1223 お客様のコメント
質問 1:
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?
A. You need to manually install the agent on the external server, and use a verification key to associate it with your account
B. Associate the Security Center client with your Alibaba Cloud official website account.
C. You cannot check the reports on the Alibaba Cloud console.
D. Security Center does not support non-Alibaba Cloud servers
正解:A
質問 2:
Which of the following features are available in Alibaba Cloud Anti-DDoS Premium product? (Number of correct answers: 3)
A. Web application layer DDoS protection
B. SQL injection Attack blocking
C. Transport layer DDoS protection
D. Malformed packets filtering
正解:A,C,D
質問 3:
Which of the following attacks can Alibaba Cloud Anti-DDoS Basic defend against? (Number of coned answers 4)
A. SYN Flood
B. ACK Flood
C. Brute force password cracking
D. CMP Flood
E. UDP Flood
正解:A,B,C,E
質問 4:
If an ECS instance needs to be accessed by other applications from internet, a corresponding "port" must be enabled For example, HTTP applications work on port 80, while FTP applications work on port 21 If an administrator configures network security policies for this ECS instance, which of the following policies is the safest?
A. The administrator wants to build multiple applications on an ECS instance. For easy management, the administrator uses default settings and allows any IP address to access required service ports
B. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens all ports for public networks
C. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens only the required service ports for public networks
D. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens ports 0-1024 for public networks
正解:C
質問 5:
Alibaba Cloud Ant.-DDoS Premium Service is an advanced DDoS protection product It can defend against layer 4 and layer 7 attacks. Which of the following statements about Alibaba Cloud Anti-DDoS Premium Service is FALSE?
A. Anti-DDoS Premium Service provides precise traffic reports and attack details in real time to keep you informed of the current service details on time
B. Anti-DDoS Premium Service supports 2 billing modes: Unlimited and Insurance.
C. Anti-DDoS Premium Service defends against various DDoS attacks, including but not limited to ICMP flood, UDP flood, TCP flood. SYN flood, and ACK flood attacks
D. You can adjust the anti-DDoS elastic protection threshold to a higher level at any time, with the service interruption period no longer than 3 minutes
正解:B
質問 6:
Alibaba Cloud WAF cannot protect against large traffic DDoS attacks which can be solved by Alibaba Cloud Ant-DDoS Service.
A. False
B. True
正解:B
質問 7:
Products like ECS and Server Load Balancer it will be automatically protected by Anti-DDoS Basic service
A. False
B. True
正解:B
質問 8:
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)
A. CC protection
B. Web application attack protection
C. Precision access control
D. Port access control
正解:A,B,D
If you install Alibaba Cloud Security Center client on a non-Alibaba Cloud server, which of the following statements allows you to check the server-related reports on the Security Center?
A. You need to manually install the agent on the external server, and use a verification key to associate it with your account
B. Associate the Security Center client with your Alibaba Cloud official website account.
C. You cannot check the reports on the Alibaba Cloud console.
D. Security Center does not support non-Alibaba Cloud servers
正解:A
質問 2:
Which of the following features are available in Alibaba Cloud Anti-DDoS Premium product? (Number of correct answers: 3)
A. Web application layer DDoS protection
B. SQL injection Attack blocking
C. Transport layer DDoS protection
D. Malformed packets filtering
正解:A,C,D
質問 3:
Which of the following attacks can Alibaba Cloud Anti-DDoS Basic defend against? (Number of coned answers 4)
A. SYN Flood
B. ACK Flood
C. Brute force password cracking
D. CMP Flood
E. UDP Flood
正解:A,B,C,E
質問 4:
If an ECS instance needs to be accessed by other applications from internet, a corresponding "port" must be enabled For example, HTTP applications work on port 80, while FTP applications work on port 21 If an administrator configures network security policies for this ECS instance, which of the following policies is the safest?
A. The administrator wants to build multiple applications on an ECS instance. For easy management, the administrator uses default settings and allows any IP address to access required service ports
B. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens all ports for public networks
C. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens only the required service ports for public networks
D. After buying an ECS instance, the administrator immediately enables the security group firewall on the console and opens ports 0-1024 for public networks
正解:C
質問 5:
Alibaba Cloud Ant.-DDoS Premium Service is an advanced DDoS protection product It can defend against layer 4 and layer 7 attacks. Which of the following statements about Alibaba Cloud Anti-DDoS Premium Service is FALSE?
A. Anti-DDoS Premium Service provides precise traffic reports and attack details in real time to keep you informed of the current service details on time
B. Anti-DDoS Premium Service supports 2 billing modes: Unlimited and Insurance.
C. Anti-DDoS Premium Service defends against various DDoS attacks, including but not limited to ICMP flood, UDP flood, TCP flood. SYN flood, and ACK flood attacks
D. You can adjust the anti-DDoS elastic protection threshold to a higher level at any time, with the service interruption period no longer than 3 minutes
正解:B
質問 6:
Alibaba Cloud WAF cannot protect against large traffic DDoS attacks which can be solved by Alibaba Cloud Ant-DDoS Service.
A. False
B. True
正解:B
質問 7:
Products like ECS and Server Load Balancer it will be automatically protected by Anti-DDoS Basic service
A. False
B. True
正解:B
質問 8:
Alibaba Cloud WAF is a security protection product based on Alibaba Group's web security defense experience accumulated over more than a decade By defending against common OWASP attacks, providing patches to fix vulnerabilities, and allowing users to customize protection policies for website services, WAF can successfully safeguard the security and availability of websites and web applications. Which of the following types of security configurations does WAF provide? (Number of correct answers 3)
A. CC protection
B. Web application attack protection
C. Precision access control
D. Port access control
正解:A,B,D
Furumiya -
このACP-Sec1一つだけでかなり方向性が見えてきて自信が湧いてきました。