
ACA-Sec1 Braindumps Real Exam Updated on Dec 07, 2021 with 145 Questions
Latest ACA-Sec1 PDF Dumps & Real Tests Free Updated Today
NEW QUESTION 49
Which of the following options is the top 1 web application security risk based on OWASP 2017 report?
- A. XSS Attack
- B. Code Execution
- C. Server Information Theft
- D. SQL Injection
Answer: D
NEW QUESTION 50
In the Alibaba Cloud, which services can satisfy client user identity management requirements?
- A. Server Guard
- B. Resource Access Management (RAM)
- C. Situational awareness
- D. Security group
Answer: B
NEW QUESTION 51
If your company has a lot of employees who would try to simultaneously access ECS server protected by 'Server Guard' using your company's intranet, the 'Sever Guard' may mistakenly identify those access requests as attacks. Which of the following methods is the best way to solve this problem? Score 2
- A. set a highly complexed administrator password
- B. add those IPs which need to access ECS server into 'Server Guard' logon white list
- C. ask employees to access that ECS server not very frequently
- D. change the rule of security group to unblock all company internal ips
Answer: B
NEW QUESTION 52
Which of the following protocol is dedicated to resolve IP and MAC addresses?
- A. DNS
- B. ICMP
- C. ARP
- D. TCP
Answer: C
NEW QUESTION 53
Which of these options contains the three basic target categories for a DoS or a DDoS?
- A. Systems, memory, network access card
- B. Networks, systems and applications
- C. Network access card, applications, peripheral devices
- D. Resources, printers and storage devices
Answer: B
NEW QUESTION 54
Which of the following steps is not a valid step for using anti-DDOS pro?
- A. bind real customer identity to anti-DDOS pro IP
- B. if original server is using its own firewall, then need to add Anti-DDOS pro IP to its white list
- C. configure to be protected domain name
- D. add new DNS record
- E. change source IP
Answer: A
NEW QUESTION 55
In May 2017 a new blackmail virus WannaCry burst globally, using Windows OS open port 445 to initiate its attacks. What is the quickest way to prevent this kind of attacks?
- A. set a highly complexed administrator password
- B. disable port 445
- C. put sensitive data in some hidden directory
- D. encrypt all data on server side
Answer: B
NEW QUESTION 56
Which of following statement about 'Server Guard' Trojan scanning functionality is NOT correct?
Score 2
- A. Server Guard will delete any suspicious webshell file immediately
My - B. Server Guard Agent will automatically scan your web pages directories and look for any webshell file.
- C. A change to a file in the web pages directories will trigger a scan for that file
- D. you can log on to the Server Guard console to isolate webshell files with one click.
Answer: A
NEW QUESTION 57
Which of the following options can be considered as Physical environment security risks in IT infrastructure
- A. Sounder
- B. Data encryption
- C. Rain
- D. Room temperature
Answer: A,C,D
NEW QUESTION 58
Which of the following DDoS descriptions are correct?
- A. If the target server has no vulnerabilities, the remote attack may still succeed.
- B. Causes the target server unable to process legitimate requests
- C. Steal confidential information
- D. In order to get admin password
Answer: A,B
NEW QUESTION 59
Which of the following protocols will not be used for a SYN Flood attack?
- A. IPX/SPX
- B. UDP
- C. AppleTalk
- D. TCP
Answer: A,B,C
NEW QUESTION 60
Which of the following statements are true for how to login to different ECS operating system? (the number of correct answers: 2) Score 1
- A. use 'remote desktop connection' for Linux
- B. use 'ssh' tool for windows
- C. use 'remote desktop connection' for windows
- D. use 'ssh' tool for Linux
Answer: C,D
NEW QUESTION 61
In order to stop the service provided through a particular port in Windows OS, which of the following methods can be used to achieve this objective? (the number of correct answers: 3)
- A. adjust local security policy
- B. stop all guest role access
- C. update OS patch
- D. adjust firewall rule
- E. stop the service itself
Answer: A,D,E
NEW QUESTION 62
May, 2017. New blackmail virus WannaCry burst globally. This virus leveraged Windows OS opened port 445 to initiate the attack, so the quickest way to prevent this kind of attack is?
- A. Always set password with highly complex combination of number, letter and other characters
- B. Change 'Administrator' to some other name
- C. Except some necessary accounts for system management, disable or delete other useless accounts
- D. With 'Server Guard' protection in Alibaba Cloud, you can set password to some easy to remember words.
Answer: C
NEW QUESTION 63
Anti-DDOS basic is provided by Alibaba Cloud for free. Which of the following statements about this service are NOT true? (the number of correct answers: 2) Score 1
- A. basic anti-DDOS service can protect any server connect to internet
- B. basic anti-DDOS service can detect attack traffic and migrate them automatically
- C. no protection upper limit to the rate of attack traffic
- D. CC attack protection need to be turned on manually
Answer: B,C
NEW QUESTION 64
What modes Alibaba Cloud WAF will provide to defend SQL injection? (the number of correct answers: 2) Score 1
- A. Protection Mode
- B. Normal Mode
- C. Warning Mode
- D. Restriction Mode
Answer: A,C
NEW QUESTION 65
In Windows OS which command can be used to track IP route, including involved node and spent time on each hop?
- A. Tracert
- B. Wroute
- C. Traceroute
- D. Route
Answer: A
NEW QUESTION 66
Which of the following scenarios are suitable to use CC emergency mode protection? (the number of correct answers: 2)
- A. Native APPs
- B. Web page
- C. API
- D. HTML 5 page
Answer: B,D
NEW QUESTION 67
Which of following attacks could serve as a CC attack? (the number of correct answers: 3) Score 1
- A. ICMP flood
- B. Attack through agent
- C. Zombie network
- D. One host simulate many IP addresses
- E. SYN flood
Answer: B,C,D
NEW QUESTION 68
Which of the following scenarios is the one that 'Server Guard' will support for brute force password hacking detection?
- A. ECS server remote logon or inside DB remote logon
- B. Linux CRM application remote logon
- C. Windows shared directory access
- D. RDS remote connection
Answer: A
NEW QUESTION 69
Which protocol is a 'data link' layer protocol in ISO/OSI 7 layer network model?
Score 2
- A. FTP
- B. ICMP
- C. ARP
- D. UDP
Answer: C
NEW QUESTION 70
Which of the following statements is NOT true about web application security protection best practices?
- A. keep monitoring system processes , performance and status
- B. enforce security management to any public service
- C. always scan input by user through web application
- D. keep installing official released patches will be good enough
Answer: D
NEW QUESTION 71
In Linux OS, if access control to a file is shown as '-rwxrw-r--' in shell command, which of the following statements are true?
Score 2
- A. This file is a text file
- B. The access privilege of this user group is read only
- C. Other users (outside of this user group) can execute this file
- D. The owner of this file has read/write/execution privilege to this file
Answer: D
NEW QUESTION 72
Which of the following cloud services are the most common ones when we talk about different types of Cloud service
- A. DaaS
- B. SaaS
- C. PaaS
- D. IaaS
Answer: B,C,D
NEW QUESTION 73
Which service in RedHat Linux OS can be used to build network firewall functionality?
Score 2
- A. iptables
- B. ipfirewall
- C. linuxfw
- D. netstat
Answer: A
NEW QUESTION 74
......
Alibaba ACA-Sec1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
ACA-Sec1 Dumps With 100% Verified Q&As - Pass Guarantee or Full Refund: https://www.testvalid.com/ACA-Sec1-exam-collection.html