
Latest ACP-Sec1 Pass Guaranteed Exam Dumps with Accurate & Updated Questions
ACP-Sec1 Exam Brain Dumps - Study Notes and Theory
NEW QUESTION 23
Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications Which of the following functions are currently provided by CloudMonitor? (Number of correct answers: 4)
- A. Cloud service monitoring
- B. Site monitoring
- C. Custom monitoring
- D. Custom firewall
- E. Alerting
Answer: A,B,C,E
NEW QUESTION 24
When a Layer-4 forwarding rule is configured with multiple origin site IP addresses, Alibaba Cloud Anti-ODoS Premium Service will perform load balancing for Layer-4 requests using balancing algorithm
- A. False
- B. True
Answer: B
NEW QUESTION 25
Cross Site Script (XSS) attacks refer to a kind of attack by tampering the webpage using HTML injection to insert malicious scripts so as to control the user's browser when the user browses the webpage XSS vulnerabilities may be used for user identity stealing (particularly the administrator identity), behavior hijacking, Trojan insertion and worm spreading, and also phishing
- A. False
- B. True
Answer: B
NEW QUESTION 26
More than one CNAME record is generated for the same domain name when Alibaba Cloud Anti-DDoS Premium Service Instance is purchased for load balancing purpose.
- A. False
- B. True
Answer: A
NEW QUESTION 27
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)
- A. Web application attack protection
- B. CC protection
- C. Precision access control
- D. Port access control
Answer: A,B,D
NEW QUESTION 28
Alibaba Cloud Anti-DDoS Premium Service can be used to protect against DDoS attacks larger than 100 Gbps. It can be used to protect both Alibaba Cloud hosts and non-Alibaba Cloud hosts
- A. False
- B. True
Answer: B
NEW QUESTION 29
Which of the following configurations is NOT a feature provided by Alibaba Cloud Web Application Firewall product?
- A. HTTP ACL Policy
- B. Crawler Detection
- C. Blocked Regions
- D. Data Leakage Prevention
Answer: C
NEW QUESTION 30
The protection rules of Alibaba Cloud WAF are updated in real time after a user makes changes in WAF configuration page.
- A. False
- B. True
Answer: B
NEW QUESTION 31
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?
- A. You cannot check the reports on the Alibaba Cloud console.
- B. You need to manually install the agent on the external server, and use a verification key to associate it with your account
- C. Associate the Security Center client with your Alibaba Cloud official website account.
- D. Security Center does not support non-Alibaba Cloud servers
Answer: B
NEW QUESTION 32
Anti-DDoS Premium Service is a value-added service intended to address the problem of service interruption caused by DDoS attack to servers including non-Alibaba Cloud hosts) Users can configure a protected IP address so that the attack traffic can be redirected to this IP address, thereby ensuring the stability and reliability of the origin site. When a user configures Anti-DDoS Premium Service and imports an HTTPS certificate, the system prompts an "incorrect parameter format" error Which of the following is NOT the reason of this error?
- A. The certificate contains nonstandard content
- B. The certificate contains strings like "--"
- C. The name of the certificate is too long to be accepted
- D. The name of the certificate contains invalid letters
Answer: A
NEW QUESTION 33
Which of the following features are available in Alibaba Cloud Anti-DDoS Premium product? (Number of correct answers: 3)
- A. Malformed packets filtering
- B. Web application layer DDoS protection
- C. Transport layer DDoS protection
- D. SQL injection Attack blocking
Answer: A,B,C
NEW QUESTION 34
Cloud computing service security requires the joint effort of the cloud service supplier (such as Alibaba Cloud), independent software vendor (ISV), and users The failure of any party to fulfill their responsibilities may lead to security risks. Which of the following are the responsibilities of the cloud computing service users? (Number of correct answers 2)
- A. Provide security protection for physical infrastructure
- B. Strengthen information security management in the company to prevent sensitive information leakage
- C. Regularly change the service system password
- D. Ensure multi-channel power supply in the Cloud data center
Answer: B,C
NEW QUESTION 35
A customer built his website on Alibaba Cloud- To defend against Web attacks he activated Alibaba Cloud WAF However, a week later, the customer finds that his website has suffered intrusion. Which of the following actions should he take to ensure that WAF functions correctly and enhance system security?
(Number of correct answers: 4)
- A. Delete all snapshots and clear the server
- B. Resolve the website domain name to the site s source IP address
- C. Check whether or not the DNS resolution results point to the WAF address
- D. Configure a security group for the ECS instance.
- E. Use Security Center to remove Trojans and fix vulnerabilities
- F. Secure other HTTP services on the ECS instance using WAF
Answer: C,D,E,F
NEW QUESTION 36
Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B,C
NEW QUESTION 37
You applied for an SSL certificate through Alibaba Cloud's SSL Certificates Service During the application, you selected "Manual" at the "CSR "" step. You now want to install your certificate on a server running Apache What must you do?
- A. You must revoke your certificate and re-apply, this time choosing "Automatic" at the "CSR Generation" step. Otherwise, the SSL certificate cannot be downloaded
- B. You can download a crt file of type "Other" from the SSL Certificates Service console, then use openssl to convert this file to pfx format for use with Apache
- C. You can use the "generate pfx file" function built into the SSL Certificates Service to manually generate and download the pfx file needed by Apache
- D. SSL Certificates Service doesn't support the type of certificates needed by Apache. They cannot be used together
Answer: C
NEW QUESTION 38
In which of the following scenarios is Alibaba Cloud Security Center applicable? (Number of correct answers
3)
- A. Penetration testing
- B. Creating an ECS with generic software
- C. Batch server security O&M
- D. Setting up web server to provide web service to public
- E. Network security protection for ad campaigns or other activities
Answer: A,C,E
NEW QUESTION 39
Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?
- A. Webshell detection
- B. Frequent logon location management
- C. Security group
- D. Valid Login IP list
Answer: B
NEW QUESTION 40
Alibaba Cloud Security Center is consisted of light-weight Agents and cloud engine to provide functions such as webshell scanning and removal, day vulnerability repair, security baseline inspection, and host access control, to protect the server security. Which of the following processes is NOT included in Security Center Agent?
- A. AliHids
- B. AliYunDun
- C. AliYunDunUpdate
- D. All Safe
Answer: D
NEW QUESTION 41
After a customer uses Alibaba Cloud Anti-DDoS Premium Service, a 502 error is prompted. Which of the followings are the possible causes of the error? (Number of correct answers 3)
- A. Network congestion or jitter occurred
- B. The IP address of the origin site is exposed and suffered an attack
- C. The service was configured using the IP address method instead of the CI
- D. The Anti-DDoS Service IP range was not released As a result, the origin site is blocked.
Answer: A,B,D
NEW QUESTION 42
To improve ECS instance security, the administrator does not want users on public network to check whether an ECS instance is online using the ping command. Which of the following reinforcement measures designed by the administrator is NOT feasible?
- A. Resolve the IP address of the ECS instance to an uncommon level 4 domain name, and point the promotional domain name to the level 4 domain name through CNAME
- B. Enable an operating system firewall for the ECS instance, and reject ICMP for public network access.
- C. Enable a security group and only allow access from ports 80 and 25 of the public network through TCP
- D. Enable a security group, and reject ICMP for public network access.
Answer: A
NEW QUESTION 43
Content Moderation service is useful m a wide variety of scenarios. Which of the following are the *most* suited to Content Moderation's capabilities? (Number of correct answers 2)
- A. Detecting sensitive customer information such as credit card numbers in uploaded images
- B. Detecting faces in images
- C. Deleting porn on a social networking site
- D. Detecting spam posts on a forum
Answer: C,D
NEW QUESTION 44
......
Alibaba ACP-Sec1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
Pass Alibaba ACP-Sec1 Test Practice Test Questions Exam Dumps: https://www.suretorrent.com/ACP-Sec1-exam-guide-torrent.html