Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Alibaba Cloud ACA-Sec1 - ACA Cloud Security Associate

Alibaba Cloud ACA-Sec1 Premium Access     Download Demo    
Page: 3 / 5
Total 147 questions

If your company has a lot of employees who would try to simultaneously access ECS server protected by 'Server Guard' using your company's intranet, the 'Sever Guard' may

mistakenly identify those access requests as attacks. Which of the following methods is the best way to solve this problem? Score 2

A.

set a highly complexed administrator password

B.

change the rule of security group to unblock all company internal ips

C.

add those IPs which need to access ECS server into 'Server Guard' logon white list

D.

ask employees to access that ECS server not very frequently

Which Internet protocol is used to implement Linux shell command 'ping'?

Score 2

A.

ICMP

B.

UDP

C.

PING

D.

TCP

Which of the following options could NOT be the reason that causes website

tampering

A.

Share password between different users

B.

Botnet attack

C.

system vulnerability is not fixed in time

D.

Wrong security configuration

In Linux OS, if you want to set a file access privilege to read, write, and execute for the

owner only, what octal number will reflect such settings correctly?

Score 2

A.

755

B.

700

C.

777

D.

766

Which of the following benefit cannot be provided by 'Server Guard'?

Score 2

A.

lower the risk of sensitive data leak

B.

improve the usage of system resource

C.

lower the cost of security protection

D.

get instant alerts after attacks are detected

Which of following statement about 'Server Guard' Trojan scanning functionality is NOT

correct?

Score 2

A.

Server Guard Agent will automatically scan your web pages directories and look for any

webshell file.

B.

A change to a file in the web pages directories will trigger a scan for that file

C.

you can log on to the Server Guard console to isolate webshell files with one click.

D.

Server Guard will delete any suspicious webshell file immediately

My Answer: B. Other file says D

Which of the following protocols will not be used for a SYN Flood attack?

A.

UDP

B.

TCP

C.

IPX/SPX

D.

AppleTalk

If Server Guard (product provided by Alibaba Cloud) report some brute force password

hacking attacks, the reporting information will include? (the number of correct answers: 3)

A.

Attack initiated time

B.

Attack type

C.

Tools attacker used

D.

Attack source IP

E.

Physical location of attacker

Which of the following options is the top 1 web application security risk based on OWASP 2017

report?

A.

XSS Attack

B.

Server Information Theft

C.

Code Execution

D.

SQL Injection

Which command in Redhat Linux shell can be used to check if some specific string is included in a bunch of text files?

A.

Watch

B.

Find

C.

Grep

D.

Ca