 |
| Alibaba Cloud Security Overview(Exam) Answers |
Notice!
Always refer to the official Alibaba Documentaion for the most accurate and up-to-date information.
Attention!
If you have any questions that are not covered in this post, please feel free to leave them in the comments section below. Thank you for your engagement.
Exam Question
Single answer
1.Which of the following security services on the Alibaba Cloud can be selected to protect websites against common web server plug-in vulnerabilities, XSS attacks and so forth?
A. Anti-DDoS
B. Alibaba Cloud Certificates
C. Web Application Firewall
D. Security Center
Single answer
2.With WAF, Anti-DDOS Premium and SLB, what is the correct sequence for traffic to flow through?
A. Anti-DDoS Premium->SLB->WAF-> Backend Server
B. Anti-DDoS Premium->WAF->SLB->Backend Server
C. WAF->SLB->Anti-DDoS Premium->Backend Server
D. WAF->Anti-DDoS Premium->SLB->Backend Server
Single answer
3.Which of the following function cannot be provided by WAF?
A. DB encryption
B. SQL injection detection
C. XSS attack detection
D. Unauthorized resource access blocking
Single answer
4.Which of the following optoin is not the function provided by RAM?
A. User and Group definition
B. SSL encryption
C. Policy-based authorization
D. STS (Security Token Service)
Single answer
5.Which of the following statement about WAF is NOT true?
A. WAF only protects traffic coming in, not traffic going out
B. DNS will resolve original domain name to WAF cluster
C. After scrubbing, traffic will be re-injected to original server
D. Server response traffic will be scrubbed as well
Single answer
6.Which of following statements is NOT true about anti-DDoS Basic and anti-DDoS Premium?
A. Both can defend DDoS attacks
B. Anti-DDoS premium is free of charge
C. Anti-DDoS premium has more capabilities to defend against DDoS attacks
D. Anti-DDoS premium can protect servers outside Alibaba Cloud
Single answer
7.Which of the following option is not the security feature provided by Security Center?
A. Trojan scan
B. Brute Force Login detection
C. Virus scanning and removing
D. Unusual login detection
Single answer
8.Regarding Alibaba Cloud data security protection, which of the following option can satisfy the requirements of data backup and disaster recovery?
A. Alibaba Cloud Certificates
B. ApsaraDB Encrypted Storage
C. ECS Snapshot
D. HTTPDNS
Single answer
9.Which of the following Alibaba Cloud security service is used for network security protection?
A. Cloud Monitor
B. Anti-DDoS
C. Web Application Firewall
D. RAM
Single answer
10.Which of the following attacks WAF will not prevent?
A. SYN Flood
B. Web Server vulnerability attack
C. Core files unauthorized access
D. HTTP flood
Single answer
11.Which of the following method CANNOT increase account security?
A. Apllies strong password policies
B. Periodically resets of user login passwords
C. Adheres to the minimum authorization principle
D. Unites user management, permission management and resource
management into a single management process
Single answer
12.Alibaba Cloud offers different security protection plans to different tenant accounts. Which of the following is NOT a security plan offered by Alibaba Cloud?
A. Password-free login
B. Two-factor authentication
C. Phone number binding
D. Phone or email verification for password resetting
Multiple answers
13.Which of the following descriptions about DDoS are correct? (Number of correct answers: 2)
A. Gets administration password
B. Steals confidential information
C. Disables the target server to process legitimate requests
D. Makes remote attacks succeed even if the target server has no vulnerabilities
Multiple answers
14.For the Encryption of your data at rest, KMS is integrated with a wide range of Alibaba Cloud services, including___. (Correct answers: 4)
A. RDS
B. OSS
C. Log Service
D. NAS
E. MaxCompute
Multiple answers
15.Which of the following attacks are DDoS attacks? (Correct answers: 2)
A. XSS attack
B. SYN-Flood attack
C. UDP-Flood attack
D. CGI overflow attack