1. Home
  2. Alibaba Cloud
  3. Alibaba Security
  4. ACA-Sec1
  5. ACA Cloud Security Associate Questions and Answers

Pass the Alibaba Cloud Alibaba Security ACA-Sec1 Questions and answers with CertsForce

 Alibaba Cloud Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions
Questions # 11:

Which of the following options can be considered as Data and Application security risks in IT

infrastructure

Options:
A.

Data integrity

B.

Data access control

C.

Data readiness

D.

Data encryption

Questions # 12:

May, 2017. New blackmail virus WannaCry burst globally. This virus leveraged

Windows OS opened port 445 to initiate the attack, so the quickest way to prevent this kind

of attack is?

Options:
A.

Change 'Administrator' to some other name

B.

With 'Server Guard' protection in Alibaba Cloud, you can set password to some easy to

remember words.

C.

Except some necessary accounts for system management, disable or delete other useless

accounts

D.

Always set password with highly complex combination of number, letter and other

characters

Questions # 13:

Anti-DDOS basic is provided by Alibaba Cloud for free. Which of the following statements

about this service are NOT true? (the number of correct answers: 2)

Score 1

Options:
A.

basic anti-DDOS service can detect attack traffic and migrate them automatically

B.

basic anti-DDOS service can protect any server connect to internet

C.

no protection upper limit to the rate of attack traffic

D.

CC attack protection need to be turned on manually

Questions # 14:

Which of the following options is the top 1 web application security risk based on OWASP 2017

report?

Options:
A.

XSS Attack

B.

Server Information Theft

C.

Code Execution

D.

SQL Injection

Questions # 15:

Which of these options contains the three basic target categories for a DoS or a DDoS?

Options:
A.

Resources, printers and storage devices

B.

Networks, systems and applications

C.

Systems, memory, network access card

D.

Network access card, applications, peripheral devices

Questions # 16:

Which of the following scenarios should be handled by anti-DDOS service? (the number of

correct answers: 3)

Options:
A.

Server is under syn flood attack, and is not reachable

B.

online game service which is suffering with too many empty connections and slow

connections

C.

DNS server is under udp flood attack and got no response anymore

D.

website is under SQL injection attack

E.

website is under XSS attacks

Questions # 17:

Which of following elements are included in a TCP/IP based route table? (the number of

correct answers: 3)

Options:
A.

Network Destination

B.

Netmask

C.

Mac Address

D.

Gateway IP

E.

Port

Questions # 18:

User A rented 2 ECS server and one RDS in Alibaba Cloud to setup his company public

website. After the web site will become available online, the security risks he/she will face

will include: (the number of correct answers: 3)

Options:
A.

physical cable is cut by someone

B.

ECS admin password is hacked

C.

website codes has some vulnerability

D.

RDS DB got unknown remote logon

E.

the disk in ECS is broken

Questions # 19:

Which Internet protocol is used to implement Linux shell command 'ping'?

Score 2

Options:
A.

ICMP

B.

UDP

C.

PING

D.

TCP

Questions # 20:

Which protocol is a 'data link' layer protocol in ISO/OSI 7 layer network model?

Score 2

Options:
A.

ICMP

B.

ARP

C.

FTP

D.

UDP

Viewing page 2 out of 5 pages
Viewing questions 11-20 out of questions