[2022年09月10日] 有効なACP-Sec1テスト解答ACP-Sec1試験PDF問題を試そう
有効なAlibaba Security ACP-Sec1問題集はあなたの合格を必ず保証します
質問 24
User A is the system administrator of a company, who often takes business trips to Shanghai Each time when he remotely logs on to the Shanghai an alert is reported, prompting "Someone is remotely logging on to the server Please pay attention to your server security" Which of the following methods can be used to quickly and automatically resolve this issue?
- A. Log on to the Alibaba Cloud Security Center, and add a frequent logon location to the configuration item of Security Center.
- B. Open a ticket immediately to consult Alibaba Cloud engineers
- C. Call a friend, who is a famous hacker in the industry, for help.
- D. Ask the company leaders for help
正解: A
質問 25
There is a limit on the number of Customer Master Keys (CMKs) that users can create using Key Management Service (KMS), but users can raise this limit by submitting a support ticket to Alibaba Cloud.
- A. False
- B. True
正解: B
質問 26
To improve system security and protect the system from DDoS attacks, you can use Alibaba Cloud Anti-DDoS Premium Service. Which of the following products can be used together with Alibaba Cloud Anti-DDoS Service to improve the system access capabilities? (Number of correct answers 3)
- A. RDS
- B. CDN
- C. Server Load Balancer
- D. WAF
正解: B,C,D
質問 27
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)
- A. CC protection
- B. Port access control
- C. Precision access control
- D. Web application attack protection
正解: A,B,D
質問 28
Users can detach the Security Center client on Alibaba Cloud ECS instances, and reinstall it later when necessary.
- A. False
- B. True
正解: B
質問 29
Your applications are deployed on Alibaba Cloud ECS instances. You want to collect indicators by yourself for application layer monitoring. Which of the following functions provided by Alibaba Cloud CloudMonitor can be used for indicator collection, aggregation, and alerting?
- A. Cloud service monitoring
- B. Custom monitoring
- C. CloudMonitor cannot meet these requirements
- D. Site monitoring
正解: B
質問 30
After you install the Alibaba Cloud Security center agent on a non with your Alibaba Cloud account*?
- A. Your account ID
- B. Your AccessKey
- C. The installation verification key generated on the console
- D. The user name and password
正解: B
質問 31
Which of the following attacks can Alibaba Cloud Anti-DDoS Basic defend against? (Number of coned answers 4)
- A. Brute force password cracking
- B. SYN Flood
- C. CMP Flood
- D. ACK Flood
- E. UDP Flood
正解: A,B,D,E
質問 32
As your business grows, you begin exceeding the maximum number of requests-per-minute supported by the Content Moderation API and requests begin to fail What is the best way to resolve this issue?
- A. There is nothing you can do to reoslve this problem, except to make fewer requests.
- B. Open a ticket and ask for the API request limits to be raised
- C. Open a second Alibaba Cloud account, buy Content Moderation service under that account, and split your quests between these two accounts.
- D. Build a custom message queue solution which you can use to buffer requests and spread them out over time
正解: B
質問 33
Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)
- A. 0
- B. 1
- C. 2
- D. 3
正解: A,D
質問 34
Among various types of network attacks, "phishing" is one of the most common attacks. A phishing website looks exactly the same as the real website It asks visitors to login with their accounts and passwords; at the same time, record these privacy information for illegal purpose. Which of the following statements about how phishing websites are spread is FALSE?
- A. Phishing website links are published in batches through emails forums, blogs, and SNS(Social Network Sites).
- B. Phishing website links are sent through Facebook. Twitter and other IM(instant Messenger) applications.
- C. Advertisements are pushed to search engines and small and medium websites, attracting users to click the phishing website links.
- D. Banks publish phishing website links in prominent positions on their official websites
正解: D
質問 35
Anti-DDoS Premium Service is a value-added service intended to address the problem of service interruption caused by DDoS attack to servers including non-Alibaba Cloud hosts) Users can configure a protected IP address so that the attack traffic can be redirected to this IP address, thereby ensuring the stability and reliability of the origin site. When a user configures Anti-DDoS Premium Service and imports an HTTPS certificate, the system prompts an "incorrect parameter format" error Which of the following is NOT the reason of this error?
- A. The certificate contains strings like "--"
- B. The certificate contains nonstandard content
- C. The name of the certificate is too long to be accepted
- D. The name of the certificate contains invalid letters
正解: B
質問 36
When the agent of Alibaba Cloud Security Center running on a server, it normally uses less than 1% of the CPU and 10 MB of memory, which can void affecting the server's performance
- A. False
- B. True
正解: B
質問 37
Which of the following features are available in Alibaba Cloud Anti-DDoS Premium product? (Number of correct answers: 3)
- A. Malformed packets filtering
- B. Transport layer DDoS protection
- C. Web application layer DDoS protection
- D. SQL injection Attack blocking
正解: A,B,C
質問 38
Cross Site Script (XSS) attacks refer to a kind of attack by tampering the webpage using HTML injection to insert malicious scripts so as to control the user's browser when the user browses the webpage XSS vulnerabilities may be used for user identity stealing (particularly the administrator identity), behavior hijacking, Trojan insertion and worm spreading, and also phishing
- A. False
- B. True
正解: B
質問 39
When submitting requests to the Content Moderation service API, which HTTP method should you use?
- A. POST
- B. HEAD
- C. PUT
- D. GET
正解: A
質問 40
Clean bandwidth refers to the maximum normal clean bandwidth that can be processed by Anti-DDoS Premium instances when your business is not under attack. Make sure that the Clean bandwidth of the instance is greater than the peak value of the inbound or outbound traffic of all services connected to the Anti-DDoS Premium instances If the actual traffic volume exceeds the maximum Clean bandwidth, your business may be subject to traffic restrictions or random packet losses, and your normal business may be unavailable, slowed, or delayed for a certain period of time
- A. False
- B. True
正解: B
質問 41
......
Alibaba ACP-Sec1 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
ACP-Sec1問題集でリアル試験問題でテストエンジン問題集でトレーニング:https://www.jpntest.com/shiken/ACP-Sec1-mondaishu