can download a crt file of type "Other" from the SSL Certificates Service console, then use openssl to convert this file to pfx format for use with Apache

C.

SSL Certificates Service doesn't support the type of certificates needed by Apache. They cannot be used together

D.

You can use the "generate pfx file" function built into the SSL Certificates Service to manually generate and download the pfx file needed by Apache

Buy Now
Questions 17

Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications. Which of the following statements about CloudMonitor is accurate'?

Options:

A.

CloudMonitor cannot be used through the Alibaba Cloud console

B.

CloudMonitor must be independently bought and paid for activation

C.

CloudMonitor can monitor websites that are not deployed in Alibaba Cloud products.

D.

To use CloudMonitor for ECS monitoring, there no agent needs to be installed in ECS.

Buy Now
Questions 18

Users can detach the Security Center client on Alibaba Cloud ECS instances, and reinstall it later when necessary.

Options:

A.

True

B.

False

Buy Now
Questions 19

In a public cloud environment Alibaba Cloud is responsible for security of cloud computing infrastructure (such as the IDC environment, physical server O&M, and virtualization layer of cloud products). However, you still need to perform necessary security optimization measures for the Cloud products you purchased Which of the following actions do you think are safe?

Options:

A.

To reduce the communication cost, five administrators of the company use the root account to log on to the ECS instance.

B.

After buying an ECS instance, enable the security group firewall for the ECS instance through the console, and only allow a management IP address to remotely log on to the ECS instance.

C.

For easy management, change the administrator password for the ECS instance to 123456.

D.

To enable colleagues working at home to update data, open public IP addresses for ApsaraDB for RDS instances, and allow all IP addresses to connect to the instances

Buy Now
Questions 20

After you install the Alibaba Cloud Security center agent on a non with your Alibaba Cloud account*?

Options:

A.

The user name and password

B.

Your AccessKey

C.

Your account ID

D.

The installation verification key generated on the console

Buy Now
Questions 21

To improve system security and protect the system from DDoS attacks, you can use Alibaba Cloud Anti-DDoS Premium Service. Which of the following products can be used together with Alibaba Cloud Anti-DDoS Service to improve the system access capabilities? (Number of correct answers 3)

Options:

A.

Server Load Balancer

B.

CDN

C.

WAF

D.

RDS

Buy Now
Questions 22

Before using the HTTPS protection feature in Alibaba Cloud WAF, you must upload the server certificate and private key beforehand.

Options:

A.

True

B.

False

Buy Now
Questions 23

Cloud computing service security requires the joint effort of the cloud service supplier (such as Alibaba Cloud), independent software vendor (ISV), and users The failure of any party to fulfill their responsibilities may lead to security risks. Which of the following are the responsibilities of the cloud computing service users? (Number of correct answers 2)

Options:

A.

Ensure multi-channel power supply in the Cloud data center

B.

Provide security protection for physical infrastructure

C.

Regularly change the service system password

D.

Strengthen information security management in the company to prevent sensitive information leakage

Buy Now
Questions 24

You are importing your own key material in to Key Management Service (KMS). Which of the following is the correct sequence of steps to follow?

Options:

A.

1 Create an external key

2 Get the "import key material" parameters

3 Import the key material

B.

1 Import the key material

2 Get the "import key material" parameters

3 Create an external key

C.

1 Create an external key

2 Import the key material

3 Get the "import key material" parameters

D.

1 Get the "import key material" parameter

2 Create an external key

3. Import the key material

Buy Now
Exam Code: ACP-Sec1
Exam Name: ACP Cloud Security Professional
Last Update: Nov 21, 2024
Questions: 80
$64  $159.99
$48  $119.99
$40  $99.99
buy now ACP-Sec1