Labour Day - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors
  1. Home
  2. Alibaba Cloud
  3. Alibaba Security
  4. ACA-Sec1
  5. ACA Cloud Security Associate Questions and Answers

ACA-Sec1 ACA Cloud Security Associate Questions and Answers

Questions 4

Which of the following descriptions of the shared responsibilities security model is CORRECT?

Options:

A.

After beginning to use cloud service, the cloud service provider will become responsible for all of

the user’s security.

B.

After beginning to use cloud service, the user and the cloud service provider will be jointly

responsible for cloud security, with each responsible for different layers of security.

C.

After beginning to use cloud service, users must still take care of physical and environmental

security.

D.

After beginning to use cloud service, users only need to pay attention to the security of their own

apps and data. All other security will be the responsibility of the cloud service provider.

Buy Now
Questions 5

Which of the following protocol can be considered as 'application' layer protocol in ISO/OSI 7 layer model?

Options:

A.

TCP

B.

UDP

C.

IP

D.

SMTP

Buy Now
Questions 6

Which of the following services can suffer from DDoS attack?

Options:

A.

Servers in VPC only configured with private network

B.

Any device internet reachable

C.

Government website

D.

Public DNS service

E.

Offline servers

Buy Now
Questions 7

If WAF service user updated web page content after turning on website tampering protection, what does user need to do on WAF console?

Options:

A.

Update cache

B.

turn on protection switch manually

C.

add one protection rule

D.

restart the whole WAF service

Buy Now
Questions 8

In Linux OS, if you want to set a file access privilege to read, write, and execute for the

owner only, what octal number will reflect such settings correctly?

Score 2

Options:

A.

755

B.

700

C.

777

D.

766

Buy Now
Questions 9

If Server Guard (product provided by Alibaba Cloud) report some brute force password

hacking attacks, the reporting information will include? (the number of correct answers: 3)

Options:

A.

Attack initiated time

B.

Attack type

C.

Tools attacker used

D.

Attack source IP

E.

Physical location of attacker

Buy Now
Questions 10

Which of the following function is provided by 'server guard' patch management service?

Options:

A.

fix vulnerability found in open source software using Alibaba self-developed patch

B.

detect any vulnerability before it bursts

C.

release official patches for any exposed vulnerability

D.

stop hacker's vulnerabilities probing

Buy Now
Questions 11

Using RAM, Alibaba Cloud users can create and manage user accounts and control the operation

permissions these user accounts possess for resources under your account. Which of the following

descriptions of a RAM usage scenario is NOT correct?

Options:

A.

Enterprise sub-account management and permission assignment

B.

Resource operation and authorization management between enterprises

C.

Temporary authorization management for untrusted client apps

D.

Prevention of network attacks on enterprises

Buy Now
Questions 12

For an IP subnet like 192.168.0.0/24, which of the following statements is true?

Options:

A.

Every IP address inside this subnet can be assigned as a HOST IP

B.

The broadcast address of this subnet is 192.168.0.0

C.

The network address of this subnet is 192.168.0.255

D.

IP communication between the hosts inside this subnet will not go through the gateway

Buy Now
Questions 13

Which of the following statements about IPV6 and IPV4 are true?(the number of correct

answers: 2)

Options:

A.

IPV6 has bigger route table size

B.

IPV6 address length upper limit is 128 bits

C.

IPV6 has more simplified header

D.

No network switch device is needed when using IPV6 protocol to transfer data

Buy Now
Questions 14

You configure a computer to act as a zombie set in order to attack a web server on a specific date.

What would this contaminated computer be part of?

Options:

A.

The computer is part of a DDoS attack

B.

The computer is part of a TCP/IP hijacking

C.

The computer is part of a spoofing attack

D.

The computer is part of a man-in-the-middle attack

Buy Now
Questions 15

You are planning on hosting an eCommerce Web server. You are intent on making the server

secure against all external attacks possible. Which of the following would be the best way to test your

server for its weaknesses? Choose the best answer.

Options:

A.

Ping to the server

B.

Simulate a DDoS attack on that server

C.

Simulate a DoS attack on the server

D.

Check if all the patches and required antivirus software has been loaded o the server

Buy Now
Questions 16

Which of the following statements about ECS, VPC, security groups are NOT true?

(the number of correct answers: 2)

Options:

A.

rule setting for security group supports both in and out direction configuration

B.

default security group rule is safe enough, please don't change it too much

C.

by default, ECS in different security group can communicate with each other

D.

one ECS can be in several different security group

Buy Now
Questions 17

Alibaba Cloud will provide hot fix to address existing vulnerabilities. Which of the following

statements is true about this 'hot fix'?

Options:

A.

hot fix doesn't need to reboot physical host

B.

service will not be available during the hot fix

C.

hot fix means the host need to reach some temperature upper limit to be able to

proceed

D.

hot fix is transparent to end user

Buy Now
Questions 18

Which of the following 2 security risks are not included in OWASP published 2017 Top 10 Web

Application Security Risks

Options:

A.

Cross-Site Request Forgery(CSRF)

B.

Cross-Site Scripting(XSS)

C.

Unvalidated Redirects and Forwards

D.

Injection

Buy Now
Questions 19

Which of the following options can be considered as Physical environment security risks in IT

infrastructure

Options:

A.

Room temperature

B.

Data encryption

C.

Rain

D.

Sounder

Buy Now
Questions 20

Which of the following statements are true about the difference between HTTP and HTTPS

? (the number of correct answers: 2)

Options:

A.

HTTP must use port 80 and HTTPS must use port 443 to provide service

B.

HTTPS is more secure than HTTP regarding the way they transfer data

C.

Data transferred through HTTPs is under encryption

D.

You must buy commercial CA before you setup your own web server with HTTPS service

Buy Now
Questions 21

For MySQL DB, if the records number exceeds one million in one single table, which of the

following methods can help you improve querying speed?(the number of correct answers: 2)

Score 1

Options:

A.

setup index for this table

B.

use 'group by' to filter information

C.

use 'count(*)' to get total record number before query

D.

use 'limit N' to limit the number of possible returned records

Buy Now
Questions 22

Security risk may caused by 'Cloud platform', 'ISV' or 'End user', which of the following options

are the possible risks may caused by Cloud Platform?

Options:

A.

Software development cycle is not formalized

B.

Security system overall solutions are not complete

C.

Administration tools on Cloud Platform may have some flaws

D.

Cloud platform console and API may lack of security hardenning

Buy Now
Exam Code: ACA-Sec1
Exam Name: ACA Cloud Security Associate
Last Update: May 1, 2024
Questions: 147

PDF + Testing Engine

$56  $159.99
buy now ACA-Sec1 pdf + testing engine

Testing Engine

$42  $119.99
buy now ACA-Sec1 testing engine

PDF (Q&A)

$35  $99.99
buy now ACA-Sec1 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 04 May 2024