Real ACP-Sec1 are Uploaded by TestValid provide 2021 Latest ACP-Sec1 Practice Tests Dumps.
All ACP-Sec1 Dumps and ACP Cloud Security Professional Training Courses Help candidates to study and pass the ACP Cloud Security Professional Exams hassle-free!
NEW QUESTION 32
When importing key material into Key Management Service (KMS), you will be given an import token and public encryption key valid for 24 hours. The public key KMS provides must be used to encrypt your key material before upload KMS allows you to choose different public key encryption algorithms Which ones are supported? (Number of correct answers; 3)
- A. RSAES_OAEP_SHA_256
- B. RSAES_OAEP_SHA_1
- C. RSAES_ECDHE_V1 _5
- D. RSAES PKCS1 V1 5
Answer: B,C,D
NEW QUESTION 33
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)
- A. Port access control
- B. Web application attack protection
- C. Precision access control
- D. CC protection
Answer: A,B,D
NEW QUESTION 34
Which of the following methods can be used to download the metric data of Alibaba Cloud CloudMonitor?
- A. Download the data through Open APIs
- B. You can download the data through both the console and Open APIs
- C. Download the data from the console
- D. You can only view the reports, but cannot download them.
Answer: B
NEW QUESTION 35
In a public cloud environment Alibaba Cloud is responsible for security of cloud computing infrastructure (such as the IDC environment, physical server O&M, and virtualization layer of cloud products). However, you still need to perform necessary security optimization measures for the Cloud products you purchased Which of the following actions do you think are safe?
- A. To reduce the communication cost, five administrators of the company use the root account to log on to the ECS instance.
- B. To enable colleagues working at home to update data, open public IP addresses for ApsaraDB for RDS instances, and allow all IP addresses to connect to the instances
- C. After buying an ECS instance, enable the security group firewall for the ECS instance through the console, and only allow a management IP address to remotely log on to the ECS instance.
- D. For easy management, change the administrator password for the ECS instance to 123456.
Answer: C
NEW QUESTION 36
More and more blackmail attacks (using hacking tools or ransomware) have been detected among recent network security events, causing ever greater damage and financial loss. Which of the following measures can help Alibaba Cloud customers reduce risks in blackmail attacks? (Number of correct answers 3)
- A. Deploy different service applications on servers with the same security level and security domain, and ensure unified policy management and defense
- B. When remotely operating and maintaining an ECS instance use the superuser account for login at all times
- C. If remote O&M is required use IpsecVPN or SSL VPN remote solutions
- D. Use strong passwords with more than 15 characters for the accounts of all types of cloud services
- E. Enable images and snapshots for ECS instances, back up data every day, and keep more than three redundant copies
Answer: C,D,E
NEW QUESTION 37
Alibaba Cloud Data Risk Control utilizes Alibaba Group's Big Data computing capabilities and industry-leading, risk decision making engine to address fraud threats in key service processes (such as account log on, online activity, payment) and avoid financial loss Which of the following is NOT an application scenario of Data Risk Control?
- A. Application installation
- B. Transaction rating
- C. Account registration
- D. Goods payment
Answer: A
NEW QUESTION 38
Alibaba Cloud Anti-DDoS Premium can be used only when the origin site IP address is in Alibaba Cloud.
- A. True
- B. False
Answer: B
NEW QUESTION 39
You applied for an SSL certificate through Alibaba Cloud's SSL Certificates Service During the application, you selected "Manual" at the "CSR "" step. You now want to install your certificate on a server running Apache What must you do?
- A. You can download a crt file of type "Other" from the SSL Certificates Service console, then use openssl to convert this file to pfx format for use with Apache
- B. SSL Certificates Service doesn't support the type of certificates needed by Apache. They cannot be used together
- C. You can use the "generate pfx file" function built into the SSL Certificates Service to manually generate and download the pfx file needed by Apache
- D. You must revoke your certificate and re-apply, this time choosing "Automatic" at the "CSR Generation" step. Otherwise, the SSL certificate cannot be downloaded
Answer: C
NEW QUESTION 40
Cross Site Script (XSS) attacks refer to a kind of attack by tampering the webpage using HTML injection to insert malicious scripts so as to control the user's browser when the user browses the webpage XSS vulnerabilities may be used for user identity stealing (particularly the administrator identity), behavior hijacking, Trojan insertion and worm spreading, and also phishing
- A. True
- B. False
Answer: A
NEW QUESTION 41
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?
- A. Associate the Security Center client with your Alibaba Cloud official website account.
- B. You cannot check the reports on the Alibaba Cloud console.
- C. You need to manually install the agent on the external server, and use a verification key to associate it with your account
- D. Security Center does not support non-Alibaba Cloud servers
Answer: C
NEW QUESTION 42
Alibaba Cloud Anti-DDoS Premium Service can be used to protect against DDoS attacks larger than 100 Gbps. It can be used to protect both Alibaba Cloud hosts and non-Alibaba Cloud hosts
- A. True
- B. False
Answer: A
NEW QUESTION 43
After you install the Alibaba Cloud Security center agent on a non with your Alibaba Cloud account*?
- A. The user name and password
- B. The installation verification key generated on the console
- C. Your account ID
- D. Your AccessKey
Answer: D
NEW QUESTION 44
Alibaba Cloud Security's Data R.sk Control can effectively resolve junk registration, database hacking, and other service risk identification problems To use this service. you need to first collect service data. Which of the following methods can be used to collect information off Web application systems?
- A. SDK
- B. JavaScript, SDK
- C. JavaScript
- D. HTML5
Answer: C
NEW QUESTION 45
A website is built using open-source software To prevent hacker attacks and fix vulnerabilities in a timely manner, the administrator of the website wants to use the patch management feature in Security Center. Which of the following statements about patch management is FALSE.
- A. Rollback of Web vulnerabilities means to restore the original files, while rollback of Windows vulnerabilities means to uninstall the patch upgrade
- B. Patch management can operate machines in batches in the cloud. For large-scale vulnerabilities, it supports one-key patch upgrade, which is easy and convenient
- C. Vulnerabilities are automatically fixed Once a self-developed paten is released, it automatically fixes vulnerabilities for all customers who have enabled patch management.
- D. Before patches for most common Web vulnerabilities are released, the Alibaba Cloud Security O&M team will have fixed the vulnerabilities using self-developed patches
Answer: C
NEW QUESTION 46
Which of the following services can be protected by the Alibaba Cloud Security Center's anti-brute force password cracking function? (Number of answers 3)
- A. Web service (HTTP)
- B. MySQL database service SQLServer database service
- C. File transfer service (FTP)
- D. Windows remote desktop service (RDP) Linux remote control service (SSH)
Answer: A,B,C
NEW QUESTION 47
You want to buy an SSL certificate using Alibaba Cloud's SSL Certificates Service and deploy it in front of an Alibaba Cloud resource (such as Elastic Compute Service) What is the coned sequence of steps to follow?
- A. 1 Select a certificate
2 Enter request information and submit for review
3 Manage the certificate
4 Deploy the certificate in front of your Alibaba Cloud resources - B. 1 Enter request information and submit for review 2. Select a certificate
3 Deploy the certificate in front of your Alibaba Cloud resources
4 Manage the certificate - C. 1 Select a certificate
2. Deploy the certificate in front of your Alibaba Cloud resources
3. Enter request information and submit for review
4. Manage the certificate - D. 1 Select a certificate
2 Enter request information and submit for review
3. Deploy the certificate in front of your Alibaba Cloud resources
4. Manage the certificate
Answer: A
NEW QUESTION 48
Cloud computing service security requires the joint effort of the cloud service supplier (such as Alibaba Cloud), independent software vendor (ISV), and users The failure of any party to fulfill their responsibilities may lead to security risks. Which of the following are the responsibilities of the cloud computing service users? (Number of correct answers 2)
- A. Ensure multi-channel power supply in the Cloud data center
- B. Strengthen information security management in the company to prevent sensitive information leakage
- C. Regularly change the service system password
- D. Provide security protection for physical infrastructure
Answer: B,C
NEW QUESTION 49
An Alibaba Cloud user buys an ECS instance and deploys Tomcat on it Which of the following is the easiest way for the user to monitor whether port 8080 (used by Tomcat) on this ECS instance is functioning normally or not?
- A. Use Alibaba Cloud CloudMonitor s site monitor feature to create a new Monitoring Task to monitor the port status.
- B. Write a script for detection and report the data to CloudMonitor.
- C. Log on to the ECS instance every hour to check the port using the command line.
- D. Buy a third-party monitoring tool
Answer: A
NEW QUESTION 50
There is a limit on the number of Customer Master Keys (CMKs) that users can create using Key Management Service (KMS), but users can raise this limit by submitting a support ticket to Alibaba Cloud.
- A. True
- B. False
Answer: A
NEW QUESTION 51
After you activate the button Data Risk Control feature in Alibaba Cloud WAF. Which of the following risk control verification modes m displayed if you directly request for a risk control protection URL?
- A. QR code verification
- B. Image verification
- C. Slider verification
- D. Digit verification
Answer: C
NEW QUESTION 52
......
Alibaba ACP-Sec1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
Valid Way To Pass Alibaba's ACP-Sec1 Exam with : https://www.testvalid.com/ACP-Sec1-exam-collection.html