ACP-Sec1無料問題集「Alibaba ACP Cloud Security Professional」

質問 1

After a customer uses Alibaba Cloud Anti-DDoS Premium Service, a 502 error is prompted. Which of the followings are the possible causes of the error? (Number of correct answers 3)

（A）The IP address of the origin site is exposed and suffered an attack

（B）Network congestion or jitter occurred

（C）The service was configured using the IP address method instead of the CI

（D）The Anti-DDoS Service IP range was not released As a result, the origin site is blocked.

正解：A、B、D 解答を投票する

質問 2

Which of the following features are available in Alibaba Cloud Anti-DDoS Premium product? (Number of correct answers: 3)

（A）SQL injection Attack blocking

（B）Web application layer DDoS protection

（C）Transport layer DDoS protection

（D）Malformed packets filtering

正解：B、C、D 解答を投票する

質問 3

You have set an alert policy for the disk usage of an ECS instance by using Alibaba Cloud CloudMonitor Each measurement cycle lasts for 5 minutes, during which the average disk usage is measured If the average disk usage exceeds 80% for five consecutive measurement cycles, an alert will be reported After your average disk usage exceeds 80%, how long will it take to receive an alert with the best case scenario?

（A）20 minutes

（B）30 minutes

（C）40 minutes

（D）0 minutes

正解：B 解答を投票する

質問 4

If a user has multiple ECS instances on Alibaba Cloud but has no professional O&M team or is unwilling to put efforts in O&M, the user can activate Alibaba Cloud Security Center which provides security expert services like manual security checking, Trojan removing and hosted service monitoring.

（A）False

（B）True

正解：B 解答を投票する

質問 5

A website is built using open-source software To prevent hacker attacks and fix vulnerabilities in a timely manner, the administrator of the website wants to use the patch management feature in Security Center. Which of the following statements about patch management is FALSE.

（A）Rollback of Web vulnerabilities means to restore the original files, while rollback of Windows vulnerabilities means to uninstall the patch upgrade

（B）Before patches for most common Web vulnerabilities are released, the Alibaba Cloud Security O&M team will have fixed the vulnerabilities using self-developed patches

（C）Vulnerabilities are automatically fixed Once a self-developed paten is released, it automatically fixes vulnerabilities for all customers who have enabled patch management.

（D）Patch management can operate machines in batches in the cloud. For large-scale vulnerabilities, it supports one-key patch upgrade, which is easy and convenient

正解：C 解答を投票する

質問 6

You applied for an SSL certificate through Alibaba Cloud's SSL Certificates Service During the application, you selected "Manual" at the "CSR "" step. You now want to install your certificate on a server running Apache What must you do?

（A）You can download a crt file of type "Other" from the SSL Certificates Service console, then use openssl to convert this file to pfx format for use with Apache

（B）You can use the "generate pfx file" function built into the SSL Certificates Service to manually generate and download the pfx file needed by Apache

（C）SSL Certificates Service doesn't support the type of certificates needed by Apache. They cannot be used together

（D）You must revoke your certificate and re-apply, this time choosing "Automatic" at the "CSR Generation" step. Otherwise, the SSL certificate cannot be downloaded

正解：B 解答を投票する

質問 7

Alibaba Cloud's CloudMonitor can not only monitor ECS instances in a secure and efficient way, but also monitor HTTP sites of clients' servers in data centers However, in the latter case, Alibaba Cloud does not provide monitor agent so users need to develop their own scripts to collect data

（A）False

（B）True

正解：A 解答を投票する

質問 8

To improve ECS instance security, the administrator does not want users on public network to check whether an ECS instance is online using the ping command. Which of the following reinforcement measures designed by the administrator is NOT feasible?

（A）Resolve the IP address of the ECS instance to an uncommon level 4 domain name, and point the promotional domain name to the level 4 domain name through CNAME

（B）Enable a security group, and reject ICMP for public network access.

（C）Enable a security group and only allow access from ports 80 and 25 of the public network through TCP

（D）Enable an operating system firewall for the ECS instance, and reject ICMP for public network access.

正解：A 解答を投票する

ACP-Sec1 無料問題集「Alibaba ACP Cloud Security Professional」

弊社を連絡する

関連リンク

トップ試験