New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Alibaba Cloud
  3. Alibaba Security
  4. ACA-Sec1 - ACA Cloud Security Associate

Alibaba Cloud ACA-Sec1 ACA Cloud Security Associate Exam Practice Test

Page: 1 / 15
Total 147 questions
Get ACA-Sec1 Full Access Download ACA-Sec1 PDF

ACA Cloud Security Associate Questions and Answers

Question 1

Which of these options contains the three basic target categories for a DoS or a DDoS?

Options:

A.

Resources, printers and storage devices

B.

Networks, systems and applications

C.

Systems, memory, network access card

D.

Network access card, applications, peripheral devices

Question 2

Which of the following Keys in HTTP heads are related to cache control? (the number of correct answers: 3)

Options:

A.

Cache-Control

B.

Date

C.

Age

D.

Expires

E.

Host

Question 3

Which of the following statements about IPV6 and IPV4 are true?(the number of correct

answers: 2)

Options:

A.

IPV6 has bigger route table size

B.

IPV6 address length upper limit is 128 bits

C.

IPV6 has more simplified header

D.

No network switch device is needed when using IPV6 protocol to transfer data

Question 4

ECS cloud server is one of the service provided by Alibaba Cloud. If it is attacked by

some internet hacker, which of the following consequences such attack could cause? (the

number of correct answers: 2)

Options:

A.

Physical Server Damage

B.

Leak of customer sensitive data

C.

Service running on this ECS become not available

D.

The datacenter where the ECS belongs to need to shutdown

Question 5

Which of the following HTTP status code does reflect that the requested page does not exist?

Options:

A.

403

B.

404

C.

201

D.

304

Question 6

Which of the following cloud services are the most common ones when we talk about different

types of Cloud service

Options:

A.

IaaS

B.

PaaS

C.

SaaS

D.

DaaS

Question 7

A DoS attack that sends a flood of synchronization (SYN) requests and never sends the final

acknowledgement (ACK) is typically known as which of the following?

Options:

A.

Smurf

B.

Ping Flood

C.

Fraggle

D.

SYN flood

Question 8

In an IP (Internet Protocol) spoofing attack, what field of an IP (Internet Protocol) packet does the

attacker manipulate?

Options:

A.

The version field

B.

The source address field

C.

The source port field

D.

The destination address field

Question 9

In a regular server maintenance operation, the purpose of installing a patch on the operating system is?

Options:

A.

To improve server resource usage

B.

to improve system usability

C.

to enhance system functionality

D.

to avoid existing system vulnerabilities being used by some hackers

Question 10

Which command in Redhat Linux shell can be used to check if some specific string is included in a bunch of text files?

Options:

A.

Watch

B.

Find

C.

Grep

D.

Ca

Question 11

Which of the following protocol can be considered as 'application' layer protocol in ISO/OSI 7 layer model?

Options:

A.

TCP

B.

UDP

C.

IP

D.

SMTP

Question 12

If your company has a lot of employees who would try to simultaneously access ECS server protected by 'Server Guard' using your company's intranet, the 'Sever Guard' may

mistakenly identify those access requests as attacks. Which of the following methods is the best way to solve this problem? Score 2

Options:

A.

set a highly complexed administrator password

B.

change the rule of security group to unblock all company internal ips

C.

add those IPs which need to access ECS server into 'Server Guard' logon white list

D.

ask employees to access that ECS server not very frequently

Question 13

Using RAM, Alibaba Cloud users can create and manage user accounts and control the operation

permissions these user accounts possess for resources under your account. Which of the following

descriptions of a RAM usage scenario is NOT correct?

Options:

A.

Enterprise sub-account management and permission assignment

B.

Resource operation and authorization management between enterprises

C.

Temporary authorization management for untrusted client apps

D.

Prevention of network attacks on enterprises

Question 14

If WAF service user updated web page content after turning on website tampering protection, what does user need to do on WAF console?

Options:

A.

Update cache

B.

turn on protection switch manually

C.

add one protection rule

D.

restart the whole WAF service

Question 15

. In the ISO/OSI 7 layers networking model, which of the following functions are provided for

the 'network layer'? (the number of correct answers: 2)

Options:

A.

Routing

B.

congestion handling

C.

end to end reliable and transparent data transition

D.

physical connection

Question 16

Inside cloud, hypervisor vulnerability could cause the following possible consequences: (the

number of correct answers: 3)

Options:

A.

One client host can access another client's data

B.

User service become unavailable

C.

Hacker can access host server directly

D.

Incorrect client resource usage calculating

Question 17

Each host connecting to internet will face the potential attacks from internet as follows : ( the numbers of correct answers : 3)

Options:

A.

Brute Force password hacking

B.

Trojan planting

C.

Content Compliance Requirement

D.

Vulnerability scanning

E.

Lack of storage resource

Question 18

Which of the following can be termed as the Denial of Service Attack? Choose the best answer.

Options:

A.

A computer on your network has crashed

B.

Your router is unable to find a destination outside of your network

C.

Your Web server has gone into a loop trying to service a client request

D.

You keyboard is no longer responding

Question 19

What modes Alibaba Cloud WAF will provide to defend SQL injection? (the number of

correct answers: 2)

Score 1

Options:

A.

Normal Mode

B.

Protection Mode

C.

Warning Mode

D.

Restriction Mode

Question 20

What of the followings will happen if encounter DoS or DDoS attack?

Options:

A.

Data received successfully

B.

Delay of data reception

C.

Slow access web resources

D.

unauthorized access control

Question 21

Which of the following methods can't be used against CC attack?

Options:

A.

use WAF

B.

change HTTP service to HTTPS service

C.

resolve domain name to a disguised IP

D.

change the service providing port

Question 22

Which of the following statements is true about classic network and VPC?

Options:

A.

they can do same thing

B.

you can customize your private IP in a classic network

C.

you can customize your private IP in VPC

D.

servers inside VPC can only communicate to other VPC network

Load More ACA-Sec1 Questions 
Page: 1 / 15
Total 147 questions
Get ACA-Sec1 Full Access Download ACA-Sec1 PDF