New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Alibaba Cloud ACP-Sec1 ACP Cloud Security Professional Exam Practice Test

Demo: 12 questions
Total 80 questions

ACP Cloud Security Professional Questions and Answers

Question 1

A large Internet company has services running on physical machines, as well as self-built monitoring and alert system Recently, the company wants to migrate part of the services to Alibaba Cloud and use CloudMonitor to monitor ECS instances and set alerts

What should the company do to quickly interconnect CloudMonitor alerts with the self-built alert system, and handle both alerts (alerts about the physical machines and ECS instances) in self-built alert system?

Options:

A.

Use the Event Monitoring function provided by CloudMonitor to consume alerts sent from self-built alert system

B.

Call the API for querying data provided by CloudMonitor. regularly query data, and write a code to check whether indicators are abnormal

C.

Call the API for obtaining messages and alerts that are sent to self-build alert system

D.

This cannot be implemented.

Question 2

Alibaba Cloud Security Center can record source IP addresses that remotely access a server, and shield suspicious IP addresses that frequently connect to the server. During routine O&M. which of the following functions can be used to set the IP address that are commonly used by the system administrator'?

Options:

A.

Security group

B.

Valid Login IP list

C.

Frequent logon location management

D.

Webshell detection

Question 3

Alibaba Cloud's Content Moderation service cannot detect advertising or spam content.

Options:

A.

True

B.

False

Question 4

Alibaba Cloud's CloudMonitor can not only monitor ECS instances in a secure and efficient way, but also monitor HTTP sites of clients' servers in data centers However, in the latter case, Alibaba Cloud does not provide monitor agent so users need to develop their own scripts to collect data

Options:

A.

True

B.

False

Question 5

Among various types of network attacks, "phishing" is one of the most common attacks. A phishing website looks exactly the same as the real website It asks visitors to login with their accounts and passwords; at the same time, record these privacy information for illegal purpose. Which of the following statements about how phishing websites are spread is FALSE?

Options:

A.

Banks publish phishing website links in prominent positions on their official websites

B.

Phishing website links are sent through Facebook. Twitter and other IM(instant Messenger) applications.

C.

Advertisements are pushed to search engines and small and medium websites, attracting users to click the phishing website links.

D.

Phishing website links are published in batches through emails forums, blogs, and SNS(Social Network Sites).

Question 6

Users can detach the Security Center client on Alibaba Cloud ECS instances, and reinstall it later when necessary.

Options:

A.

True

B.

False

Question 7

User A is the system administrator of a company, who often takes business trips to Shanghai Each time when he remotely logs on to the Shanghai an alert is reported, prompting "Someone is remotely logging on to the server Please pay attention to your server security" Which of the following methods can be used to quickly and automatically resolve this issue?

Options:

A.

Open a ticket immediately to consult Alibaba Cloud engineers

B.

Log on to the Alibaba Cloud Security Center, and add a frequent logon location to the configuration item of Security Center.

C.

Ask the company leaders for help

D.

Call a friend, who is a famous hacker in the industry, for help.

Question 8

An Alibaba Cloud user buys an ECS instance and deploys Tomcat on it Which of the following is the easiest way for the user to monitor whether port 8080 (used by Tomcat) on this ECS instance is functioning normally or not?

Options:

A.

Log on to the ECS instance every hour to check the port using the command line.

B.

Buy a third-party monitoring tool

C.

Write a script for detection and report the data to CloudMonitor.

D.

Use Alibaba Cloud CloudMonitor s site monitor feature to create a new Monitoring Task to monitor the port status.

Question 9

Which of the following methods can be used to download the metric data of Alibaba Cloud CloudMonitor?

Options:

A.

Download the data through Open APIs

B.

You can download the data through both the console and Open APIs

C.

You can only view the reports, but cannot download them.

D.

Download the data from the console

Question 10

A website is built using open-source software To prevent hacker attacks and fix vulnerabilities in a timely manner, the administrator of the website wants to use the patch management feature in Security Center. Which of the following statements about patch management is FALSE.

Options:

A.

Before patches for most common Web vulnerabilities are released, the Alibaba Cloud Security O&M team will have fixed the vulnerabilities using self-developed patches

B.

Rollback of Web vulnerabilities means to restore the original files, while rollback of Windows vulnerabilities means to uninstall the patch upgrade

C.

Patch management can operate machines in batches in the cloud. For large-scale vulnerabilities, it supports one-key patch upgrade, which is easy and convenient

D.

Vulnerabilities are automatically fixed Once a self-developed paten is released, it automatically fixes vulnerabilities for all customers who have enabled patch management.

Question 11

After you install the Alibaba Cloud Security center agent on a non with your Alibaba Cloud account*?

Options:

A.

The user name and password

B.

Your AccessKey

C.

Your account ID

D.

The installation verification key generated on the console

Question 12

After opening the Task Manager in Windows, you can easily see abnormal processes whose names do not comply with English grammar or computer naming conventions or contain random strings. Which of the following processes may be abnormal? (Number of correct answers: 4)

Options:

A.

svchost exe

B.

nihao exe

C.

Ikdhpec exe

D.

RegSrvc exe

E.

eeosec exe

F.

466363.exe

Demo: 12 questions
Total 80 questions