1. Which of the following statements are true about the difference between HTTP and HTTPS ï¼?(the number of correct answers: 2)(Select 2answers)

A) HTTP must use port 80 and HTTPS must use port 443 to provide service
B) HTTPS is more secure than HTTP regarding the way they transfer data
C) You must buy commercial CA before you setup your own web server with HTTPS service
D) Data transferred through HTTPs is under encryption



2. Which of the following protection rules are provided by WAF to better protect from CC attack? (the number of correct answers: 2)(Select 2answers)

A) Normal
B) Strict
C) Loose
D) Emergency



3. CC customized protection rule supports you to define customized configuration setting. Which of following items can be self-defined? (the number of correct answers: 3)(Select 2answers)

A) Source IP
B) URI
C) Target IP
D) How frequently the page is visited by one single source IP
E) How long the detection should last


4. Which of the following statements are true to describe a SQL attack commonly used pattern? (the number of correct answers: 3)(Select 3answers)

A) adding more search request together with the original one
B) adding an absolute true condition to bypass original request
C) use incorrect SQL function
D) adding ';' or '--' to change the original request purpose with new request attached
E) use selfmade variable


5. Which of the following scenarios are suitable to use CC emergency mode protection? (the number of correct answers: 2)(Select 2answers)

A) API
B) Web page
C) Native APPs
D) HTML 5 page