ACP-Sec1 Practice Exam Questions and Answers

Alibaba Cloud Anti-DDoS Premium can be used only when the origin site IP address is in Alibaba Cloud.

Alibaba Cloud Security Center Agent is installed in ECS instances by default, no need to install it manually Users can detach Security Center Agent at any time they desire.

Alibaba Cloud WAF cannot protect against large traffic DDoS attacks which can be solved by Alibaba Cloud Ant-DDoS Service.

Alibaba Cloud Security's Data R.sk Control can effectively resolve junk registration, database hacking, and other service risk identification problems To use this service. you need to first collect service data. Which of the following methods can be used to collect information off Web application

systems?

Anti-DDoS Premium Service is a value-added service intended to address the problem of service interruption caused by DDoS attack to servers

including non-Alibaba Cloud hosts)

Users can configure a protected IP address so that the attack traffic can be redirected to this IP address, thereby ensuring the stability and reliability of the origin site. When a user configures Anti-DDoS Premium Service and imports an HTTPS certificate, the system prompts an "incorrect parameter format" error Which of the following is NOT the reason of this error?

There is a limit on the number of Customer Master Keys (CMKs) that users can create using Key Management Service (KMS), but users can raise this limit by submitting a support ticket to Alibaba Cloud.

Alibaba Cloud WAF currently supports web security protection for HTTP and HTTPS. Which of the following ports are usually used for HTTP and HTTPS protocols? (Number of correct answers: 2)

More than one CNAME record is generated for the same domain name when Alibaba Cloud Anti-DDoS Premium Service Instance is purchased for load balancing purpose.

Cross Site Script (XSS) attacks refer to a kind of attack by tampering the webpage using HTML injection to insert malicious scripts so as to control the user's browser when the user browses the webpage XSS vulnerabilities may be used for user identity stealing (particularly the administrator identity), behavior hijacking, Trojan insertion and worm spreading, and also phishing

When the agent of Alibaba Cloud Security Center running on a server, it normally uses less than 1% of the CPU and 10 MB of memory, which can void affecting the server's performance

Among various types of network attacks, "phishing" is one of the most common attacks. A phishing website looks exactly the same as the real website It asks visitors to login with their accounts and passwords; at the same time, record these privacy information for illegal purpose. Which of the following statements about how phishing websites are spread is FALSE?

Alibaba Cloud CloudMonitor is a service that monitors Alibaba Cloud resources and Internet applications Which of the following functions are currently provided by CloudMonitor? (Number of correct answers: 4)