
Free Alibaba ACA-Sec1 Exam Questions & Answer from Training Expert Exam4Free
Top Alibaba ACA-Sec1 Courses Online
NEW QUESTION 79
Which of the following statements about HTTP protocol are true?(the number of correct answers: 2
- A. HTTP request supports methods like: GET, POST, PUT, HEAD, etc.
- B. HTTP protocol support state keeping
- C. HTTP is based on TCP/IP protocol
- D. Response code 200 in HTTP protocol means exception on server side
Answer: A,C
NEW QUESTION 80
In Windows OS which command can be used to track IP route, including involved node and spent time on each hop?
- A. Tracert
- B. Traceroute
- C. Wroute
- D. Route
Answer: A
NEW QUESTION 81
You just physically attached one new disk to a Linux server. Before you can write data into that disk with shell command, which of the following steps you have to finish? (the number of correct answers: 4) Score 1
- A. Make Partitions
- B. Mount
- C. Format
- D. Create Filesystem
- E. Raw Format
Answer: A,B,C,D
NEW QUESTION 82
Which of following statements about the possible reasons that cause web server vulnerabilities are true? (the number of correct answers: 2) Score 1
- A. End user didn't follow the user manual
- B. Software used or OS itself contain some logic flaw
- C. Hardware configuration is not up to date
- D. Bugs generated during common component development
Answer: B,D
NEW QUESTION 83
Which of the following options could NOT be the reason that causes website tampering
- A. Share password between different users
- B. Wrong security configuration
- C. Botnet attack
- D. system vulnerability is not fixed in time
Answer: C
NEW QUESTION 84
CC customized protection rule supports you to define customized configuration setting.
Which of following items can be self-defined? (the number of correct answers: 3)
- A. Target IP
- B. URI
- C. How long the detection should last
- D. How frequently the page is visited by one single source IP
- E. Source IP
Answer: B,C,D
NEW QUESTION 85
Which of the followings are not the reasons for a DDoS attack?
- A. Destroying of confidentiality
- B. Destroying of business credit
- C. Destroying of availability
- D. Destroying of integrity
Answer: A,B,D
NEW QUESTION 86
Which of the following Keys in HTTP heads are related to cache control? (the number of correct answers: 3)
- A. Host
- B. Expires
- C. Age
- D. Date
- E. Cache-Control
Answer: A,C
NEW QUESTION 87
Which of the following statements about 'webshell' detection feature of WAF is NOT true?
- A. there is a switch need to be turned on first
- B. If you changed some page content, you can use 'cache update' button to manually update the cache
- C. It will totally block any file to be able to upload to the web server
- D. cache will be enabled only after you turn on the protection switch
Answer: C
NEW QUESTION 88
Which of these options contains the three basic target categories for a DoS or a DDoS?
- A. Systems, memory, network access card
- B. Networks, systems and applications
- C. Network access card, applications, peripheral devices
- D. Resources, printers and storage devices
Answer: B
NEW QUESTION 89
If WAF service user updated web page content after turning on website tampering protection, what does user need to do on WAF console?
- A. turn on protection switch manually
- B. Update cache
- C. restart the whole WAF service
- D. add one protection rule
Answer: B
NEW QUESTION 90
Which of the following statements is true about HTTP protocol?
Score 2
- A. HTTP protocol can't be used to transmit file
- B. HTTP is a network layer protocol
- C. the data transmitted by this protocol is auto-encrypted
- D. default service port is 80
Answer: D
NEW QUESTION 91
Which of the following shell command can be used to check disk usage in a Linux OS ECS
- A. Echo
- B. Free -m
- C. Ps -e -o
- D. Df -h
Answer: D
NEW QUESTION 92
What is the correct action sequence of WAF protection strategy: (1) CC detection (2) Web application attack detection (3) Access control Score 2
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
NEW QUESTION 93
Which of the following logs can be accessed through ECS logs provided by Alibaba Cloud?
(the number of correct answers: 2)
- A. Hypervisor log
- B. Application log
- C. OS system log
- D. Cloud platform log
Answer: B,C
NEW QUESTION 94
In making cloud accounts more secure, which of the following is NOT a guiding principle?
- A. Anonymous logins
- B. Login verification
- C. Account permissions
- D. Authorization distribution
Answer: A
NEW QUESTION 95
You are planning on hosting an eCommerce Web server. You are intent on making the server secure against all external attacks possible. Which of the following would be the best way to test your server for its weaknesses? Choose the best answer.
- A. Simulate a DDoS attack on that server
- B. Simulate a DoS attack on the server
- C. Ping to the server
- D. Check if all the patches and required antivirus software has been loaded o the server
Answer: A
NEW QUESTION 96
Which of the following application vulnerabilities are not as popular as others?
- A. SQL Injection
- B. XSS exploit
- C. Kernel privilege breaking
- D. File uploading vulnerability
Answer: C
NEW QUESTION 97
......
New (2021) Alibaba ACA-Sec1 Exam Dumps: https://www.exam4free.com/ACA-Sec1-valid-dumps.html
