






















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A beginner-level cloud computing exam emphasizing the use of Log Service in cloud ecosystems. Coverage includes cloud computing fundamentals, logging architecture, data security basics, resource monitoring, and integration with Alibaba ECS, SLB, RDS, and OSS. Candidates learn how log analysis supports cloud diagnostics and service optimization.
Typology: Exams
1 / 94
This page cannot be seen from the preview
Don't miss anything!























































































Question 1. Which Alibaba Cloud service model provides a complete development platform including runtime, middleware, and application services? A) IaaS B) PaaS C) SaaS D) FaaS Answer: B Explanation: PaaS (Platform as a Service) offers a full development and deployment environment, covering middleware, runtime, and tools, allowing developers to focus on code without managing underlying infrastructure. Question 2. In Alibaba Cloud, what is the primary difference between a public cloud and a private cloud deployment model? A) Public cloud uses on‑premises hardware, private cloud uses shared hardware. B) Public cloud resources are multi‑tenant, private cloud resources are dedicated to a single organization. C) Private cloud cannot be accessed over the internet. D) Public cloud does not support elasticity. Answer: B Explanation: Public cloud resources are shared among multiple tenants, while a private cloud provides isolated, dedicated resources for a single organization. Question 3. Which of the following best describes elasticity in cloud computing? A) Ability to recover from hardware failures automatically. B) Ability to add or remove resources dynamically based on workload. C) Ability to store data redundantly across multiple zones. D) Ability to run virtual machines on physical servers.
Answer: B Explanation: Elasticity refers to the automatic scaling of compute, storage, or network resources up or down in response to changing demand. Question 4. Alibaba Cloud’s global infrastructure is organized into Regions and Zones. Which statement is true? A) Zones are larger than Regions. B) Each Region contains multiple Zones that are physically isolated. C) Zones can span multiple geographic countries. D) Regions and Zones are interchangeable terms. Answer: B Explanation: A Region is a geographic area, and each Region contains multiple Zones that are isolated data centers to provide redundancy. Question 5. When an ECS instance in Zone A needs to communicate with another ECS instance in Zone B within the same Region, which network is used by default? A) Public Internet B) Dedicated leased line C) Intranet (private network) D) VPN connection Answer: C Explanation: By default, ECS instances in different Zones of the same Region can communicate via the Alibaba Cloud internal network (Intranet) without traversing the public Internet. Question 6. Which billing model charges you only for the actual usage of resources on an hourly basis? A) Subscription (Prepaid)
Question 9. In Alibaba Cloud OSS, what is the purpose of Object Lifecycle Management? A) To encrypt objects automatically. B) To move objects between storage classes based on age or access patterns. C) To replicate objects across regions. D) To enforce bucket access policies. Answer: B Explanation: Lifecycle rules automatically transition objects to cheaper storage classes (e.g., Infrequent Access, Archive) or delete them after a defined period. Question 10. Which OSS storage class is best suited for rarely accessed data that can tolerate retrieval latency of several hours? A) Standard B) Infrequent Access C) Archive D) Cold Storage Answer: C Explanation: Archive storage is the lowest‑cost class designed for data accessed infrequently, with retrieval times ranging from hours to a day. Question 11. ApsaraDB RDS provides which of the following benefits compared to self‑managed databases? (Select the most comprehensive answer) A) Automatic backups and patching. B) Unlimited storage capacity. C) Built‑in firewall protection. D) Managed hardware only. Answer: A
Explanation: RDS offers automated backups, patching, high availability, and scaling, reducing operational overhead. Question 12. Which CDN feature helps reduce the load on the origin server by serving cached content from edge nodes? A) Origin Pull B) Intelligent Caching C) SSL Offloading D) DDoS Protection Answer: B Explanation: Intelligent caching stores frequently requested content at edge locations, serving it directly to users and decreasing origin traffic. Question 13. In a VPC, what does a VSwitch represent? A) A virtual firewall. B) A subnet within a VPC. C) A physical router. D) An Elastic IP address. Answer: B Explanation: A VSwitch is a logical layer‑2 switch that defines a subnet (CIDR block) inside a VPC, allowing instances to communicate within the same zone. Question 14. Which statement about Alibaba Cloud CEN is correct? A) CEN can only connect VPCs within the same Region. B) CEN provides a private backbone network to interconnect VPCs across Regions and on‑premises data centers.
Question 17. In Auto Scaling, what triggers a “Dynamic” scaling rule? A) A specific date and time. B) A change in a monitored metric such as CPU utilization. C) Manual user request. D) Instance health check failure. Answer: B Explanation: Dynamic scaling rules adjust capacity automatically based on real‑time metric thresholds (e.g., CPU > 70%). Question 18. Which of the following is NOT a valid source for log collection in Alibaba Cloud Log Service (SLS)? A) ECS instance syslog. B) RDS slow‑query logs. C. Alibaba Cloud DNS query logs. D) Alibaba Cloud Function Compute logs. Answer: C Explanation: As of the current SLS features, DNS query logs are not directly supported for collection; the other sources are native integrations. Question 19. What is the main purpose of ActionTrail in Alibaba Cloud? A) Real‑time traffic monitoring. B) Recording API calls for audit and compliance. C) Automatic scaling of ECS instances. D) Encrypting data at rest. Answer: B
Explanation: ActionTrail captures every API request made in the account, providing an immutable audit trail. Question 20. Which RAM policy type allows a user to assume a role for a limited duration? A) Inline policy. B) Managed policy. C) Role trust policy. D) Permission boundary. Answer: C Explanation: A role trust policy defines who can assume the role and for how long, enabling temporary access. Question 21. In Alibaba Cloud, which storage type offers the highest IOPS for a single ECS instance? A) Ultra Disk B) Standard SSD C) ESSD D) HDD Answer: C Explanation: ESSD (Elastic SSD) provides the highest IOPS and lowest latency among Alibaba Cloud disk options. Question 22. What is the effect of enabling “Anti‑leech” on an OSS bucket? A) It encrypts all objects automatically. B) It prevents unauthorized hotlinking of objects from other domains. C) It replicates objects to another region.
A) Reduces cost of data transfer. B) Guarantees zero latency. C) Provides high availability by routing traffic away from failed zones. D) Enables automatic DNS registration. Answer: C Explanation: Deploying SLB across zones ensures that if one zone experiences failure, traffic can be redirected to healthy zones, maintaining service availability. Question 26. In CloudMonitor, which metric would you most likely use to trigger an Auto Scaling rule for CPU‑bound workloads? A) Network Inbound Traffic B) Disk Read IOPS C) CPU Utilization D) Memory Usage Answer: C Explanation: CPU Utilization directly reflects CPU load; scaling based on this metric is common for CPU‑intensive applications. Question 27. Which security service provides vulnerability scanning for ECS instances? A) Anti‑DDoS B) Security Center C) ActionTrail D) CloudMonitor Answer: B Explanation: Security Center includes vulnerability assessment tools that scan ECS instances for known security issues.
Question 28. What is the default statefulness of a Security Group in Alibaba Cloud? A) Stateless – each packet is evaluated independently. B) Stateful – return traffic is automatically allowed. C) Stateless for inbound, stateful for outbound. D) Stateful only for TCP traffic. Answer: B Explanation: Security Groups are stateful; once a connection is allowed inbound, the response traffic is automatically permitted outbound. Question 29. Which of the following is a valid use case for Alibaba Cloud’s “Scheduled” Auto Scaling rule? A) Scaling up when CPU exceeds 80% for 5 minutes. B) Scaling down during nightly maintenance windows. C) Scaling based on user‑defined health checks. D) Scaling automatically when a new region is added. Answer: B Explanation: Scheduled scaling adjusts capacity at predetermined times, such as reducing resources during off‑peak hours. Question 30. In the context of Alibaba Cloud OSS, what does “Versioning” enable? A) Automatic migration of objects to a higher storage class. B) Storing multiple variants of the same object, allowing retrieval of previous versions. C) Encrypting each object with a unique key. D) Replicating objects across multiple regions. Answer: B
D) They automatically encrypt data at rest. Answer: C Explanation: Read‑Only instances serve read queries, distributing load and enhancing read performance without affecting the primary write node. Question 34. Which of the following best describes the “Hybrid Cloud” deployment model? A) All resources are hosted on Alibaba Cloud only. B) Resources are split between on‑premises data centers and public cloud, with integration. C) Multiple public cloud providers are used simultaneously. D) Resources are hosted in a private cloud that mimics public cloud APIs. Answer: B Explanation: Hybrid cloud combines on‑premises infrastructure with public cloud services, enabling data and workload mobility. Question 35. In Alibaba Cloud, what does the term “Fault Tolerance” refer to? A) The ability to scale resources automatically. B) The capability to continue operating despite component failures. C) The process of encrypting data in transit. D) The method of balancing traffic across servers. Answer: B Explanation: Fault tolerance ensures that a system remains functional when one or more components fail, often via redundancy and failover mechanisms. Question 36. Which of the following is a valid way to restrict access to an OSS bucket to specific IP addresses? A) Using a Security Group rule.
B) Configuring a bucket policy with IP condition. C) Enabling Anti‑leech with a referer whitelist. D) Assigning a custom domain. Answer: B Explanation: Bucket policies can include IP‑address conditions to allow or deny requests from specified IP ranges. Question 37. When configuring a VPC peering connection, which of the following is true? A) Peering enables trans‑region traffic over the public Internet. B) Peering allows direct intra‑VPC communication without NAT. C. Peering automatically merges the CIDR blocks of the two VPCs. D. Peering requires a VPN gateway on each side. Answer: B Explanation: VPC peering creates a private, direct link between two VPCs, allowing resources to communicate without traversing the Internet or using NAT. Question 38. Which of the following is a key feature of Alibaba Cloud’s “Anti‑DDoS Pro” service? A) Automatic scaling of ECS instances. B) Application layer (Layer 7) DDoS mitigation. C) Encryption of all inbound traffic. D. Automatic backup of databases. Answer: B Explanation: Anti‑DDoS Pro provides advanced protection, including mitigation of Layer 7 (application‑level) attacks.
Explanation: A Logstore is a storage unit within Log Service where logs from a particular source or category are kept. Question 42. Which metric would you monitor to detect a potential DDoS attack on an ECS instance? A) Disk Write Bytes B) CPU Utilization C) Network Inbound Packets per Second (PPS) D. Memory Usage Answer: C Explanation: A sudden surge in inbound packet rate (PPS) is a typical indicator of a DDoS flood. Question 43. What is the purpose of “Resource Access Management (RAM) roles” in Alibaba Cloud? A) To enforce network ACLs. B) To grant temporary permissions to services or users without sharing credentials. C. To configure firewall rules. D. To allocate storage quotas. Answer: B Explanation: RAM roles define a set of permissions that can be assumed by trusted entities, enabling secure, credential‑free access. Question 44. Which of the following best describes a “Public Image” in ECS? A) An image that can be used only within a specific VPC. B) An image provided by Alibaba Cloud that is available to all accounts. C. An image that contains only the operating system without any software.
D. An image that is stored in OSS. Answer: B Explanation: Public images are pre‑built OS or application images offered by Alibaba Cloud and can be used by any account. Question 45. When using OSS for static website hosting, which feature must be enabled? A. Versioning B. Bucket Policy allowing public read C. Object Lifecycle Management D. Anti‑leech Answer: B Explanation: To serve content publicly, the bucket must allow public read access via a bucket policy or ACL. Question 46. Which Alibaba Cloud service can be used to automatically encrypt data at rest for ECS disks? A. KMS (Key Management Service) B. Security Center C. ActionTrail D. CloudMonitor Answer: A Explanation: KMS provides keys that can be used to encrypt ESSD, SSD, and other disks attached to ECS instances. Question 47. In a scaling group, what does the “desired capacity” parameter define? A. The maximum number of instances allowed.
Question 50. What is the primary purpose of “Network Address Translation (NAT) Gateway” in a VPC? A. To provide a private IP address to the internet. B. To enable outbound internet access for resources without public IPs. C. To encrypt traffic between zones. D. To balance traffic across multiple ECS instances. Answer: B Explanation: A NAT gateway allows instances in private subnets to initiate outbound connections to the Internet while keeping their private IPs hidden. Question 51. Which of the following is true about “Cross‑Region Replication” for OSS? A. It replicates data synchronously, guaranteeing zero data loss. B. It creates a read‑only copy of objects in a different region. C. It only works for objects larger than 1 GB. D. It requires manual intervention for each object. Answer: B Explanation: Cross‑Region Replication asynchronously copies objects to another region, providing a read‑only replica for disaster recovery. Question 52. In the context of Alibaba Cloud, what does “EIP Bandwidth” refer to? A. The maximum data transfer rate for an Elastic IP address. B. The size of the EIP’s CIDR block. C. The number of EIPs that can be attached to a single instance. D. The latency between the EIP and the internet. Answer: A
Explanation: EIP Bandwidth defines the allocated throughput (e.g., 10 Mbps, 100 Mbps) for traffic passing through the Elastic IP. Question 53. Which of the following is a typical use case for “Object Lifecycle Transition to Infrequent Access”? A. Frequently accessed video streaming. B. Temporary log files that are accessed daily. C. Archival of old backup files that are rarely retrieved. D. Real‑time sensor data ingestion. Answer: C Explanation: Infrequent Access storage is cost‑effective for data that is seldom accessed but must remain instantly retrievable, such as old backups. Question 54. Which Alibaba Cloud service provides a managed Kafka-compatible messaging platform? A. Message Service (MNS) B. DataHub C. Kafka Service (ACK) D. RocketMQ Answer: C Explanation: Alibaba Cloud’s ApsaraKafka (ACK) offers a fully managed, compatible Kafka service. Question 55. What does the “Idle Timeout” setting on an SLB listener control? A. The maximum time a TCP connection can stay idle before being closed. B. The time taken to provision a new backend server.