Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

ACA-Sec1 Questions and Answers

Question # 6

Which of the following options could NOT be the reason that causes website

tampering

A.

Share password between different users

B.

Botnet attack

C.

system vulnerability is not fixed in time

D.

Wrong security configuration

Full Access
Question # 7

If user is using anti-DDOS Pro service, but the original server has rule to limit access

to the client IPs, which of the following actions is the most proper one to take?

A.

enable CDN and change anti-DDOS pro IP to CDN address

B.

add anti-DDOS pro IP into customer firewall white list

C.

disable original server firewall

D.

enable SLB for original server

Full Access
Question # 8

Which of the following issues will NOT be an issue anymore using Alibaba Cloud ECS server? Score 2

A.

server is under brute force password hacking

B.

hardware disk or memory broken

C.

infection by Trojan Virus

D.

application vulnerability being leveraged by hackers

Full Access
Question # 9

Which of following statement about 'Server Guard' Trojan scanning functionality is NOT

correct?

Score 2

A.

Server Guard Agent will automatically scan your web pages directories and look for any

webshell file.

B.

A change to a file in the web pages directories will trigger a scan for that file

C.

you can log on to the Server Guard console to isolate webshell files with one click.

D.

Server Guard will delete any suspicious webshell file immediately

My Answer: B. Other file says D

Full Access
Question # 10

Which of the following products is designed to provide secured and stable network

connection among different VPCs?

A.

ECS

B.

SLB

C.

Security Group

D.

Express Connect

Full Access
Question # 11

Which of the following statements are true about the difference between HTTP and HTTPS

? (the number of correct answers: 2)

A.

HTTP must use port 80 and HTTPS must use port 443 to provide service

B.

HTTPS is more secure than HTTP regarding the way they transfer data

C.

Data transferred through HTTPs is under encryption

D.

You must buy commercial CA before you setup your own web server with HTTPS service

Full Access
Question # 12

Which of the following DDoS descriptions are correct?

A.

In order to get admin password

B.

Steal confidential information

C.

Causes the target server unable to process legitimate requests

D.

If the target server has no vulnerabilities, the remote attack may still succeed.

Full Access
Question # 13

Anti-DDOS basic is provided by Alibaba Cloud for free. Which of the following statements

about this service are NOT true? (the number of correct answers: 2)

Score 1

A.

basic anti-DDOS service can detect attack traffic and migrate them automatically

B.

basic anti-DDOS service can protect any server connect to internet

C.

no protection upper limit to the rate of attack traffic

D.

CC attack protection need to be turned on manually

Full Access
Question # 14

For internet communication, to setup the connection and data transition between source

and destination, which of the following information you will need? (the number of correct

answers: 3)

Score 1

A.

IP address

B.

Port

C.

Encryption algorism

D.

Protocol

E.

Router Location

Full Access
Question # 15

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

A.

Ping to the server

B.

Simulate a DDoS attack on that server

C.

Simulate a DoS attack on the server

D.

Check if all the patches and required antivirus software has been loaded o the server

Full Access
Question # 16

In Windows OS you can turn off a service through: Score 2

A.

Control Panel->Management Tool->Stop the running service

B.

Control Panel->windows update->Stop

C.

Create new firewall rule to stop service

D.

Delete administrator role and related accounts

Full Access
Question # 17

What are the advantages of anti-DDOS pro comparing to anti-DDOS basics service?

(the number of correct answers: 3)

A.

stronger defending attacks capability

B.

elastic protection bandwidth

C.

no upper limit to the attack traffic need to be handled

D.

can do anti-fraud protection

E.

can protect IDC outside Alibaba Cloud

Full Access
Question # 18

May, 2017. New blackmail virus WannaCry burst globally. This virus leveraged

Windows OS opened port 445 to initiate the attack, so the quickest way to prevent this kind

of attack is?

A.

Change 'Administrator' to some other name

B.

With 'Server Guard' protection in Alibaba Cloud, you can set password to some easy to

remember words.

C.

Except some necessary accounts for system management, disable or delete other useless

accounts

D.

Always set password with highly complex combination of number, letter and other

characters

Full Access
Question # 19

Which of the following statements are true for how to login to different ECS operating

system? (the number of correct answers: 2)

Score 1

A.

use 'remote desktop connection' for windows

B.

use 'ssh' tool for windows

C.

use 'remote desktop connection' for Linux

D.

use 'ssh' tool for Linux

Full Access
Question # 20

Which of the following statements about IPV6 and IPV4 are true?(the number of correct

answers: 2)

A.

IPV6 has bigger route table size

B.

IPV6 address length upper limit is 128 bits

C.

IPV6 has more simplified header

D.

No network switch device is needed when using IPV6 protocol to transfer data

Full Access
Question # 21

In Windows OS what command can be used to open registry table and edit it?

A.

Gpedit

B.

Regedit

C.

Gedit

D.

Zedit

Full Access
Question # 22

Which of the following statements is NOT true about daily operation on server account

andpassword maintenance?

A.

change'Administrator' to some other name

B.

with'Server Guard protection In Allbaba Cloud,you can set password to some easy to

remember words.

C.

except for some necessary accounts for system manogement,.dlsoble or delete other

seldomly used accounts

D.

always set a complexed passwcwd using combination of numbers,letters and other

characters

Full Access