ACA-Sec1 Exam Dumps - ACA Cloud Security Associate

Question # 4

Which directory is the home directory of root user?

/home/root

/root

/boot

Full Access

Question # 5

Which of the following statements is TRUE about Anti-DDOS basics?

it can only protect servers outside of Alibaba Cloud

it is free to charge

need to turn on manually

There is no service limitation for peak traffic

Full Access

Question # 6

Alibaba Cloud offers different security protection plans to different tenant accounts. Which of the

following is NOT a security plan offered by Alibaba Cloud?

Password-free login

Two-factor authentication

Phone number binding

Phone or email verification for password resetting

Full Access

Question # 7

Which of the following statements about cloud security shared responsibilities model are true? (the

number of correct answers: 2)

for users who is using IAAS service, they should be responsible for their business system which is

on top of cloud infrastructure

cloud service provider should guarantee the security of all physical infrastructure

the damage caused by attacks leveraging security vulnerability in customers' application server

should be charged to cloud service provider

cloud user should also take care of some of the hardware maintenance and operation work

Full Access

Question # 8

Which of following statements about the possible reasons that cause web server

vulnerabilities are true? (the number of correct answers: 2)

Score 1

Bugs generated during common component development

Hardware configuration is not up to date

Software used or OS itself contain some logic flaw

End user didn't follow the user manual

Full Access

Question # 9

What will the correct stops the traffic will flow through if the user used all following cloud service: WAF, Anti-DDOS pro, CDN.

CDN- >Anti-DDOS Pro->WAF->Original Website

Anti-DDOS Pro->CDN->WAF->Original website

CDN- >WAF->Anti-DDOS Pro->Original website

Anti-DDOS Pro->WAF->CDN->Original website

Full Access

Question # 10

Which of the following application vulnerabilities are not as popular as others?

SQL Injection

XSS exploit

File uploading vulnerability

Kernel privilege breaking

Full Access

Question # 11

Which of the following functions does not belong to what WAF can provide?

DB encryption

SQL injection detection

XSS attack detection

unauthorized resource access blocking

Full Access

Question # 12

When 'Server Guard' detects remote logon behavior, what information will be

shown on 'Server Guard' console?

Illegal Logon!

Migrated Already!

Logon Successfully!

Remote Logon Detected!

Full Access

Question # 13

What design flaw of TCP/IP protocol does SYN flood attack use?

UDP stateless connectio

DNS 3 times hands shake

TCP 3 times hands shake

HTTP plain text transmission

Full Access

Question # 14

Which of the following scenarios are suitable to use CC emergency mode protection? (the

number of correct answers: 2)

Web page

HTML 5 page

API

Native APPs

Full Access

Question # 15

ECS cloud server is one of the service provided by Alibaba Cloud. If it is attacked by

some internet hacker, which of the following consequences such attack could cause? (the

number of correct answers: 2)

Physical Server Damage

Leak of customer sensitive data

Service running on this ECS become not available

The datacenter where the ECS belongs to need to shutdown

Full Access

Question # 16

Which of the IP addresses are private IP addresses? (Correct Answers: 2)

192.169.1.1

172.16.58.14

10.44.10.45

8.8.8.8

Full Access

Question # 17

Which of the following options could NOT be the reason that causes website

tampering

Share password between different users

Botnet attack

system vulnerability is not fixed in time

Wrong security configuration

Full Access

Question # 18

User A rented 2 ECS server and one RDS in Alibaba Cloud to setup his company public

website. After the web site will become available online, the security risks he/she will face

will include: (the number of correct answers: 3)

physical cable is cut by someone

ECS admin password is hacked

website codes has some vulnerability

RDS DB got unknown remote logon

the disk in ECS is broken

Full Access

Question # 19

What status transition flow a TCP client will go through in order to proactively establish connection and disconnect it?

SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->TIME_WAIT

SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->CLOSE_WAIT

SYNC_RCVD- ->ESTABLISHED-->CLOSE_WAIT-->TIME_WAIT-->LAST_ACK

SYNC_SENT- ->SYNC_RCVD-->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2

Full Access

Question # 20

Which of the following issues will NOT be an issue anymore using Alibaba Cloud ECS server? Score 2

server is under brute force password hacking

hardware disk or memory broken

infection by Trojan Virus

application vulnerability being leveraged by hackers

Full Access

Question # 21

Which of following statements is NOT true about anti-DDOS basics and anti-DDOS Pro?

both can defend DDOS attack

anti-DDOS pro is free to charge

anti-DDOS pro has more capabilities to defend against DDOS attacks

anti-DDOS pro can protect both inside and outside Alibaba Cloud servers

Full Access

Question # 22

Which of the followings are not the reasons for a DDoS attack?

Destroying of integrity

Destroying of confidentiality

Destroying of availability

Destroying of business credit

Full Access

Hot Exams

ADM-201 Dumps

Sales-Cloud-Consultant Dumps

PCNSE Dumps

Service-Cloud-Consultant Dumps

Platform-App-Builder Dumps

AZ-500 Dumps

Associate-Cloud-Engineer Dumps

350-701 Dumps

AZ-104 Dumps

CKA Dumps

SY0-601 Dumps

NCSE-Core Dumps

Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

ACA-Sec1 Exam Dumps - ACA Cloud Security Associate

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Hot Exams