ACA-Sec1 Braindumps Real Exam Updated on Dec 07, 2021 with 145 Questions [Q49-Q74]

Share

ACA-Sec1 Braindumps Real Exam Updated on Dec 07, 2021 with 145 Questions

Latest ACA-Sec1 PDF Dumps & Real Tests Free Updated Today

NEW QUESTION 49
Which of the following options is the top 1 web application security risk based on OWASP 2017 report?

  • A. XSS Attack
  • B. Code Execution
  • C. Server Information Theft
  • D. SQL Injection

Answer: D

 

NEW QUESTION 50
In the Alibaba Cloud, which services can satisfy client user identity management requirements?

  • A. Server Guard
  • B. Resource Access Management (RAM)
  • C. Situational awareness
  • D. Security group

Answer: B

 

NEW QUESTION 51
If your company has a lot of employees who would try to simultaneously access ECS server protected by 'Server Guard' using your company's intranet, the 'Sever Guard' may mistakenly identify those access requests as attacks. Which of the following methods is the best way to solve this problem? Score 2

  • A. set a highly complexed administrator password
  • B. add those IPs which need to access ECS server into 'Server Guard' logon white list
  • C. ask employees to access that ECS server not very frequently
  • D. change the rule of security group to unblock all company internal ips

Answer: B

 

NEW QUESTION 52
Which of the following protocol is dedicated to resolve IP and MAC addresses?

  • A. DNS
  • B. ICMP
  • C. ARP
  • D. TCP

Answer: C

 

NEW QUESTION 53
Which of these options contains the three basic target categories for a DoS or a DDoS?

  • A. Systems, memory, network access card
  • B. Networks, systems and applications
  • C. Network access card, applications, peripheral devices
  • D. Resources, printers and storage devices

Answer: B

 

NEW QUESTION 54
Which of the following steps is not a valid step for using anti-DDOS pro?

  • A. bind real customer identity to anti-DDOS pro IP
  • B. if original server is using its own firewall, then need to add Anti-DDOS pro IP to its white list
  • C. configure to be protected domain name
  • D. add new DNS record
  • E. change source IP

Answer: A

 

NEW QUESTION 55
In May 2017 a new blackmail virus WannaCry burst globally, using Windows OS open port 445 to initiate its attacks. What is the quickest way to prevent this kind of attacks?

  • A. set a highly complexed administrator password
  • B. disable port 445
  • C. put sensitive data in some hidden directory
  • D. encrypt all data on server side

Answer: B

 

NEW QUESTION 56
Which of following statement about 'Server Guard' Trojan scanning functionality is NOT correct?
Score 2

  • A. Server Guard will delete any suspicious webshell file immediately
    My
  • B. Server Guard Agent will automatically scan your web pages directories and look for any webshell file.
  • C. A change to a file in the web pages directories will trigger a scan for that file
  • D. you can log on to the Server Guard console to isolate webshell files with one click.

Answer: A

 

NEW QUESTION 57
Which of the following options can be considered as Physical environment security risks in IT infrastructure

  • A. Sounder
  • B. Data encryption
  • C. Rain
  • D. Room temperature

Answer: A,C,D

 

NEW QUESTION 58
Which of the following DDoS descriptions are correct?

  • A. If the target server has no vulnerabilities, the remote attack may still succeed.
  • B. Causes the target server unable to process legitimate requests
  • C. Steal confidential information
  • D. In order to get admin password

Answer: A,B

 

NEW QUESTION 59
Which of the following protocols will not be used for a SYN Flood attack?

  • A. IPX/SPX
  • B. UDP
  • C. AppleTalk
  • D. TCP

Answer: A,B,C

 

NEW QUESTION 60
Which of the following statements are true for how to login to different ECS operating system? (the number of correct answers: 2) Score 1

  • A. use 'remote desktop connection' for Linux
  • B. use 'ssh' tool for windows
  • C. use 'remote desktop connection' for windows
  • D. use 'ssh' tool for Linux

Answer: C,D

 

NEW QUESTION 61
In order to stop the service provided through a particular port in Windows OS, which of the following methods can be used to achieve this objective? (the number of correct answers: 3)

  • A. adjust local security policy
  • B. stop all guest role access
  • C. update OS patch
  • D. adjust firewall rule
  • E. stop the service itself

Answer: A,D,E

 

NEW QUESTION 62
May, 2017. New blackmail virus WannaCry burst globally. This virus leveraged Windows OS opened port 445 to initiate the attack, so the quickest way to prevent this kind of attack is?

  • A. Always set password with highly complex combination of number, letter and other characters
  • B. Change 'Administrator' to some other name
  • C. Except some necessary accounts for system management, disable or delete other useless accounts
  • D. With 'Server Guard' protection in Alibaba Cloud, you can set password to some easy to remember words.

Answer: C

 

NEW QUESTION 63
Anti-DDOS basic is provided by Alibaba Cloud for free. Which of the following statements about this service are NOT true? (the number of correct answers: 2) Score 1

  • A. basic anti-DDOS service can protect any server connect to internet
  • B. basic anti-DDOS service can detect attack traffic and migrate them automatically
  • C. no protection upper limit to the rate of attack traffic
  • D. CC attack protection need to be turned on manually

Answer: B,C

 

NEW QUESTION 64
What modes Alibaba Cloud WAF will provide to defend SQL injection? (the number of correct answers: 2) Score 1

  • A. Protection Mode
  • B. Normal Mode
  • C. Warning Mode
  • D. Restriction Mode

Answer: A,C

 

NEW QUESTION 65
In Windows OS which command can be used to track IP route, including involved node and spent time on each hop?

  • A. Tracert
  • B. Wroute
  • C. Traceroute
  • D. Route

Answer: A

 

NEW QUESTION 66
Which of the following scenarios are suitable to use CC emergency mode protection? (the number of correct answers: 2)

  • A. Native APPs
  • B. Web page
  • C. API
  • D. HTML 5 page

Answer: B,D

 

NEW QUESTION 67
Which of following attacks could serve as a CC attack? (the number of correct answers: 3) Score 1

  • A. ICMP flood
  • B. Attack through agent
  • C. Zombie network
  • D. One host simulate many IP addresses
  • E. SYN flood

Answer: B,C,D

 

NEW QUESTION 68
Which of the following scenarios is the one that 'Server Guard' will support for brute force password hacking detection?

  • A. ECS server remote logon or inside DB remote logon
  • B. Linux CRM application remote logon
  • C. Windows shared directory access
  • D. RDS remote connection

Answer: A

 

NEW QUESTION 69
Which protocol is a 'data link' layer protocol in ISO/OSI 7 layer network model?
Score 2

  • A. FTP
  • B. ICMP
  • C. ARP
  • D. UDP

Answer: C

 

NEW QUESTION 70
Which of the following statements is NOT true about web application security protection best practices?

  • A. keep monitoring system processes , performance and status
  • B. enforce security management to any public service
  • C. always scan input by user through web application
  • D. keep installing official released patches will be good enough

Answer: D

 

NEW QUESTION 71
In Linux OS, if access control to a file is shown as '-rwxrw-r--' in shell command, which of the following statements are true?
Score 2

  • A. This file is a text file
  • B. The access privilege of this user group is read only
  • C. Other users (outside of this user group) can execute this file
  • D. The owner of this file has read/write/execution privilege to this file

Answer: D

 

NEW QUESTION 72
Which of the following cloud services are the most common ones when we talk about different types of Cloud service

  • A. DaaS
  • B. SaaS
  • C. PaaS
  • D. IaaS

Answer: B,C,D

 

NEW QUESTION 73
Which service in RedHat Linux OS can be used to build network firewall functionality?
Score 2

  • A. iptables
  • B. ipfirewall
  • C. linuxfw
  • D. netstat

Answer: A

 

NEW QUESTION 74
......


Alibaba ACA-Sec1 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Aware of main application scenarios of Alibaba Cloud Security related products and know each of these products’ special usage scenario
Topic 2
  • Familiar with the concepts and related knowledge of Cloud Computing
Topic 3
  • Understanding of the concepts of Alibaba Cloud Security related products
Topic 4
  • Familiar with features of Alibaba Cloud Security related products and key product implementation principles
Topic 5
  • Activating, creating, configuring, starting and stopping and disabling a service
Topic 6
  • Knowledge of network security, such as firewall policy, key encryption, access control, network security, and network attack and protection methodologies
Topic 7
  • Able to discover and resolve common issues emerged during the use of Alibaba Cloud Security related products
Topic 8
  • Familiar with operations of Alibaba Cloud Security related products
Topic 9
  • Familiar with common network protocols such as HTTP, FTP, TCP, UDP and ICMP
Topic 10
  • Virtualization, storage and networking
  • Familiar with operation on Linux and Windows operating system and be able to configure network and storage related system commands

 

ACA-Sec1 Dumps With 100% Verified Q&As - Pass Guarantee or Full Refund: https://www.testvalid.com/ACA-Sec1-exam-collection.html