Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

ACA-Sec1 ACA Cloud Security Associate Questions and Answers

Questions 4

Which of the following statements about HTTP protocol are true?(the number of correct

answers: 2

Options:

A.

HTTP protocol support state keeping

B.

HTTP is based on TCP/IP protocol

C.

HTTP request supports methods like: GET, POST, PUT, HEAD, etc.

D.

Response code 200 in HTTP protocol means exception on server side

Buy Now
Questions 5

What status transition flow a TCP client will go through in order to proactively establish connection and disconnect it?

Options:

A.

SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->TIME_WAIT

B.

SYNC_SENT- ->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2-->CLOSE_WAIT

C.

SYNC_RCVD- ->ESTABLISHED-->CLOSE_WAIT-->TIME_WAIT-->LAST_ACK

D.

SYNC_SENT- ->SYNC_RCVD-->ESTABLISHED-->FIN_WAIT1-->FIN_WAIT2

Buy Now
Questions 6

Which of the following options does not belong to 5 key elements of network

communication?

Options:

A.

Encryption Algorism

B.

Source IP

C.

Destination IP

D.

Communication Protocol

Buy Now
Questions 7

Which of the followings are not the reasons for a DDoS attack?

Options:

A.

Destroying of integrity

B.

Destroying of confidentiality

C.

Destroying of availability

D.

Destroying of business credit

Buy Now
Questions 8

Which command in Windows OS can be used to open a terminal?

Options:

A.

Painter.exe

B.

Cmd.exe

C.

Batch.exe

D.

Term.exe

Buy Now
Questions 9

Which of the following statements about WAF data risk control feature is NOT true?

Options:

A.

this feature can only used for single page, can't be used to protect the whole domain

name

B.

WAF need to inject JavaScript piece into all pages under the same protected domain

name to decide if the client side is worth to trust

C.

direct access URL protected by this feature will have slider verification pop out

D.

this feature is not suitable for scenario needs to call API directly

Buy Now
Questions 10

Which of the following 2 security risks are not included in OWASP published 2017 Top 10 Web

Application Security Risks

Options:

A.

Cross-Site Request Forgery(CSRF)

B.

Cross-Site Scripting(XSS)

C.

Unvalidated Redirects and Forwards

D.

Injection

Buy Now
Questions 11

Which of the following methods CANNOT increase account security?

Options:

A.

Strong password policies

B.

Periodically reset the user login passwords

C.

Adhere to the minimum authorization principle

D.

Unite user management, permission management and resource management into a single

management process

Buy Now
Questions 12

In Linux OS, if you want to set a file access privilege to read, write, and execute for the

owner only, what octal number will reflect such settings correctly?

Score 2

Options:

A.

755

B.

700

C.

777

D.

766

Buy Now
Questions 13

Which of the following statements is true about HTTP protocol?

Score 2

Options:

A.

HTTP is a network layer protocol

B.

the data transmitted by this protocol is auto-encrypted

C.

default service port is 80

D.

HTTP protocol can't be used to transmit file

Buy Now
Questions 14

Which of the following statements is TRUE about Anti-DDOS basics?

Options:

A.

it can only protect servers outside of Alibaba Cloud

B.

it is free to charge

C.

need to turn on manually

D.

There is no service limitation for peak traffic

Buy Now
Questions 15

Which protocol is a 'data link' layer protocol in ISO/OSI 7 layer network model?

Score 2

Options:

A.

ICMP

B.

ARP

C.

FTP

D.

UDP

Buy Now
Questions 16

Which of the following Keys in HTTP heads are related to cache control? (the number of correct answers: 3)

Options:

A.

Cache-Control

B.

Date

C.

Age

D.

Expires

E.

Host

Buy Now
Questions 17

Which of the following cloud services are the most common ones when we talk about different

types of Cloud service

Options:

A.

IaaS

B.

PaaS

C.

SaaS

D.

DaaS

Buy Now
Questions 18

If Server Guard (product provided by Alibaba Cloud) report some brute force password

hacking attacks, the reporting information will include? (the number of correct answers: 3)

Options:

A.

Attack initiated time

B.

Attack type

C.

Tools attacker used

D.

Attack source IP

E.

Physical location of attacker

Buy Now
Questions 19

Alibaba Cloud offers different security protection plans to different tenant accounts. Which of the

following is NOT a security plan offered by Alibaba Cloud?

Options:

A.

Password-free login

B.

Two-factor authentication

C.

Phone number binding

D.

Phone or email verification for password resetting

Buy Now
Questions 20

After WAF was purchased, users need to add one DNS record to map their domain name to WAF provided IP. What is the type of that DNS record?

Options:

A.

A record

B.

CNAME Record

C.

TXT Record

D.

MX Record

Buy Now
Questions 21

Which of the following logs can be accessed through ECS logs provided by Alibaba Cloud?

(the number of correct answers: 2)

Options:

A.

OS system log

B.

Application log

C.

Hypervisor log

D.

Cloud platform log

Buy Now
Questions 22

Which of the following options can be considered as Data and Application security risks in IT

infrastructure

Options:

A.

Data integrity

B.

Data access control

C.

Data readiness

D.

Data encryption

Buy Now
Exam Code: ACA-Sec1
Exam Name: ACA Cloud Security Associate
Last Update: Nov 21, 2024
Questions: 147
ACA-Sec1 pdf

ACA-Sec1 PDF

$28  $80
 Add to Cart
ACA-Sec1 Engine

ACA-Sec1 Testing Engine

$33.25  $95
 Add to Cart
ACA-Sec1 PDF + Engine

ACA-Sec1 PDF + Testing Engine

$45.5  $130
 Add to Cart