A.  

set easy to remember password to help administrator quickly login and solve problems

B.  

patch system timely and frequently

C.  

enable build-in OS firewall and configure it properly

D.  

disable the ports which are not providing service anymore

A.  

massive accounts registration for new user benefits gain

B.  

data leak because of data transmission with plain text

C.  

post massive comments with bots to some e-commerce website

D.  

page content including some porn pictures

A.  

HTTP must use port 80 and HTTPS must use port 443 to provide service

B.  

HTTPS is more secure than HTTP regarding the way they transfer data

C.  

Data transferred through HTTPs is under encryption

D.  

You must buy commercial CA before you setup your own web server with HTTPS service

A.  

A record

B.  

CNAME Record

C.  

TXT Record

D.  

MX Record

A.  

Ping to the server

B.  

Simulate a DDoS attack on that server

C.  

Simulate a DoS attack on the server

D.  

Check if all the patches and required antivirus software has been loaded o the server

A.  

it can only protect servers outside of Alibaba Cloud

B.  

it is free to charge

C.  

need to turn on manually

D.  

There is no service limitation for peak traffic

A.  

Website is used for some illegal attempts

B.  

Public image or reputation of your company is damaged

C.  

Business is impacted

D.  

Physical server is damaged

A.  

physical cable is cut by someone

B.  

ECS admin password is hacked

C.  

website codes has some vulnerability

D.  

RDS DB got unknown remote logon

E.  

the disk in ECS is broken

A.  

Physical Server Damage

B.  

Leak of customer sensitive data

C.  

Service running on this ECS become not available

D.  

The datacenter where the ECS belongs to need to shutdown

A.  

SQL injection

B.  

System Command Execution vulnerability

C.  

CSRF(cross site request fraud)vulnerability

D.  

File uploading vulnerability

A.  

servers in VPC only configured with private network

B.  

any device internet reachable

C.  

government website

D.  

public DNS service

E.  

offline servers

A.  

reload

B.  

shutdown

C.  

init

D.  

restart

A.  

OS system log

B.  

Application log

C.  

Hypervisor log

D.  

Cloud platform log

A.  

brute Force password hacking detection and defense

B.  

suspicious remote login detection and warning

C.  

security vulnerability scanning and patching

D.  

anti-ddos

E.  

anti SQL injection

A.  

DB encryption

B.  

SQL injection detection

C.  

XSS attack detection

D.  

unauthorized resource access blocking

A.  

Ppart

B.  

Fdisk

C.  

Du

D.  

mount

A.  

Cross-Site Request Forgery(CSRF)

B.  

Cross-Site Scripting(XSS)

C.  

Unvalidated Redirects and Forwards

D.  

Injection

A.  

UDP

B.  

TCP

C.  

IPX/SPX

D.  

AppleTalk

A.  

disable port 445

B.  

set a highly complexed administrator password

C.  

encrypt all data on server side

D.  

put sensitive data in some hidden directory

A.  

SYN flood

B.  

ICMP flood

C.  

One host simulate many IP addresses

D.  

Attack through agent

E.  

Zombie network

A.  

Enterprise sub-account management and permission assignment

B.  

Resource operation and authorization management between enterprises

C.  

Temporary authorization management for untrusted client apps

D.  

Prevention of network attacks on enterprises

A.  

enforce security management to any public service

B.  

keep installing official released patches will be good enough

C.  

keep monitoring system processes , performance and status

D.  

always scan input by user through web application