(Oct-2022) Get professional help from our ACP-Sec1 Dumps PDF [Q21-Q42]

(Oct-2022) Get professional help from our ACP-Sec1 Dumps PDF

Give You Free Regular Updates on ACP-Sec1 Exam Questions

Alibaba ACP-Sec1 Exam Syllabus Topics:

Topic	Details
Topic 1	Characteristic, application scenarios, competitive edges and features of Alibaba Cloud Anti-DDos and WAF
Topic 2	Cloud service-related basic security protocols such as HTTP, FTP, TCP, UDP and ICMP Understanding common security risks of the above products
Topic 3	Discovering DDoS attacks, brute force password cracking attacks Security advantages of their combined solutions
Topic 4	Security application solution design, such as correct understanding and handling after receiving alerts from the console, e-mails or text messages
Topic 5	Characteristics, application scenarios and features of Alibaba Cloud security management-related products
Topic 6	Cloud computing-related product (ECS, Server Load Balancer, OSS, RDS, VPC and CDN) content

 

NEW QUESTION 21
Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?

• A. Frequent logon location management
• B. Security group
• C. Valid Login IP list
• D. Webshell detection

Answer: A

 

NEW QUESTION 22
Products like ECS and Server Load Balancer it will be automatically protected by Anti-DDoS Basic service

• A. True
• B. False

Answer: A

 

NEW QUESTION 23
Which of the following methods can be used to download the metric data of Alibaba Cloud CloudMonitor?

• A. You can only view the reports, but cannot download them.
• B. Download the data through Open APIs
• C. You can download the data through both the console and Open APIs
• D. Download the data from the console

Answer: C

 

NEW QUESTION 24
Alibaba Cloud Security's Data R.sk Control can effectively resolve junk registration, database hacking, and other service risk identification problems To use this service. you need to first collect service data. Which of the following methods can be used to collect information off Web application systems?

• A. HTML5
• B. SDK
• C. JavaScript
• D. JavaScript, SDK

Answer: C

 

NEW QUESTION 25
If you activate Alibaba Cloud Security Center on an ECS Linux instance and change the default SSH port (22) to another port, you will no longer receive SMS or email notification related to brute force password cracking

• A. True
• B. False

Answer: B

 

NEW QUESTION 26
Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)

• A. 0
• B. 1
• C. 2
• D. 3

Answer: A,D

 

NEW QUESTION 27
Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications.
Which of the following statements about CloudMonitor is accurate'?

• A. CloudMonitor must be independently bought and paid for activation
• B. CloudMonitor can monitor websites that are not deployed in Alibaba Cloud products.
• C. CloudMonitor cannot be used through the Alibaba Cloud console
• D. To use CloudMonitor for ECS monitoring, there no agent needs to be installed in ECS.

Answer: B

 

NEW QUESTION 28
Cross Site Script (XSS) attacks refer to a kind of attack by tampering the webpage using HTML injection to insert malicious scripts so as to control the user's browser when the user browses the webpage XSS vulnerabilities may be used for user identity stealing (particularly the administrator identity), behavior hijacking, Trojan insertion and worm spreading, and also phishing

• A. True
• B. False

Answer: A

 

NEW QUESTION 29
For which of the following protection scenarios is Alibaba Cloud WAF applicable? (Number of correct answers: 5)

• A. Defense against website trojans and tampering
• B. Virtual vulnerability patches
• C. Protection against malicious CC attacks
• D. Protection against SMS refresh and service data crawling
• E. Data leakage prevention
• F. Brute force cracking protection

Answer: A,B,C,E,F

 

NEW QUESTION 30
A website is built using open-source software To prevent hacker attacks and fix vulnerabilities in a timely manner, the administrator of the website wants to use the patch management feature in Security Center. Which of the following statements about patch management is FALSE.

• A. Rollback of Web vulnerabilities means to restore the original files, while rollback of Windows vulnerabilities means to uninstall the patch upgrade
• B. Vulnerabilities are automatically fixed Once a self-developed paten is released, it automatically fixes vulnerabilities for all customers who have enabled patch management.
• C. Before patches for most common Web vulnerabilities are released, the Alibaba Cloud Security O&M team will have fixed the vulnerabilities using self-developed patches
• D. Patch management can operate machines in batches in the cloud. For large-scale vulnerabilities, it supports one-key patch upgrade, which is easy and convenient

Answer: B

 

NEW QUESTION 31
Alibaba Cloud Anti-DDoS Premium Service can be used to protect against DDoS attacks larger than 100 Gbps. It can be used to protect both Alibaba Cloud hosts and non-Alibaba Cloud hosts

• A. True
• B. False

Answer: A

 

NEW QUESTION 32
To improve ECS instance security, the administrator does not want users on public network to check whether an ECS instance is online using the ping command. Which of the following reinforcement measures designed by the administrator is NOT feasible?

• A. Resolve the IP address of the ECS instance to an uncommon level 4 domain name, and point the promotional domain name to the level 4 domain name through CNAME
• B. Enable a security group and only allow access from ports 80 and 25 of the public network through TCP
• C. Enable an operating system firewall for the ECS instance, and reject ICMP for public network access.
• D. Enable a security group, and reject ICMP for public network access.

Answer: A

 

NEW QUESTION 33
Data Risk Control feature has been integrated into Alibaba Cloud WAF. When this function is activated, a script must be embedded into the page that wishes to be protected under the corresponding domain name to check whether a client is trustworthy. Which type of script is it?

• A. Vbscript
• B. Java
• C. JavaScript
• D. C++

Answer: C

 

NEW QUESTION 34
Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications Which of the following functions are currently provided by CloudMonitor? (Number of correct answers: 4)

• A. Cloud service monitoring
• B. Site monitoring
• C. Custom monitoring
• D. Alerting
• E. Custom firewall

Answer: A,B,C,D

 

NEW QUESTION 35
Alibaba Cloud Security Center is consisted of light-weight Agents and cloud engine to provide functions such as webshell scanning and removal, day vulnerability repair, security baseline inspection, and host access control, to protect the server security. Which of the following processes is NOT included in Security Center Agent?

• A. AliYunDunUpdate
• B. AliHids
• C. AliYunDun
• D. All Safe

Answer: D

 

NEW QUESTION 36
When using Alibaba Cloud Anti-DDoS Service/WAF in China Mainland, you must finish ICP Filing beforehand.

• A. True
• B. False

Answer: A

 

NEW QUESTION 37
User A is the system administrator of a company, who often takes business trips to Shanghai Each time when he remotely logs on to the Shanghai an alert is reported, prompting "Someone is remotely logging on to the server Please pay attention to your server security" Which of the following methods can be used to quickly and automatically resolve this issue?

• A. Ask the company leaders for help
• B. Log on to the Alibaba Cloud Security Center, and add a frequent logon location to the configuration item of Security Center.
• C. Call a friend, who is a famous hacker in the industry, for help.
• D. Open a ticket immediately to consult Alibaba Cloud engineers

Answer: B

 

NEW QUESTION 38
Alibaba Cloud's CloudMonitor can not only monitor ECS instances in a secure and efficient way, but also monitor HTTP sites of clients' servers in data centers However, in the latter case, Alibaba Cloud does not provide monitor agent so users need to develop their own scripts to collect data

• A. True
• B. False

Answer: B

 

NEW QUESTION 39
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?

• A. You need to manually install the agent on the external server, and use a verification key to associate it with your account
• B. Security Center does not support non-Alibaba Cloud servers
• C. Associate the Security Center client with your Alibaba Cloud official website account.
• D. You cannot check the reports on the Alibaba Cloud console.

Answer: A

 

NEW QUESTION 40
Your applications are deployed on Alibaba Cloud ECS instances. You want to collect indicators by yourself for application layer monitoring. Which of the following functions provided by Alibaba Cloud CloudMonitor can be used for indicator collection, aggregation, and alerting?

• A. Cloud service monitoring
• B. Custom monitoring
• C. Site monitoring
• D. CloudMonitor cannot meet these requirements

Answer: B

 

NEW QUESTION 41
Content Moderation Service is an API-based service Like many API services, it employs throttling to make sure that the service cannot be overwhelmed by a large number of simultaneous requests. What is the maximum number of requests per minute you can make against the Content Moderation API?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: A

 

NEW QUESTION 42
......

Achieve the ACP-Sec1 Exam Best Results with Help from Alibaba Certified Experts: https://exampasspdf.testkingit.com/Alibaba/latest-ACP-Sec1-exam-dumps.html