[Dec 02, 2021] Passing Key To Getting ACP-Sec1 Certified Exam Engine PDF
ACP-Sec1 Exam Dumps Pass with Updated Dec-2021 Tests Dumps
Alibaba ACP-Sec1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
NEW QUESTION 28
baba Cloud security service provides in-depth defense Which of the following services is dedicated for host security?
- A. Security Center
- B. WAF
- C. Anti-DDoS pro Service
- D. Data Risk Control
Answer: C
NEW QUESTION 29
To improve system security and protect the system from DDoS attacks, you can use Alibaba Cloud Anti-DDoS Premium Service. Which of the following products can be used together with Alibaba Cloud Anti-DDoS Service to improve the system access capabilities? (Number of correct answers 3)
- A. Server Load Balancer
- B. CDN
- C. RDS
- D. WAF
Answer: A,B,D
NEW QUESTION 30
Alibaba Cloud Security Center is consisted of light-weight Agents and cloud engine to provide functions such as webshell scanning and removal, day vulnerability repair, security baseline inspection, and host access control, to protect the server security. Which of the following processes is NOT included in Security Center Agent?
- A. All Safe
- B. AliYunDun
- C. AliHids
- D. AliYunDunUpdate
Answer: A
NEW QUESTION 31
You have bought an ECS instance on Alibaba Cloud After deploying a Python environment on it, which of the following is the easiest and quickest way to monitor whether the Python process is running normally and report an alert if the process is accidentally terminated?
- A. Utilize process monitoring feature (can be found in ECS instance
- B. Log on to the ECS instance console
- C. Use site monitoring
- D. Write a script for monitoring by yourself.
Answer: A
NEW QUESTION 32
When using Alibaba Cloud Anti-DDoS Service/WAF in China Mainland, you must finish ICP Filing beforehand.
- A. True
- B. False
Answer: A
NEW QUESTION 33
Alibaba Cloud Data Risk Control utilizes Alibaba Group's Big Data computing capabilities and industry-leading, risk decision making engine to address fraud threats in key service processes (such as account log on, online activity, payment) and avoid financial loss Which of the following is NOT an application scenario of Data Risk Control?
- A. Application installation
- B. Transaction rating
- C. Account registration
- D. Goods payment
Answer: A
NEW QUESTION 34
Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A,C
NEW QUESTION 35
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?
- A. Associate the Security Center client with your Alibaba Cloud official website account.
- B. You cannot check the reports on the Alibaba Cloud console.
- C. You need to manually install the agent on the external server, and use a verification key to associate it with your account
- D. Security Center does not support non-Alibaba Cloud servers
Answer: C
NEW QUESTION 36
If an ECS instance needs to be accessed by other applications from internet, a corresponding "port" must be enabled For example, HTTP applications work on port 80, while FTP applications work on port 21 If an administrator configures network security policies for this ECS instance, which of the following policies is the safest?
- A. The administrator wants to build multiple applications on an ECS instance. For easy management, the administrator uses default settings and allows any IP address to access required service ports
- B. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens all ports for public networks
- C. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens only the required service ports for public networks
- D. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens ports 0-1024 for public networks
Answer: C
NEW QUESTION 37
Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?
- A. Security group
- B. Valid Login IP list
- C. Webshell detection
- D. Frequent logon location management
Answer: D
NEW QUESTION 38
When users log on to ECS instances through SSH or remote desktop from public Internet, Alibaba Cloud Security Center will monitor the log on behaviors If an IP address uses incorrect password to log on to an ECS instance for too many times, an alert "ECS instance suffers brute force password cracking" will be prompted If you receive this alert, which of the following is the safest way to handle this alert?
- A. Inform all users on the service platform of changing their passwords, and eliminate simple passwords using technical measures
- B. This alert does not matter and can be ignored.
- C. Log on immediately to the ECS instance and check the logon logs If no abnormal logon success record is found ignore this alert.
- D. Update the system user password immediately for the ECS instance, and enable the security group firewall to allow only specified IP addresses to connect to the ECS instance
Answer: D
NEW QUESTION 39
If you activate Alibaba Cloud Security Center on an ECS Linux instance and change the default SSH port (22) to another port, you will no longer receive SMS or email notification related to brute force password cracking
- A. True
- B. False
Answer: B
NEW QUESTION 40
Alibaba Cloud Security Center provides patch management service, where are the patches published from?
- A. Developed by Alibaba Cloud
- B. Officially published by application vendors
- C. Contributed by netizens from open-source communities
- D. Officially published by operating system vendors
Answer: C
NEW QUESTION 41
Alibaba Cloud Ant.-DDoS Premium Service is an advanced DDoS protection product It can defend against layer 4 and layer 7 attacks. Which of the following statements about Alibaba Cloud Anti-DDoS Premium Service is FALSE?
- A. Anti-DDoS Premium Service supports 2 billing modes: Unlimited and Insurance.
- B. You can adjust the anti-DDoS elastic protection threshold to a higher level at any time, with the service interruption period no longer than 3 minutes
- C. Anti-DDoS Premium Service provides precise traffic reports and attack details in real time to keep you informed of the current service details on time
- D. Anti-DDoS Premium Service defends against various DDoS attacks, including but not limited to ICMP flood, UDP flood, TCP flood. SYN flood, and ACK flood attacks
Answer: A
NEW QUESTION 42
To improve ECS instance security, the administrator does not want users on public network to check whether an ECS instance is online using the ping command. Which of the following reinforcement measures designed by the administrator is NOT feasible?
- A. Enable an operating system firewall for the ECS instance, and reject ICMP for public network access.
- B. Resolve the IP address of the ECS instance to an uncommon level 4 domain name, and point the promotional domain name to the level 4 domain name through CNAME
- C. Enable a security group, and reject ICMP for public network access.
- D. Enable a security group and only allow access from ports 80 and 25 of the public network through TCP
Answer: B
NEW QUESTION 43
Among various types of network attacks, "phishing" is one of the most common attacks. A phishing website looks exactly the same as the real website It asks visitors to login with their accounts and passwords; at the same time, record these privacy information for illegal purpose. Which of the following statements about how phishing websites are spread is FALSE?
- A. Phishing website links are sent through Facebook. Twitter and other IM(instant Messenger) applications.
- B. Phishing website links are published in batches through emails forums, blogs, and SNS(Social Network Sites).
- C. Banks publish phishing website links in prominent positions on their official websites
- D. Advertisements are pushed to search engines and small and medium websites, attracting users to click the phishing website links.
Answer: C
NEW QUESTION 44
Anti-DDoS is one of the major products of Alibaba Cloud Security service Many websites have suffered DDoS attacks of different types. Therefore, accurate understanding of DDoS attacks is critical to the website security protection. Which of the following statements about DDoS attacks is the MOST accurate?
- A. DDoS attacks primarily target a database
- B. The main purpose of a DDoS attack is to prevent the target server from providing normal services
- C. The purpose of a DDoS attack is to steal confidential information
- D. A DDoS attack cracks the servers logon password by means of numerous attempts
Answer: B
NEW QUESTION 45
Data Risk Control feature has been integrated into Alibaba Cloud WAF. When this function is activated, a script must be embedded into the page that wishes to be protected under the corresponding domain name to check whether a client is trustworthy. Which type of script is it?
- A. Vbscript
- B. Java
- C. C++
- D. JavaScript
Answer: D
NEW QUESTION 46
User A is the system administrator of a company, who often takes business trips to Shanghai Each time when he remotely logs on to the Shanghai an alert is reported, prompting "Someone is remotely logging on to the server Please pay attention to your server security" Which of the following methods can be used to quickly and automatically resolve this issue?
- A. Ask the company leaders for help
- B. Log on to the Alibaba Cloud Security Center, and add a frequent logon location to the configuration item of Security Center.
- C. Call a friend, who is a famous hacker in the industry, for help.
- D. Open a ticket immediately to consult Alibaba Cloud engineers
Answer: B
NEW QUESTION 47
More and more blackmail attacks (using hacking tools or ransomware) have been detected among recent network security events, causing ever greater damage and financial loss. Which of the following measures can help Alibaba Cloud customers reduce risks in blackmail attacks? (Number of correct answers 3)
- A. Deploy different service applications on servers with the same security level and security domain, and ensure unified policy management and defense
- B. When remotely operating and maintaining an ECS instance use the superuser account for login at all times
- C. If remote O&M is required use IpsecVPN or SSL VPN remote solutions
- D. Use strong passwords with more than 15 characters for the accounts of all types of cloud services
- E. Enable images and snapshots for ECS instances, back up data every day, and keep more than three redundant copies
Answer: C,D,E
NEW QUESTION 48
The ScheduleKeyDeletion function lets you schedule a time to delete Key Management Service (KMS) keys.
How far in the future can a key deletion event be scheduled?
- A. 15 days
- B. 60 days
- C. 7 days
- D. 30 days
Answer: A
NEW QUESTION 49
You have set an alert policy for the disk usage of an ECS instance by using Alibaba Cloud CloudMonitor Each measurement cycle lasts for 5 minutes, during which the average disk usage is measured If the average disk usage exceeds 80% for five consecutive measurement cycles, an alert will be reported After your average disk usage exceeds 80%, how long will it take to receive an alert with the best case scenario?
- A. 20 minutes
- B. 0 minutes
- C. 30 minutes
- D. 40 minutes
Answer: C
NEW QUESTION 50
Clean bandwidth refers to the maximum normal clean bandwidth that can be processed by Anti-DDoS Premium instances when your business is not under attack. Make sure that the Clean bandwidth of the instance is greater than the peak value of the inbound or outbound traffic of all services connected to the Anti-DDoS Premium instances If the actual traffic volume exceeds the maximum Clean bandwidth, your business may be subject to traffic restrictions or random packet losses, and your normal business may be unavailable, slowed, or delayed for a certain period of time
- A. True
- B. False
Answer: A
NEW QUESTION 51
Your applications are deployed on Alibaba Cloud ECS instances. You want to collect indicators by yourself for application layer monitoring. Which of the following functions provided by Alibaba Cloud CloudMonitor can be used for indicator collection, aggregation, and alerting?
- A. Site monitoring
- B. Custom monitoring
- C. Cloud service monitoring
- D. CloudMonitor cannot meet these requirements
Answer: B
NEW QUESTION 52
......
ACP-Sec1 exam questions for practice in 2021 Updated 82 Questions: https://www.guidetorrent.com/ACP-Sec1-pdf-free-download.html