ACA-Sec1 ACA Cloud Security Associate Questions and Answers

this feature can only used for single page, can ' t be used to protect the whole domain

name

WAF need to inject JavaScript piece into all pages under the same protected domain

name to decide if the client side is worth to trust

direct access URL protected by this feature will have slider verification pop out

this feature is not suitable for scenario needs to call API directly

iptables

ipfirewall

linuxfw

netstat

HTTPD

IIS

Web Daemon

Apache

ECS

SLB

RDS

OSS

KMS

Brute Force password hacking

Trojan planting

Content Compliance Requirement

Vulnerability scanning

Lack of storage resource

Source IP

URI

How long the detection should last

How frequently the page is visited by one single source IP

Target IP

UDP stateless connectio

DNS 3 times hands shake

TCP 3 times hands shake

HTTP plain text transmission

for users who is using IAAS service, they should be responsible for their business system

which is on top of cloud infrastructure

cloud service provider should guarantee the security of all physical infrastructure

the damage caused by attacks leveraging security vulnerability in customers ' application

server should be charged to cloud service provider

cloud user should also take care of some of the hardware maintenance and operation

work

XSS Attack

Server Information Theft

Code Execution

SQL Injection

FTP

TCP

HTTP

SNMP

ECS

SLB

Security Group

Express Connect

Every IP address inside this subnet can be assigned as a HOST IP

The broadcast address of this subnet is 192.168.0.0

The network address of this subnet is 192.168.0.255

IP communication between the hosts inside this subnet will not go through the gateway

sensitive data leak

service running on that server is not available

physical server damage

compromise the reputation of service provider on that server

servers in VPC only configured with private network

any device internet reachable

government website

public DNS service

offline servers

MITM

DNS spoofing

Ping sweep

DoS

basic anti-DDOS service can detect attack traffic and migrate them automatically

basic anti-DDOS service can protect any server connect to internet

no protection upper limit to the rate of attack traffic

CC attack protection need to be turned on manually

Elastic Public IP

CDN

EIP + SLB

EIP + NAT Gateway

DNS service

One client host can access another client ' s data

User service become unavailable

Hacker can access host server directly

Incorrect client resource usage calculating

Cross-Site Request Forgery(CSRF)

Cross-Site Scripting(XSS)

Unvalidated Redirects and Forwards

Injection

2314

2341

2431

2413

Destroying of integrity

Destroying of confidentiality

Destroying of availability

Destroying of business credit

disable port 445

set a highly complexed administrator password

encrypt all data on server side

put sensitive data in some hidden directory

Server is under syn flood attack, and is not reachable

online game service which is suffering with too many empty connections and slow

connections

DNS server is under udp flood attack and got no response anymore

website is under SQL injection attack

website is under XSS attacks

rule setting for security group supports both in and out direction configuration

default security group rule is safe enough, please don ' t change it too much

by default, ECS in different security group can communicate with each other

one ECS can be in several different security group

technical skills show off of hacker

business competition

blackmail

help to find system vulnerability

Anonymous logins

Login verification

Account permissions

Authorization distribution

Website is used for some illegal attempts

Public image or reputation of your company is damaged

Business is impacted

Physical server is damaged

set a highly complexed administrator password

change the rule of security group to unblock all company internal ips

add those IPs which need to access ECS server into ' Server Guard ' logon white list

ask employees to access that ECS server not very frequently

lower the risk of sensitive data leak

improve the usage of system resource

lower the cost of security protection

get instant alerts after attacks are detected

Df –h

Echo

Free –m

Ps –e –o

Security group

Server Guard

Resource Access Management (RAM)

Situational awareness

Illegal Logon!

Migrated Already!

Logon Successfully!

Remote Logon Detected!

Server Guard Agent will automatically scan your web pages directories and look for any

webshell file.

A change to a file in the web pages directories will trigger a scan for that file

you can log on to the Server Guard console to isolate webshell files with one click.

Server Guard will delete any suspicious webshell file immediately

My Answer: B. Other file says D

SYN flood

ICMP flood

One host simulate many IP addresses

Attack through agent

Zombie network

Resources, printers and storage devices

Networks, systems and applications

Systems, memory, network access card

Network access card, applications, peripheral devices

DNS service down

physical server broken

military commander system down

web service down

Network Destination

Netmask

Mac Address

Gateway IP

Port

Painter.exe

Cmd.exe

Batch.exe

Term.exe

The version field

The source address field

The source port field

The destination address field

Attack initiated time

Attack type

Tools attacker used

Attack source IP

Physical location of attacker

After beginning to use cloud service, the cloud service provider will become responsible for all of

the user’s security.

After beginning to use cloud service, the user and the cloud service provider will be jointly

responsible for cloud security, with each responsible for different layers of security.

After beginning to use cloud service, users must still take care of physical and environmental

security.

After beginning to use cloud service, users only need to pay attention to the security of their own

apps and data. All other security will be the responsibility of the cloud service provider.