1. After using WAF, if you find there are many user input data in the network traffic, you should apply:

A) Loose protection policy
B) Normal protection policy
C) Strict protection policy
D) Progression protection policy



2. After WAF was purchased, users need to add one DNS record to map their domain name to WAF provided IP. What is the type of that DNS record?

A) A record
B) CNAME Record
C) TXT Record
D) MX Record



3. From which of the following attacks WAF will not provide protection?

A) SYN Flood
B) Web Server vulneraility attack
C) Core files unauthorized access
D) HTTP Flood



4. Which of the following security vulnerability is not a 'Server Side' security issue?

A) SQL injection
B) System Command Execution vulnerability
C) CSRF(cross site request fraud)vulnerability
D) File uploading vulnerability



5. Which of following statements is NOT true about anti-DDOS basics and anti-DDOS Pro?

A) both can defend DDOS attack
B) anti-DDOS pro is free to charge
C) anti-DDOS pro has more capabilities to defend against DDOS attacks
D) anti-DDOS pro can protect both inside and outside Alibaba Cloud servers