Alibaba ACP-Cloud1 Exam Practice Test Instant Access

Question 1

SLB is a load balancing service that distributes traffic to multiple cloud servers It provides a wide range of functions to meet the needs of various business scenarios If a user wants to use SLB and ECS instances to deploy two-way authenticated HTTPS websites, the following statement is correct_______.

ASLB can only host SSL certificates, not CA certificates.

BYou need to host server SSL certificates and client CA certificates on SLB

CSLB can only host CA certificates, not SSL certificate

DSLB can only support HTTPS one-way authentication

Answer : B

SLB (Server Load Balancer) is a service that distributes network traffic across groups of backend servers to improve the service capability and application availability1. SLB supports HTTPS listeners, which allow you to encrypt the data transmission between clients and SLB instances2. HTTPS is a secure version of HTTP that uses SSL/TLS protocols to provide data encryption, integrity, and authentication3.

To use HTTPS listeners, you need to upload SSL certificates to SLB. SSL certificates are digital certificates that use public key cryptography to verify the identity of a website and encrypt the data exchanged between the website and the visitors4. There are two types of SSL certificates: server certificates and client certificates. Server certificates are issued by trusted certificate authorities (CAs) to verify the identity of the website owner and the domain name. Client certificates are issued by the website owner to verify the identity of the visitors5.

SLB supports both one-way and two-way authentication for HTTPS listeners. One-way authentication means that only the server identity is verified by the client. Two-way authentication means that both the server and the client identities are verified by each other. To use one-way authentication, you only need to upload the server SSL certificate to SLB. To use two-way authentication, you need to upload both the server SSL certificate and the client CA certificate to SLB. The client CA certificate is the root certificate or intermediate certificate of the CA that issues the client certificates.

Therefore, if you want to use SLB and ECS instances to deploy two-way authenticated HTTPS websites, you need to host server SSL certificates and client CA certificates on SLB. SLB can host both SSL certificates and CA certificates, and it supports HTTPS two-way authentication. The other statements are incorrect. Reference: Server Load Balancer(SLB) - Alibaba Cloud, Add an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center, What is HTTPS? - SSL.com, What is an SSL Certificate? - SSL.com, What is a Client Certificate? - SSL.com, [Configure two-way authentication for an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center]

Question 2

The maximum number of connections for an RDS instance depends on ____________.

AMemory size

BCPU utilization rate

CDisk capacity

DNetwork traffic

Answer : A

The maximum number of connections to an RDS instance primarily depends on the memory size of the instance. Higher memory capacity allows for more simultaneous connections, as memory is a key resource in managing and maintaining connections. Alibaba Cloud RDS scales the connection limit based on the instance's memory allocation to ensure stable database performance.

Question 3

A company uses Alibaba Cloud SLB with a Layer-7 Listener and Auto Scaling to reduce O&M costs and maintain a stable, reliable system. However, lacking experience with Alibaba Cloud, the company's engineers have outlined precautions they think are necessary. As an Alibaba Cloud expert, you tell them that only ____________ is a valid concern.

ASLB instances must have Health Check enabled, or they cannot be used together with Auto Scaling.

BAll ECS instances under the same SLB instance must be running the same operating system.

CAll backend servers under the same SLB instance must be in the same Scaling Group.

DAll backend servers under the same SLB instance must have the same configuration.

Answer : A

For optimal use of SLB with Auto Scaling, enabling Health Check is essential to determine which instances are healthy and ready to handle traffic. SLB doesn't require all backend servers to have the same OS, be in the same scaling group, or have identical configurations, as it can manage heterogeneous server setups within the same load-balancing group.

Question 4

To meet business requirements, a user requires that the backend server of an SLB instance include a primary ECS instance and a secondary ECS instance. When the primary instance is working properly, the traffic is only forwarded to the primary ECS, when the primary instance is down, traffic is switched to the standby instance. In this case, you can create an active/standby server group on the backend of the SLB instance Which kind of listener supports this feature? (Number of correct answers: 2)

AHTTPS

BHTTP

CUDP

DTCP

Answer : A, D

Active/standby server groups are a feature of Server Load Balancer (SLB) that allows you to configure a primary ECS instance and a secondary ECS instance for the backend of an SLB instance1. When the primary instance is working properly, the traffic is only forwarded to the primary ECS. When the primary instance is down, traffic is switched to the standby instance1. This feature is supported by TCP and HTTPS listeners, but not by HTTP and UDP listeners1. TCP and HTTPS listeners support session persistence, which ensures that requests from the same client are always forwarded to the same backend server2. HTTP and UDP listeners do not support session persistence, and they use round-robin or weighted round-robin algorithms to distribute traffic among the backend servers2. Reference: 1: Create an active/standby server group 2: [Configure a listener]

Question 5

An enterprise hosts their servers (include both Linux and Windows servers) in a traditional IDC Every night hackers with IP addresses from many countries try to crack the password of their servers, making the administrator terribly worried about this However because of work requirements the remote management port of these servers must be opened to public network.

The administrator heard that Alibaba Cloud has solutions that can help customers improve the security of their systems Therefore, he/she wants to migrate the system to Alibaba Cloud. Which of the following functions should the administrator activate in Alibaba Cloud to reduce the possibility of brute force password cracking?

ACloud Firewall

BAnti-DDoS Origin Basic Edition

CCloudMonitor

DSecurity Center

Answer : A

Cloud Firewall is a service that provides centralized protection for your cloud assets and prevents unauthorized access to your servers. Cloud Firewall can monitor and control the inbound and outbound traffic of your servers, and block malicious requests and attacks. Cloud Firewall can also detect and prevent brute force password cracking attempts by using intelligent algorithms and threat intelligence. Therefore, option A is the correct answer. Reference: What is Cloud Firewall?, Protect servers from brute force attacks

Question 6

A large shopping mall deploys a new video surveillance system. The five-floor building in which the mall is located has installed 35 HD cameras to monitor the major exits. The surveillance system is deployed on an ECS instance, which has four 2 TB data disks to store video data.

However, video data grows so rapidly that the engineers find the ECS will run out of storage space within 2 weeks.

In this case, ___________ product is thought to be the best solution for addressing the storage challenge while ensuring quick access to historical video data when needed.

AContainer Service

BECS

COSS

DCDN

Answer : C

Alibaba Cloud OSS (Object Storage Service) is the ideal solution for storing large volumes of video data generated by a surveillance system. OSS provides scalable, secure, and cost-effective storage that can accommodate growing data needs without the space limitations of local ECS disks. Additionally, OSS enables easy access to historical data when required, making it well-suited for video storage in use cases like surveillance.

Question 7

Alibaba Cloud Content Delivery Network (CDN) is a distributed network that is built and overlaid on the bearer network. It is composed of edge node server clusters distributed across different regions.

CDN acceleration is especially suitable for scenarios where there is significant site traffic and the static resource is repeatedly used by different users. The higher the repeated access rate, the more significant the acceleration effect.

ATRUE

BFALSE

Answer : A

Alibaba Cloud CDN is particularly effective for websites with high traffic and static resources that are frequently accessed by different users. In such cases, CDN caching and delivery from edge nodes greatly reduce the load on origin servers and improve access speed for end users, especially in regions closer to the edge nodes.

Alibaba ACP Cloud Computing Certification ACP-Cloud1 Exam Practice Test