B. Read requests are distributed to multiple instances.
C. Read/write requests to the database are separated.

C. 4

Answer DescriptionExplanation: When the scheduled task is activated once, 4 ECS instances will be added in the scaling group. This is because the scaling rule “Add 6 ECS instances” will increase the number of instances in the scaling group to 9, which exceeds the maximum number of instances (7) that is set for the scaling group. Therefore, Auto Scaling will only add 4 ECS instances to reach the maximum number of instances. The remaining 2 ECS instances will not be added to avoid exceeding the quota.

A. True

Answer DescriptionExplanation: RDS provides whitelist access policies. You can set permitted IP addresses and IP network segments to effectively prevent hackers from attacking the server by port scanning1. A whitelist is a list of IP addresses or CIDR blocks that are allowed to access an RDS instance. By default, the whitelist is empty, which means that no IP address can access the RDS instance. You can add IP addresses or CIDR blocks to the whitelist to allow access from specific sources. You can also modify or delete the whitelist as needed2. Whitelist access policies help improve the security of your RDS instance and protect your data from unauthorized access3.

B. You need to host server SSL certificates and client CA certificates on SLB

Answer DescriptionExplanation: SLB (Server Load Balancer) is a service that distributes network traffic across groups of backend servers to improve the service capability and application availability1. SLB supports HTTPS listeners, which allow you to encrypt the data transmission between clients and SLB instances2. HTTPS is a secure version of HTTP that uses SSL/TLS protocols to provide data encryption, integrity, and authentication3.
To use HTTPS listeners, you need to upload SSL certificates to SLB. SSL certificates are digital certificates that use public key cryptography to verify the identity of a website and encrypt the data exchanged between the website and the visitors4. There are two types of SSL certificates: server certificates and client certificates. Server certificates are issued by trusted certificate authorities (CAs) to verify the identity of the website owner and the domain name. Client certificates are issued by the website owner to verify the identity of the visitors5.
SLB supports both one-way and two-way authentication for HTTPS listeners. One-way authentication means that only the server identity is verified by the client. Two-way authentication means that both the server and the client identities are verified by each other. To use one-way authentication, you only need to upload the server SSL certificate to SLB. To use two-way authentication, you need to upload both the server SSL certificate and the client CA certificate to SLB. The client CA certificate is the root certificate or intermediate certificate of the CA that issues the client certificates.
Therefore, if you want to use SLB and ECS instances to deploy two-way authenticated HTTPS websites, you need to host server SSL certificates and client CA certificates on SLB. SLB can host both SSL certificates and CA certificates, and it supports HTTPS twoway authentication. The other statements are incorrect. References: Server Load Balancer(SLB) - Alibaba Cloud, Add an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center, What is HTTPS? - SSL.com, What is an SSL Certificate? - SSL.com, What is a Client Certificate? - SSL.com, [Configure two-way authentication for an HTTPS listener - Server Load Balancer - Alibaba Cloud Documentation Center]

C. We do not know the weight settings of the remaining 4 ECS instances, so we cannot tell what would happen

Answer DescriptionExplanation: When using Alibaba Cloud SLB, you can set different weights for backend ECS instances. The higher the weight of a backend ECS instance, the more load will be assigned to it. However, the load distribution is not based on the absolute value of the weight, but on the proportion of the weight in the total weight of all healthy backend ECS instances. For example, if there are two healthy backend ECS instances with weights of 100 and 200 respectively, the first instance will receive 33.3% of the load, and the second instance will receive 66.7% of the load. Therefore, to determine the load distribution of the 5 ECS instances in the question, we need to know the weight settings of the remaining 4 ECS instances. Without this information, we cannot tell what would happen. The other options are incorrect because they are based on wrong assumptions or misunderstandings of the SLB weight setting mechanism.

C. Enable the transmission acceleration service for O: Enable OSS

Answer DescriptionExplanation: The transmission acceleration service for OSS is a feature that allows you to access OSS buckets through a global acceleration endpoint, which can improve the upload and download speed of OSS data across regions. The global acceleration endpoint is a domain name that is resolved to the nearest OSS access point based on the network conditions of the client. This way, the data transmission distance is shortened and the network latency is reduced. Therefore, option C is the correct answer. References: Enable transfer acceleration, Map an acceleration endpoint

C. The DNS service provider used by the domain name (such as abc.com) must support intelligent resolution.

Answer DescriptionExplanation: The DNS service provider used by the domain name (such as abc.com) does not need to support intelligent resolution, because the CNAME address allocated to the domain name will point to an IP address that is intelligently managed by Alibaba Cloud CDN system. Therefore, option C is not a correct description of modifying domain name resolution. References: What is Alibaba Cloud CDN? - CDN - Alibaba Cloud Documentation Center and Alibaba Cloud CDN

B. Use CEN to establish communication between VPCs