Alibaba ACA-Sec1 Exam Practice Test Instant Access

Question 1

Which of the following DDoS descriptions are correct?

AIn order to get admin password

BSteal confidential information

CCauses the target server unable to process legitimate requests

DIf the target server has no vulnerabilities, the remote attack may still succeed.

Answer : C, D

Question 2

What of the followings will happen if encounter DoS or DDoS attack?

AData received successfully

BDelay of data reception

CSlow access web resources

Dunauthorized access control

Answer : B, C

Question 3

Which of the followings are not the reasons for a DDoS attack?

ADestroying of integrity

BDestroying of confidentiality

CDestroying of availability

DDestroying of business credit

Answer : A, B, D

Question 4

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

APing to the server

BSimulate a DDoS attack on that server

CSimulate a DoS attack on the server

DCheck if all the patches and required antivirus software has been loaded o the server

Answer : B

Question 5

Security risk may caused by 'Cloud platform', 'ISV' or 'End user', which of the following options

are the possible risks may caused by Cloud Platform?

ASoftware development cycle is not formalized

BSecurity system overall solutions are not complete

CAdministration tools on Cloud Platform may have some flaws

DCloud platform console and API may lack of security hardenning

Answer : B, C, D

Question 6

If user is using anti-DDOS Pro service, but the original server has rule to limit access

to the client IPs, which of the following actions is the most proper one to take?

Aenable CDN and change anti-DDOS pro IP to CDN address

Badd anti-DDOS pro IP into customer firewall white list

Cdisable original server firewall

Denable SLB for original server

Answer : B

Question 7

Which of the following steps is not a valid step for using anti-DDOS pro?

Aconfigure to be protected domain name

Badd new DNS record

Cchange source IP

Dif original server is using its own firewall, then need to add Anti-DDOS pro IP to its white
list

Ebind real customer identity to anti-DDOS pro IP

Answer : E

Alibaba ACA-Sec1 ACA Cloud Security Certification Exam Practice Test