CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Alibaba
  5. ACP-CLOUD1

Free ACP-CLOUD1 Exam Braindumps (page: 10)

Page 10 of 45
PDF with 176 Questions

By using ApsaraDB for RDS to implement read/write splitting, which of the following can be achieved? (Number of correct answers 2)

  1. Write requests are distributed to multiple instances.
  2. Read requests are distributed to multiple instances.
  3. Read/write requests to the database are separated.
  4. Both read and write requests are distributed to multiple instance

Answer(s): B,C

Explanation:

ApsaraDB for RDS is a stable and reliable online database service that supports MySQL, SQL Server, PostgreSQL, MariaDB, and PPAS. ApsaraDB for RDS provides a read/write splitting feature that allows you to create read-only RDS instances, which can offload read requests from the primary RDS instance of your database system. Read/write splitting is implemented by using a dedicated proxy endpoint, which routes read and write requests to different RDS instances based on the SQL statements and the read weights of the read-only instances. By using ApsaraDB for RDS to implement read/write splitting, you can achieve the following benefits21:

Read requests are distributed to multiple instances. This can improve the read performance and availability of your database system, as well as balance the load among the read-only instances. You can specify the read weights of the read-only instances to control the distribution of read requests.

Read/write requests to the database are separated. This can reduce the pressure on the primary RDS

instance and ensure the stability and security of the write operations. You only need to connect to the proxy endpoint, and the proxy will automatically route the read and write requests to the appropriate RDS instances.

The other statements are not correct, as write requests are not distributed to multiple instances, but only sent to the primary RDS instance2; and both read and write requests are not distributed to multiple instances, but separated by the proxy endpoint.


Reference:

[ApsaraDB for RDS - Alibaba Cloud], Read/write splitting - - Alibaba Cloud Documentation Center, Use the read/write splitting feature to increase the processing capability of an ApsaraDB RDS instance



You are using Auto Scaling with one scaling group already created, then you want to execute a task at a specific time such as removing 1 ECS instance every night at 00:00. To achieve this, which of the following operations should be performed'? (Number of correct answers; 2)

  1. Create a scaling rule
  2. Create a scheduled task.
  3. Create a new scaling group.
  4. Create an event-triggered task.

Answer(s): A,B

Explanation:

To execute a task at a specific time such as removing 1 ECS instance every night at 00:00, you need to perform two operations: create a scaling rule and create a scheduled task. A scaling rule is a set of instructions that defines how Auto Scaling scales computing resources in response to changes in business load. A scheduled task is a type of scaling task that can execute a specified scaling rule at a specified time. By creating a scaling rule that removes 1 ECS instance from the scaling group, and creating a scheduled task that executes this scaling rule every night at 00:00, you can achieve the desired result. You do not need to create a new scaling group, because you already have one scaling group created. You also do not need to create an event-triggered task, because this type of scaling task is triggered by events such as Cloud Monitor alarms or API calls, not by a specific time.



Alibaba Cloud Server Load Balancer (SLB) provides services for distributing traffic among multiple ECS instances SLB can expand the application system's service capacity through traffic distribution, and improve the system's availability by eliminating SPoFs (Single Points of Failure).
Which of the following statements are correct? (Number of correct answers; 2)

  1. One of SLB's features is the Health Check. If some of the backend ECS instances are down, whereas other backend ECS instances can still provide services, then the system can continue to work normally.
  2. When recreating an SLB instance that has an Internet IP address, a new Internet IP address will be assigned to the SLB instance.
  3. Before using SLB to provide external services, make sure that you have installed and correctly configured the SLB agent on all of the backend ECS instances.
  4. SLB provides a function to automatically synchronize data among backend ECS instances using rsync remote synchronization.

Answer(s): A,B

Explanation:

According to the Alibaba Cloud SLB documentation1, SLB provides a health check feature that monitors the availability and performance of the backend servers. If a backend server fails the health check, SLB stops routing requests to it and redirects the traffic to other healthy servers. This way, SLB can improve the system's availability by eliminating single points of failure (SPOFs). Therefore, option A is a correct statement about SLB.

According to the same documentation1, SLB instances are assigned with public IP addresses or private IP addresses based on the network type. If you delete an SLB instance and create a new one, a new IP address will be allocated to the new instance. You cannot specify or reserve an IP address for an SLB instance. Therefore, option B is also a correct statement about SLB.

Option C is incorrect, because SLB does not require you to install or configure any SLB agent on the backend servers. You only need to add the backend servers to the SLB instance and configure the listener and the server group. SLB will automatically distribute the traffic to the backend servers based on the load balancing algorithm and the health check status.

Option D is also incorrect, because SLB does not provide a function to automatically synchronize data among backend servers. SLB only handles the network traffic distribution and does not interfere with the data on the backend servers. You need to use other methods or tools to synchronize data among backend servers, such as rsync, lsyncd, or Alibaba Cloud Data Transmission Service (DTS)3.


Reference:

Server Load Balancer:SLB overview, Add backend servers, and Data Transmission Service.



A large enterprise wants to migrate the entire business system to Alibaba Cloud to save the overall IT procurement and O&M costs From the security aspect, the company requires that

1. Must support secured remote O&M because the administrator often takes business trips.

2. Networks between subsystems should be isolated because subsystems are independently used by different departments Which of the followings should be used together to meet the company's requirements? (Number of correct answers: 3)

  1. Enable the VPN on the bastion host (or directly use the VPN image on Alibaba Cloud Marketplace).
    The administrator uses VPN encrypted communication during O&M.
  2. Build an independent ECS instance as the bastion host or remote logon and O&M, and authorize the bastion host to access ECS instances running other subsystems.
  3. Use the security group function of the ECS instance, and respectively deploy ECS instances running different subsystems to independent security groups.
  4. Create multiple ECS instances in the VPC to install subsystems of different departments- Allocate only Intranet IP addresses to all ECS instances, and deploy them in the same security groups.

Answer(s): A,B,C

Explanation:

To meet the company's security requirements, the following solutions should be used together:

A . Enable the VPN on the bastion host (or directly use the VPN image on Alibaba Cloud Marketplace). The administrator uses VPN encrypted communication during O&M. This solution can support secure remote O&M, because VPN (Virtual Private Network) is a technology that creates a secure and encrypted connection over the Internet between the bastion host and the administrator's device. VPN can protect the data transmitted between the bastion host and the administrator from being intercepted or tampered by malicious third parties. Alibaba Cloud provides VPN Gateway service that allows users to create VPN connections between VPCs and on-premises data centers, or between VPCs in different regions. Users can also use VPN images from Alibaba Cloud Marketplace, such as OpenVPN, to create VPN servers on ECS instances.

B . Build an independent ECS instance as the bastion host or remote logon and O&M, and authorize the bastion host to access ECS instances running other subsystems. This solution can also support secure remote O&M, because a bastion host is a special-purpose ECS instance that acts as a proxy or a gateway for accessing other ECS instances in the VPC. A bastion host can enhance the security of the ECS instances by limiting the exposure of the ECS instances to the public network, and by implementing security policies and monitoring tools on the bastion host. Alibaba Cloud provides Bastionhost service that allows users to centrally manage the access to cloud servers from external networks and provide secure connections to VPC resources.

C . Use the security group function of the ECS instance, and respectively deploy ECS instances running different subsystems to independent security groups. This solution can isolate the networks between subsystems, because a security group is a virtual firewall that controls the inbound and outbound traffic of the ECS instances in the group. Users can configure security group rules to allow or deny access based on the network protocol, port, and source IP address. By deploying ECS instances running different subsystems to independent security groups, users can prevent unauthorized access or communication between the subsystems.

The other solution is not suitable for the company's scenario, for the following reason:

D . Create multiple ECS instances in the VPC to install subsystems of different departments- Allocate only Intranet IP addresses to all ECS instances, and deploy them in the same security groups. This solution cannot isolate the networks between subsystems, because ECS instances in the same security group can communicate with each other by default, regardless of whether they have intranet or internet IP addresses. Moreover, this solution may also prevent the ECS instances from accessing the internet or providing external services, which may affect the business operation of the company.


Reference:

What is a VPN? - Virtual Private Network - Cisco, VPN Gateway - Alibaba Cloud, OpenVPN
- Alibaba Cloud Marketplace, Bastion Host - Alibaba Cloud Document Center, Bastionhost - Alibaba Cloud, Security groups - Elastic Compute Service - Alibaba Cloud



Page 10 of 45



Post your Comments and Discuss Alibaba ACP-CLOUD1 exam with other Community members:

Mr.Linh commented on June 16, 2024
Thank for exam
Anonymous
upvote

DANIEL SHEWAREGA BEYEN commented on March 22, 2024
Gteat cloud engines
Anonymous
upvote

anomymous commented on March 20, 2024
userfull material
INDONESIA
upvote

Emmanuel commented on February 18, 2024
the previous exam and the updated one are both exactly the same, how does it work that you guys say updated yet its the same copy?????????? and what is reffreed to the 132 questions when you can only access 70, what exactly is goijg on here? i would like my refund, as i have downloaded the same exam twice
Anonymous
upvote

Ko Htet commented on October 17, 2023
thanks for your support.
Anonymous
upvote

Tai commented on August 28, 2023
wonderful material
SOUTH AFRICA
upvote

Ko Htet commented on October 17, 2023
thanks for your support.
Anonymous
upvote

zzz_sleep commented on September 26, 2023
nice question
Anonymous
upvote

Tai commented on August 28, 2023
Wonderful material
SOUTH AFRICA
upvote

Nasir khan commented on August 21, 2023
Some answers are not correct.
Anonymous
upvote