Question # 1
A large enterprise wants to migrate the entire business system to Alibaba Cloud to save the
overall IT procurement and O&M costs From the security aspect, the company requires
that
1. Must support secured remote O&M because the administrator often takes business trips.
2. Networks between subsystems should be isolated because subsystems are
independently used by different departments Which of the followings should be used
together to meet the company's requirements? (Number of correct answers: 3) | | A. Enable the VPN on the bastion host (or directly use the VPN image on Alibaba Cloud
Marketplace). The administrator uses VPN encrypted communication during O&M. | | B. Build an independent ECS instance as the bastion host or remote logon and O&M, and
authorize the bastion host to access ECS instances running other subsystems. | | C. Use the security group function of the ECS instance, and respectively deploy ECS
instances running different subsystems to independent security groups. | | D. Create multiple ECS instances in the VPC to install subsystems of different
departments- Allocate only Intranet IP addresses to all ECS instances, and deploy them in
the same security groups. |
A. Enable the VPN on the bastion host (or directly use the VPN image on Alibaba Cloud
Marketplace). The administrator uses VPN encrypted communication during O&M.
B. Build an independent ECS instance as the bastion host or remote logon and O&M, and
authorize the bastion host to access ECS instances running other subsystems.
C. Use the security group function of the ECS instance, and respectively deploy ECS
instances running different subsystems to independent security groups.
Explanation: To meet the company’s security requirements, the following solutions should be used together:
A. Enable the VPN on the bastion host (or directly use the VPN image on Alibaba
Cloud Marketplace). The administrator uses VPN encrypted communication during
O&M. This solution can support secure remote O&M, because VPN (Virtual
Private Network) is a technology that creates a secure and encrypted connection
over the Internet between the bastion host and the administrator’s device. VPN
can protect the data transmitted between the bastion host and the administrator
from being intercepted or tampered by malicious third parties1. Alibaba Cloud
provides VPN Gateway service that allows users to create VPN connections
between VPCs and on-premises data centers, or between VPCs in different
regions2. Users can also use VPN images from Alibaba Cloud Marketplace, such
as OpenVPN, to create VPN servers on ECS instances3.
B. Build an independent ECS instance as the bastion host or remote logon and
O&M, and authorize the bastion host to access ECS instances running other
subsystems. This solution can also support secure remote O&M, because a
bastion host is a special-purpose ECS instance that acts as a proxy or a gateway
for accessing other ECS instances in the VPC. A bastion host can enhance the
security of the ECS instances by limiting the exposure of the ECS instances to the
public network, and by implementing security policies and monitoring tools on the
bastion host4. Alibaba Cloud provides Bastionhost service that allows users to
centrally manage the access to cloud servers from external networks and provide
secure connections to VPC resources5.
C. Use the security group function of the ECS instance, and respectively deploy
ECS instances running different subsystems to independent security groups. This
solution can isolate the networks between subsystems, because a security group
is a virtual firewall that controls the inbound and outbound traffic of the ECS
instances in the group. Users can configure security group rules to allow or deny
access based on the network protocol, port, and source IP address. By deploying
ECS instances running different subsystems to independent security groups, users
can prevent unauthorized access or communication between the subsystems6.
The other solution is not suitable for the company’s scenario, for the following reason:
D. Create multiple ECS instances in the VPC to install subsystems of different
departments- Allocate only Intranet IP addresses to all ECS instances, and deploy
them in the same security groups. This solution cannot isolate the networks
between subsystems, because ECS instances in the same security group can
communicate with each other by default, regardless of whether they have intranet
or internet IP addresses. Moreover, this solution may also prevent the ECS
instances from accessing the internet or providing external services, which may
affect the business operation of the company6.
References: What is a VPN? - Virtual Private Network - Cisco, VPN Gateway - Alibaba
Cloud, OpenVPN - Alibaba Cloud Marketplace, Bastion Host - Alibaba Cloud Document
Center, Bastionhost - Alibaba Cloud, Security groups - Elastic Compute Service - Alibaba
Cloud
Question # 2
| Names of the files in each OSS bucket must be unique Also, they can be renamed. | | A. True | | B. False |
B. False
Explanation: Objects cannot be directly renamed in OSS. To rename an object in the
bucket, you can copy the source object to the destination object and delete the source
object. This is because the object name is part of the object URL and cannot be changed
without affecting the access to the object. However, if you enable the hierarchical
namespace feature for a bucket, you can rename objects in the bucket by using the OSS
console or SDKs.
Question # 3
| Which of the following scenarios can be done using Alibaba Cloud Express Connection?
(Number of correct answers: 2) | | A. Intranet communication between VPCs and Smart Access Gateway in customers
different branch offices | | B. Intranet communication between a VPC and servers in an external IDC | | C. Intranet communication between two VPCs in different accounts and different CIDR
Blocks | | D. Intranet communication between two VPCs under the same account in the same region |
A. Intranet communication between VPCs and Smart Access Gateway in customers
different branch offices
B. Intranet communication between a VPC and servers in an external IDC
Question # 4
| If you need to accelerate a certain domain name (such as abc.com) via Alibaba Cloud
Content Delivery Network (CDN), you must add it to "CDN Domain Name List" in the CDN
service. After added successfully, you will get a CNAME address A Next, you need to
modify domain name resolution and direct the domain name (such as abc.com) to CNAME
address A. Which of the following is a NOT correct description of modifying domain name
resolution? | | A. If your domain name (such as abc.com) is transferred to Alibaba Cloud in advance, and
managed by the same Alibaba Cloud account, you can perform one-step resolution
modification. | | B. The CNAME address allocated to the domain name (such as abc.com) will point to an IP
address. This IP address resolving mechanism is intelligently managed by Alibaba Cloud
CDN system. | | C. The DNS service provider used by the domain name (such as abc.com) must support
intelligent resolution. | | D. The DNS service provider used by the domain name (such as abc.com) can be
companies other than Alibaba Cloud. |
C. The DNS service provider used by the domain name (such as abc.com) must support
intelligent resolution.
Explanation: The DNS service provider used by the domain name (such as abc.com) does
not need to support intelligent resolution, because the CNAME address allocated to the
domain name will point to an IP address that is intelligently managed by Alibaba Cloud
CDN system. Therefore, option C is not a correct description of modifying domain name
resolution. References: What is Alibaba Cloud CDN? - CDN - Alibaba Cloud
Documentation Center and Alibaba Cloud CDN
Question # 5
| RDS provides whitelist access policies. You can set permitted IP addresses and IP network
segments to effectively prevent hackers from attacking the server by port scanning. | | A. True | | B. False |
A. True
Explanation: RDS provides whitelist access policies. You can set permitted IP addresses
and IP network segments to effectively prevent hackers from attacking the server by port
scanning1. A whitelist is a list of IP addresses or CIDR blocks that are allowed to access an
RDS instance. By default, the whitelist is empty, which means that no IP address can
access the RDS instance. You can add IP addresses or CIDR blocks to the whitelist to
allow access from specific sources. You can also modify or delete the whitelist as
needed2. Whitelist access policies help improve the security of your RDS instance and
protect your data from unauthorized access3.
Question # 6
| After activating an Alibaba Cloud Elastic Compute Service (ECS) instance, you want to
monitor the status of the ECS instance via Alibaba Cloud console. Therefore: you must
activate and purchase Alibaba Cloud CloudMonitor service to meet this demand. | | A. True | | B. False |
B. False
Explanation: You do not need to activate and purchase Alibaba Cloud CloudMonitor
service to monitor the status of the ECS instance via Alibaba Cloud console. CloudMonitor
is a service that monitors Alibaba Cloud resources and Internet applications. CloudMonitor
provides a one-stop, out-of-the-box, and enterprise-class monitoring
solution1. CloudMonitor collects monitor metrics of Alibaba Cloud resources and custom
metrics and enables you to view and understand the usage of the cloud resources, and the
health of your business2. CloudMonitor allows you to monitor the metrics of Alibaba Cloud
services, detect the availability of websites hosted on ECS instances or carrier servers, and
configure alert rules for specified metrics3. However, CloudMonitor is not a prerequisite for monitoring the status of the ECS instance via Alibaba Cloud console. You can monitor the
status of the ECS instance via Alibaba Cloud console without activating and purchasing
CloudMonitor service. You can view the basic information, configuration, security group,
and tags of the ECS instance in the console. You can also view the CPU, memory, disk,
and network usage of the ECS instance in the console. You can also use the Cloud
Assistant feature to run commands on the ECS instance remotely4.
Question # 7
| You are using Auto Scaling with one scaling group already created, then you want to
execute a task at a specific time such as removing 1 ECS instance every night at 00:00. To
achieve this, which of the following operations should be performed'? (Number of correct
answers; 2) | | A. Create a scaling rule | | B. Create a scheduled task. | | C. Create a new scaling group. | | D. Create an event-triggered task. |
A. Create a scaling rule
B. Create a scheduled task.
Explanation: To execute a task at a specific time such as removing 1 ECS instance every
night at 00:00, you need to perform two operations: create a scaling rule and create a
scheduled task. A scaling rule is a set of instructions that defines how Auto Scaling scales
computing resources in response to changes in business load. A scheduled task is a type
of scaling task that can execute a specified scaling rule at a specified time. By creating a
scaling rule that removes 1 ECS instance from the scaling group, and creating a scheduled
task that executes this scaling rule every night at 00:00, you can achieve the desired result.
You do not need to create a new scaling group, because you already have one scaling
group created. You also do not need to create an event-triggered task, because this type of
scaling task is triggered by events such as Cloud Monitor alarms or API calls, not by a
specific time.
Alibaba Cloud ACP-Cloud1 Exam Dumps
5 out of 5
Pass Your ACP Cloud Computing Certification Exam in First Attempt With ACP-Cloud1 Exam Dumps. Real Alibaba Cloud Computing Exam Questions As in Actual Exam!
— 176 Questions With Valid Answers
— Updation Date : 28-Mar-2025
— Free ACP-Cloud1 Updates for 90 Days
— 98% ACP Cloud Computing Certification Exam Passing Rate
PDF Only Price 49.99$
19.99$
Buy PDF
Speciality
Additional Information
Testimonials
Related Exams
- Number 1 Alibaba Cloud Alibaba Cloud Computing study material online
- Regular ACP-Cloud1 dumps updates for free.
- ACP Cloud Computing Certification Practice exam questions with their answers and explaination.
- Our commitment to your success continues through your exam with 24/7 support.
- Free ACP-Cloud1 exam dumps updates for 90 days
- 97% more cost effective than traditional training
- ACP Cloud Computing Certification Practice test to boost your knowledge
- 100% correct Alibaba Cloud Computing questions answers compiled by senior IT professionals
Alibaba Cloud ACP-Cloud1 Braindumps
Realbraindumps.com is providing Alibaba Cloud Computing ACP-Cloud1 braindumps which are accurate and of high-quality verified by the team of experts. The Alibaba Cloud ACP-Cloud1 dumps are comprised of ACP Cloud Computing Certification questions answers available in printable PDF files and online practice test formats. Our best recommended and an economical package is Alibaba Cloud Computing PDF file + test engine discount package along with 3 months free updates of ACP-Cloud1 exam questions. We have compiled Alibaba Cloud Computing exam dumps question answers pdf file for you so that you can easily prepare for your exam. Our Alibaba Cloud braindumps will help you in exam. Obtaining valuable professional Alibaba Cloud Alibaba Cloud Computing certifications with ACP-Cloud1 exam questions answers will always be beneficial to IT professionals by enhancing their knowledge and boosting their career.
Yes, really its not as tougher as before. Websites like Realbraindumps.com are playing a significant role to make this possible in this competitive world to pass exams with help of Alibaba Cloud Computing ACP-Cloud1 dumps questions. We are here to encourage your ambition and helping you in all possible ways. Our excellent and incomparable Alibaba Cloud ACP Cloud Computing Certification exam questions answers study material will help you to get through your certification ACP-Cloud1 exam braindumps in the first attempt.
Pass Exam With Alibaba Cloud Alibaba Cloud Computing Dumps. We at Realbraindumps are committed to provide you ACP Cloud Computing Certification braindumps questions answers online. We recommend you to prepare from our study material and boost your knowledge. You can also get discount on our Alibaba Cloud ACP-Cloud1 dumps. Just talk with our support representatives and ask for special discount on Alibaba Cloud Computing exam braindumps. We have latest ACP-Cloud1 exam dumps having all Alibaba Cloud ACP Cloud Computing Certification dumps questions written to the highest standards of technical accuracy and can be instantly downloaded and accessed by the candidates when once purchased. Practicing Online Alibaba Cloud Computing ACP-Cloud1 braindumps will help you to get wholly prepared and familiar with the real exam condition. Free Alibaba Cloud Computing exam braindumps demos are available for your satisfaction before purchase order.
Send us mail if you want to check Alibaba Cloud ACP-Cloud1 ACP Cloud Computing Certification DEMO before your purchase and our support team will send you in email.
If you don't find your dumps here then you can request what you need and we shall provide it to you.
Bulk Packages
$50
- Get 3 Exams PDF
- Get $33 Discount
- Mention Exam Codes in Payment Description.
Buy 3 Exams PDF
$70
- Get 5 Exams PDF
- Get $65 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF
$100
- Get 5 Exams PDF + Test Engine
- Get $105 Discount
- Mention Exam Codes in Payment Description.
Buy 5 Exams PDF + Engine
 Jessica Doe
Alibaba Cloud Computing
We are providing Alibaba Cloud ACP-Cloud1 Braindumps with practice exam question answers. These will help you to prepare your ACP Cloud Computing Certification exam. Buy Alibaba Cloud Computing ACP-Cloud1 dumps and boost your knowledge.
|
