The ACA exam is called Alibaba Cloud Certified Associate (Alibaba Cloud Certified Associate), which is one of the branches of Alibaba Cloud professional and technical certification. If you can get a certificate, at least going to Ali for an interview is also a certificate with gold content, so Lao Wei specially summarized some of the test questions to share with you. The following test questions are typical test questions for cloud security content in the Alibaba Cloud ACA exam.
1. If the architecture on the enterprise cloud chooses an all-in-one deployment method, which of the following security considerations does not need to be considered?
A. Data transfer between cloud instances is secure
B. Login security
C. Application access attacks
D. Cyber attack risk
2. What protocols are mainly used to launch attacks on password brute force? (Number of correct answers: 2)
A . HTTP
B . HTTPS
C . SSH
D . RDP
3. In order to improve the security of cloud accounts, it is recommended that users follow some basic principles when managing cloud services.
A. Login anonymously
B. Login verification
C. Account authorization
D. Authorization Distribution
4. The main security threats faced by cloud computing can be divided into what they can be divided into according to the dimension of impact on the system? (Number of Correct Answers: 3)
A. Availability
B. Integrity
C. Reliability
D. Confidentiality
E. Maintainability
5. Which of the following services can be used to discover potential intrusions and high-covert attacks, trace back attack history, and predict upcoming security incidents?
A. Ann Knight
B . Web Application Firewall
C. Situational awareness
D. Cloud monitoring
6. In April 2014, the Heartbleed vulnerability was exposed, which is one of the most widely affected high-risk vulnerabilities in recent years, involving major online banks, portals, etc. The following description of the vulnerability correctly describes the vulnerability:
A. The vulnerability can be exploited to carry out cyberattacks
B. The vulnerability can be used to steal sensitive server information
C. The vulnerability can be exploited for SQL injection attacks
D. The vulnerability could be used to brute force passwords
7. Which of the following methods cannot improve the security of the account?
A. Configure a strong password policy
B. Regularly modify the user's login password
C. Follow the principle of least authorization
D. User management, permission management and resource management are unified to one administrator
8. The ××× Cybersecurity Law has been officially implemented since June 1, 2017, and is the first basic law in our country to comprehensively regulate cyberspace security management.
A. Network operators bear all security responsibilities, and whoever operates them should be responsible to the end
B. Network operators and ordinary netizens are participants in online activities and have the responsibility and obligation to maintain the security of cyberspace, and will be punished for violating the rules
C. Whether it is a network operator or a netizen, the final security obligation will be implemented by specific individuals, so the security responsibility will ultimately be borne by the individual
D. The security law stipulates that netizens are not allowed to sell personal information, and if it is only for personal learning purposes, they can obtain data from commercial platforms through technical skills
9. The ××× Cybersecurity Law implemented on June 1, 2017 is of epoch-making significance for both individuals and enterprises.
A. There will be more fine-grained regulations
B. Emphasize the protection of personal information and privacy
C. All losses caused by security shall be borne by the network operator
D. Stricter penalties for violations
10. Anqi is a host security software provided by Alibaba Cloud, which can be used to protect the security of cloud servers and off-cloud physical servers. (Number of Correct Answers: 4)
A. Trojan horse killing
B. Anti-password brute force cracking
C. Anti-web attack
D. Reminder of off-site login
E. Vulnerability detection and fix
F. Anti-DDoS attacks
11. Alibaba Cloud Web Application Firewall (WAF) is based on cloud security big data capabilities to realize operation + data + attack and defense systems, and comprehensively build website application security. Which of the following attacks can be protected from with a WAF? (Number of Correct Answers: 3)
A. Password brute force cracking
B . SQL injection attack
C . CC attack
D. Data crawling
E . DDoS attacks
The risk control composition of the 12.IT system is divided into dimensions according to the classification of classified insurance, including which ones? (Number of correct answers: 4)
A. Physical and environmental security
B. Geographical and site selection security
C. Network and communication security
D. Device and computing security
E. Application and data security
F. Team awareness security
13. Which of the following descriptions is correct about the security service method on the cloud?
A. After the user uses the cloud service, all security is the responsibility of the cloud service provider
B. After using cloud services, the security responsibilities on the cloud are shared between users and cloud service vendors, who are responsible for different levels of security
C. After using cloud services, users still need to pay attention to physical and environmental security
D. After using cloud services, users only need to pay attention to their own application and data security, and the rest is responsible for the cloud service provider
14. Alibaba Cloud provides different security protection policies for the security of user accounts, which of the following is not the security policy provided by Alibaba Cloud?
A. Password-free login
B. Two-factor verification mechanism
C. Mobile phone binding
D. Operational protection
15. What security risks do users need to pay attention to when preparing to build their own business systems on cloud computing platforms? (Number of Correct Answers: 3)
A. Security of the cloud platform itself
B . ISV-provided application security
C. Users' own security awareness
D. Security of hardware servers
E. Security of hardware switches and routers
16. For security attacks on the cloud, Alibaba Cloud will authorize security attack methods in the form of security monitoring reports, which are listed in the following detection reports. (Number of correct answers: 3)
A. DDOS attack
B. Password brute force cracking
C. Web application attacks
D. Trojan backdoor intrusion
E. Ransomware
17. Which of the following attacks is a DDOS attack? (Number of correct answers: 3)
A.ACK-Flood
B.SYN-Flood
C.DNS-Flood
D. WEB-Flood E.SQL injection
18. On Alibaba Cloud, which product can meet the needs of customer user identity management, such as sub-account creation, modification, authorization, etc.?
A. Security group
B. Ann Knight
C. Access control RAM
D. Situational awareness
19. What security considerations should I pay attention to in the following description of the cloud architecture for deploying application clusters? (Number of correct answers: 3)
A. Login security
B. Server security domain isolation
C. Backup and encryption of databases
D. Cloud storage data disaster recovery
E. The load balancing device itself is secure |
Posted on 7/13/2020 11:25:18 AM
|
|
|
Posted on 7/13/2020 3:32:22 PM
|
