1. Which of the following application vulnerabilities are not as popular as others?

A) SQL Injection
B) XSS exploit
C) File uploading vulnerability
D) Kernel privilege breaking



2. In a regular server maintenance operation, the purpose of installing a patch on the operating system is?

A) To improve server reseource usage
B) to improve system usability
C) to enhance system functionality
D) to avoid existing system vulnerabilities being used by some hackers



3. Which of the following statements is NOT true about web application security protection best practices?

A) enforce security management to any public service
B) keep installing official released patches will be good enough
C) keep monitoring system processes , performance and status
D) always scan input by user through web application



4. Which of the following function is provided by 'server guard' patch management service?

A) fix vulnerability found in open source software using Alibaba self-developed patch
B) detect any vulnerability before it bursts
C) release official patches for any exposed vulnerability
D) stop hacker's vulnerabilities probing



5. In May 2017 a new blackmail virus WannaCry burst globally, using Windows OS open port 445 to initiate its attacks. What is the quickest way to prevent this kind of attacks?

A) disable port 445
B) set a highly complexed administrator password
C) encrypt all data on server side
D) put sensitive data in some hidden directory