CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Alibaba
  5. ACP-CLOUD1

Free ACP-CLOUD1 Exam Braindumps (page: 7)

Page 7 of 45
PDF with 176 Questions

When the "'Obtain the Visitor's Real IP Address" function is enabled in Alibaba Cloud SLB For layer 7 services, you can obtain the real IP addresses of visitors through the______________field in HTTP header

  1. Connection
  2. Authorization
  3. Etag
  4. X-Forwarded-For

Answer(s): D

Explanation:

The X-Forwarded-For field in HTTP header is used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or a load balancer.
When the "Obtain the Visitor's Real IP Address" function is enabled in Alibaba Cloud SLB, the SLB instance adds the X-Forwarded-For field to the HTTP header of each request and forwards the request to the backend server. The backend server can then obtain the real IP address of the visitor from the X-Forwarded-For field. The format of the X-Forwarded-For field is as follows:

X-Forwarded-For: client, proxy1, proxy2

where the value is a comma+space separated list of IP addresses, the left-most being the original client, and each successive proxy that passed the request adding the IP address where it received the request from. In this example, the request passed through proxy1, proxy2, and then the SLB instance (proxy3).2


Reference:

Obtain client IP addresses - Server Load Balancer - Alibaba Cloud, X-Forwarded-For - MDN Web Docs



An online education website is built based on ECS. SLB and Auto Scaling, which greatly reduces resource cost, O&M cost and without compromising system stability and user experience.

Now. the website admin wants to keep the user information (such as source IP, accessed URLs, and duration on each page) for analysis to support their upcoming campaign events In this case, which of the following statements is NOT correct?

  1. Let each ECS instance in the scaling group keeps the user access information it processes Thus, the data saved by these ECS instances can be accessed and analyzed at any time, making the solution not only simple, but also efficient reliable, and cost-effective.
  2. Save user-related access information to ApsaraDB for RDS in real time or quasi real time, which can then be used for performing query and analysis.
  3. Synchronize user-Synchronize user-related access information to ApsaraDB for Memcache in real time or quasi real time. Then, access Memcache using an application or make the data in Memcache persistent based on certain rules and then can use the persistent data for further analysis.
  4. Synchronize user-related access information to OSS in real time or quasi real time for further use

Answer(s): A

Explanation:

This statement is not correct because it is not a good practice to store user access information on each ECS instance in the scaling group. This is because the ECS instances are dynamic and can be added or removed by the Auto Scaling service based on the load and demand. Therefore, the data stored on the ECS instances may be lost or inconsistent if the instances are terminated or replaced. Moreover, this approach does not provide a centralized and unified way to access and analyze the data, which may affect the accuracy and efficiency of the analysis. Therefore, it is better to use other services such as ApsaraDB for RDS, ApsaraDB for Memcache, or OSS to store the user access information in a persistent and scalable manner.


Reference:

Auto Scaling, ApsaraDB for RDS, ApsaraDB for Memcache, OSS



SLB is a load balancing service that distributes traffic to multiple cloud servers It provides a wide range of functions to meet the needs of various business scenarios If a user wants to use SLB and ECS instances to deploy two-way authenticated HTTPS websites, the following statement is correct_______.

  1. SLB can only host SSL certificates, not CA certificates.
  2. You need to host server SSL certificates and client CA certificates on SLB
  3. SLB can only host CA certificates, not SSL certificate
  4. SLB can only support HTTPS one-way authentication

Answer(s): B

Explanation:

SLB (Server Load Balancer) is a service that distributes network traffic across groups of backend servers to improve the service capability and application availability. SLB supports HTTPS listeners, which allow you to encrypt the data transmission between clients and SLB instances. HTTPS is a secure version of HTTP that uses SSL/TLS protocols to provide data encryption, integrity, and authentication.

To use HTTPS listeners, you need to upload SSL certificates to SLB. SSL certificates are digital certificates that use public key cryptography to verify the identity of a website and encrypt the data exchanged between the website and the visitors. There are two types of SSL certificates: server certificates and client certificates. Server certificates are issued by trusted certificate authorities (CAs) to verify the identity of the website owner and the domain name. Client certificates are issued by the website owner to verify the identity of the visitors.

SLB supports both one-way and two-way authentication for HTTPS listeners. One-way authentication means that only the server identity is verified by the client. Two-way authentication means that both the server and the client identities are verified by each other. To use one-way authentication, you only need to upload the server SSL certificate to SLB. To use two-way authentication, you need to upload both the server SSL certificate and the client CA certificate to SLB. The client CA certificate is the root certificate or intermediate certificate of the CA that issues the client certificates.

Therefore, if you want to use SLB and ECS instances to deploy two-way authenticated HTTPS websites, you need to host server SSL certificates and client CA certificates on SLB. SLB can host both SSL certificates and CA certificates, and it supports HTTPS two-way authentication. The other statements are incorrect.


Reference:

Server Load Balancer(SLB) - Alibaba Cloud, Add an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center, What is HTTPS? - SSL.com, What is an SSL Certificate? - SSL.com, What is a Client Certificate? - SSL.com, [Configure two-way authentication for an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center]



When using Alibaba Cloud SLB. you can set different weights for backend ECS instances The higher the weight of a backend ECS instance the more load will be assigned to it An SLB instance has 5 ECS instances in the backend server pool, all of which are healthy Among these 5 ECS instances, the weight of ecs_inst1 is set to 100.
Which of the following statements is correct?

  1. Based on request level parameters of external requests, all requests with a request level parameter of 100 will be transferred to ecs_inst1
  2. Based on SLB's working mechanism, approximately 20% of loads will be assigned to ecs_inst1
  3. We do not know the weight settings of the remaining 4 ECS instances, so we cannot tell what would happen
  4. 100% of loads will be assigned to ecs__inst1, and the remaining 4 ECS instances will stay idle

Answer(s): C

Explanation:

When using Alibaba Cloud SLB, you can set different weights for backend ECS instances. The higher the weight of a backend ECS instance, the more load will be assigned to it. However, the load distribution is not based on the absolute value of the weight, but on the proportion of the weight in the total weight of all healthy backend ECS instances. For example, if there are two healthy backend ECS instances with weights of 100 and 200 respectively, the first instance will receive 33.3% of the load, and the second instance will receive 66.7% of the load. Therefore, to determine the load distribution of the 5 ECS instances in the question, we need to know the weight settings of the remaining 4 ECS instances. Without this information, we cannot tell what would happen. The other options are incorrect because they are based on wrong assumptions or misunderstandings of the SLB weight setting mechanism.



Page 7 of 45



Post your Comments and Discuss Alibaba ACP-CLOUD1 exam with other Community members:

Mr.Linh commented on June 16, 2024
Thank for exam
Anonymous
upvote

DANIEL SHEWAREGA BEYEN commented on March 22, 2024
Gteat cloud engines
Anonymous
upvote

anomymous commented on March 20, 2024
userfull material
INDONESIA
upvote

Emmanuel commented on February 18, 2024
the previous exam and the updated one are both exactly the same, how does it work that you guys say updated yet its the same copy?????????? and what is reffreed to the 132 questions when you can only access 70, what exactly is goijg on here? i would like my refund, as i have downloaded the same exam twice
Anonymous
upvote

Ko Htet commented on October 17, 2023
thanks for your support.
Anonymous
upvote

Tai commented on August 28, 2023
wonderful material
SOUTH AFRICA
upvote

Ko Htet commented on October 17, 2023
thanks for your support.
Anonymous
upvote

zzz_sleep commented on September 26, 2023
nice question
Anonymous
upvote

Tai commented on August 28, 2023
Wonderful material
SOUTH AFRICA
upvote

Nasir khan commented on August 21, 2023
Some answers are not correct.
Anonymous
upvote