4455 - Midterm Flashcards by Yanick Houde

what is capacity planning?

focuses on minimizing the difference between capacity of an IT resource and the demand for the resource

How well did you know this?

Not at all

Perfectly

what are the 3 types of capacity planning strategies?

lead, lag and matching

How well did you know this?

Not at all

Perfectly

what is the lead capacity planning strategy?

adding capacity to a resource in anticipation of demand

How well did you know this?

Not at all

Perfectly

what is the lag capacity planning strategy?

adding capacity to a resource after it has reached its full capacity

How well did you know this?

Not at all

Perfectly

what is the matching capacity planning strategy?

adding capacity to a resource in small increments as demand increases

How well did you know this?

Not at all

Perfectly

what are the two cost buckets associated with cloud technology?

cost of acquiring infrastructure and the cost of ongoing ownership of infrastructure

How well did you know this?

Not at all

Perfectly

what is organizational agility?

the ability to adapt to change caused by internal or external factors

How well did you know this?

Not at all

Perfectly

what is clustering?

when independent IT resources are connected into a single system

How well did you know this?

Not at all

Perfectly

what is reduced and what is increased when clustering is used?

failure rates are reduced, availability and reliability are increased

How well did you know this?

Not at all

Perfectly

what is grid computing?

when IT resources are grouped into logical pools - heterogeneous and geographic distribution

How well did you know this?

Not at all

Perfectly

what is the difference between clustering and grid computing?

grid systems are much more loosely coupled and distributed

How well did you know this?

Not at all

Perfectly

what is virtualization?

it allows IT resources to provide multiple virtual images of themselves, essentially severing the hardware-software dependency, and allowing multiple users to share their capabilities

How well did you know this?

Not at all

Perfectly

what is a cloud?

an IT environment that can provision resources remotely which is also scalable

How well did you know this?

Not at all

Perfectly

TF: cloud has a finite boundry

How well did you know this?

Not at all

Perfectly

TF: it is necessary for clouds to be web based

How well did you know this?

Not at all

Perfectly

what processing capabilities are cloud environment dedicated to supplying?

back-end

How well did you know this?

Not at all

Perfectly

what are the differences between horizontal and vertical scaling?

horizontal: cheaper, replicates existing resources, not limited by hardware capacity
vertical: more expensive, requires setup, limited by hardware capacity

How well did you know this?

Not at all

Perfectly

what is a cloud service?

an IT resource that is remotely accessible through the cloud

How well did you know this?

Not at all

Perfectly

what do SLA’s define?

quality of service specifications and IT outcomes

How well did you know this?

Not at all

Perfectly

what are the benefits of cloud computing?

eliminates upfront IT investment, increased scaleability, improved availability and reliability

How well did you know this?

Not at all

Perfectly

what are unique issues that face cloud computing?

security vulnerabilities, regional compliance and legal issues, reduced operational governance and control

How well did you know this?

Not at all

Perfectly

what causes security vulnerabilities with cloud computing?

overlapping trust boundaries

How well did you know this?

Not at all

Perfectly

to improve cloud security what should cloud consumer and providers have?

compatible security frameworks

How well did you know this?

Not at all

Perfectly

what are the reasons for reduced operational governance control?

shitty cloud providers and bandwidth constraints

How well did you know this?

Not at all

Perfectly

what is portability?

a measure of the impact of moving cloud consumer resources and data between clouds

TF: There are no established industry standards for cloud portability?

Researchers referred to the cloud computing technologies since mid of 1960 as a) Public Computer utilities b) Artificial intelligence c) Distributed systems d) Wide area networks

All of the following considered as cloud computing systems except a) Amazon web services b) UWO email services c) Google documents d) Linux servers

The adjective “elastic” in the cloud computing definition refer to a) The cloud is upgradable b) Adding or releasing resources on demand c) Support integration with other clouds d) Support different computations needs

All the following technologies is cloud computing enablers except a) Web technology b) Distributed systems. c) Machine learning d) WIFI Technology

``` Which of the following cloud computing characteristics is the most important for the IT systems capacity planning a) Scalability b) Reliability c) Availability d) Cost ```

``` The most cost factor will be reduced by using the cloud technology rather than the using on-premise systems is a) Operational cost b) Infrastructure cost c) Maintenance cost d) None of the above ```

The main common characteristic between clustering and grid computing systems is a) Cooperative systems b) Composed of Tightly coupled IT resources c) Built by interconnected homogeneous IT resources. d) Geographically distributed systems

Which of the following best define the Virtualization technology a) Technology allow multiple users to work remotely in the same physical server. b) Technology eliminate the dependency between operating systems and physical servers c) Technology that enables the parallel processing d) Technology to optimize the computing resources allocation

Which of the following best to achieve the availability of the IT resources 1) Deploy in single cloud. 2) Deploy in private environment not accessed remotely 3) Deploy in a cloud and on-premise environment 4) Deploy in multiple reliable clouds

Why is the horizontal scaling is less expensive than the vertical one a) No need for additional IT resources b) Using automated scaling c) No needs for physical upgrades d) Not limited by the hardware capacity

Which of the following is not cloud service a) Google Assistant b) Microsoft .NET platform c) Amazon Alexa d) None of the above

Which of the following is correct about the SLA a) include the response time of the cloud service b) Include the security technology used in the service c) Useful for the service consumer because services details are always encapsulated. d) All of the above

Which of the following is advantage of adopting the cloud computing technology a. meet and fulfill unpredictable usage b. “ready-to-use” concept c. tangible business benefits due to the availability and reliability d. elimination of up-front IT investments e. All of the above

who can a cloud administrator be?

a cloud provider, consumer or a third party

what are the four cloud roles

administrator, broker, auditor, carrier

what is ubiquitous access

wide accessibility that is tailored to different cloud service consumers

what is multitenancy?

characteristic of a software program that allows an instance of the program to serve multiple users

what is cloud elasticity

ability of cloud to scale IT resources to respond to runtime or pre-determined conditions

what is cloud measured usage?

ability of cloud to track usage of IT resources

what is cloud resiliency?

ability of cloud to distribute redundant implementations of IT resources across physical locations

what is IaaS, Paas, and SaaS

infrastructure, platform, and software as a service

what are the typical levels of control granted to cloud customers for: - SaaS - PaaS - IaaS

- usage related configuration - limited administrative - full administrative

what are the typical functionality granted to cloud customers for: - SaaS - PaaS - IaaS

- access to front end user interfaces - moderate level of admin control - full accessed to IT resources

what are the common cloud consumer activities for: - SaaS - PaaS - IaaS

- uses and configures cloud service - develops, tests, deploys and manages cloud service - set up and configure bare infrastructure

what are the common cloud provider activities for: - SaaS - PaaS - IaaS

- implement, manage, maintain and monitor usage - pre configure and provide underlying infrastructure, monitor usage - provision and manage the physical processing, storage and networking, monitor usage

what are the differences between public, private and community clouds?

varying levels of accessibility public: offered at a cost or advertisement private: owned by organization that is both the consumer and provider community: owned by community member or a third party

what is a hybrid cloud and why are they challenging?

a combination of public, private and community clouds, challenging due to disparity between environments

what is a virtual private cloud?

a self contained cloud hosted by a public cloud provider

what is a inner-cloud?

a cloud comprised of two or more inner connected clouds

What is the role of the cloud broker a) Provide the communication link between the cloud provider and consumers b) Provide best offers from cloud providers in term of services and prices. c) Provide cloud different services such as IaaS, PaaS, SaasS. d) Both b & c

IT Company leases platform from public cloud provider, what is the security boundary should be applied for the company a) Organizational boundary b) Private boundary c) Trust boundary d) None of the above

Which of the following is not main characteristic of the cloud technology a) High speed communication b) Usage On demand c) Widely accessible d) Consumed by different of users

Which of the following technologies required to do the IT resource pooling a) Multitenancy b) Virtualization c) Resiliency d) Measured usage

Testing as service can be classified as a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above

§ Printer as service can be classified as a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above

``` Which of the following is environment comprised of infrastructure-centric IT resources a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above ```

SaaS cloud services are always provided as a) Virtual servers b) Preconfigured environments c) Physical computing resources d) Cloud web services

Which of the following is a task for the PaaS delivery model owner a) Develops cloud services. b) Manages physical resources and hard storages c) Preconfigure the DBMSs d) Non of the above

``` Which of the following cloud delivery models has the highest degree of the administrative control? a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above ```

``` A company provide PaaS cloud , what possible option for building the infrastructure layer a) owning IasS b) Consuming IaaS c) Own on-premise Infrastructure d) All of the above ```

Communication-as-a-Service is cloud delivery models , which are more close to a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above

Database-as-a-Service is cloud delivery models , which are more close to a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above

What is the main difference between private and public cloud a) Ownership b) Ownership and access c) Access d) Size

A company has multi level of data sensitivities which makes that not all the data IT resources can be available to public access, which is the deployment model best for the company a) Private cloud b) Public cloud c) Hybrid cloud d) Hosted cloud

All the following are correct about the hosted cloud except a) Owned and managed by a public cloud provider b) Consumed by a private organization c) The model is based on the ownership and access roles d) None of the above

Interconnected cloud deployment model is defined based on a) Size b) Access c) Architecture d) Ownership

what is the architecture of ISP's?

a hierarchical topology composed of 3 tiers

what is a data center?

a grouping of IT resources in close physical proximity

what are the benefits of using a data center?

higher usage efficiency for shared resources, power sharing, better accessibility

what are the components of a data center?

computing hardware, storage hardware, network storage, and the facility itself

what network hardware is there in data centers?

nas gateways, lan fabric, san fabric, web tier load balancing and acceleration, carriers and external network connections

what is a hypervisor?

a virtual machine monitor or manager

what are the 3 main positive characteristics of virtualization?

hardware independence, server consolidation, resource replication

what is operation system based virutalization

installing virtualization software in a pre existing operating system

what is the problem associated with operation system based virtualization?

can lead to lots of performance overhead

what are the advantages of hardware based virtualization?

it requires negligible storage space, is easy to use, and handles hardware management functions

what are the disadvantages of hardware based virtualization?

hardware compatibility can be problematic

what is VIM?

virtualization infrastructure management

what does VIM rely on?

centralized management modules

what are the 3 concerns with virutalization?

- performance overhead - hardware compatibility - portability

The main concern about the Broadband Networks and Internet in the cloud computing industry is a) The bandwidth limits b) Latency delays c) Cloud services availability depends on the cloud carrier d) All of the above

All the following can be hot-swappable components in the data center except a) Storages b) Switches c) CPUs d) Virtual memory

SAN is : a) Array of storages connected through the SAN and have access to network b) Storage Area Network c) Multiple storage devices connected through LAN network. d) b & c

NAS is : a) Array of storages connected through the NAS device and have access to the network b) Network Area Storage c) Multiple storage devices connected through LAN network. d) Virtual storage network

All the following are IT resources can be virtualized except: a) Printers b) Routers c) Monitors d) None of the above

Guest operating system in virtualization technology is a) The hypervisor OS b) The virtualized machine OS c) The virtual machine OS d) The virtualization manager

Which of the following is advantage of the virtualization technology a) Virtual machine mobility b) Easy and automated VMs administration c) Increase hardware utilization d) All of the above

Which of the following is not part of the Operating System-Based Virtualization a) Virtual machines b) Virtual networks c) Physical routers d) Hypervisors

Hypervisor advantage over the OS-Based Virtualization is a) Advanced administrative features. b) More compatible to physical servers c) More efficient. d) More scalable

Which is the following is not a concern for the virtualization technology. a) Performance overhead of the guest Virtual OS b) Performance overhead of the Host OS c) Compatibility between the hypervisors and hardware. d) Lack of portability of virtualization management

what are web resources?

artifacts that can be accessed over the world wide web

what are the two basic components of the world wide web?

web browser client and web server

what are the three layers of a web application?

- presentation layer - application layer - data layer

TF: tenants in multi-tenant application have access to application data and configuration information

F - only their own data and no configuration information

# Define the following characteristics of multitenant applications: - usage isolation - data security - recovery

– The usage behavior of one tenant does not affect the application availability and performance of other tenants. – Tenants cannot access data that belongs to other tenants. – Backup and restore procedures are separately executed for the data of each tenant.

``` Define the following characteristics of multitenant applications: - application upgrades § Scalability tenants. § Metered Usage § Data Tier Isolation ```

- individual tenant usage does not effect other tenants - tenants can't access data of other tenants - backup and restore can be executed for the data of each individual tenant - tenants can have individual databases

what is the difference between virtualization and multitenancy

virtualization - multiple copies of the server environment can be hosted by a single physical server multitenancy - a physicla OR virtual server hosting an application that is designed to allow usage by multiple users

what sort of interaction do web based services provide?

machine to machine

what are SOAP based web services?

simple object access protocol | - a common messaging format for request and response messages

what is REST API?

a design for loosely coupled application that use the HTTP protocol to transfer data (representational state transfer)

what are the REST services architecture constraints?

uniform interface - all client requests should look the same client server separation - the client and the server should act independently statelessness - each request should contain all the info the server needs to know cacheable resources - server responses should contain information on whether the information is cacheable or not layered system - layers should not effect requests or responses code on demand - a response can include code that the client can execute

SOAP vs REST: design

standardized protocol with predefined rules vs architecture style with loose recommendations

SOAP vs REST: approach

function driven vs data driven

SOAP vs REST: statefulness

stateless by default but can be stateful vs always stateless

SOAP vs REST: caching

API calls cannot be cached vs API calls can be cached

SOAP vs REST: security

WS/SSL vs HTTPS/SSL

SOAP vs REST: performance

more resources vs less resources

SOAP vs REST: message format

XML vs lots of formats

SOAP vs REST: transfer protocols

lots of protocols vs HTTP only

SOAP vs REST: best for

enterprise apps, high security apps vs public API's, social networks

SOAP vs REST: advantages

high security, standardized vs scalable, better performance, flexibility

SOAP vs REST: disadvantages

poorer performance, more complex, less flexible vs less security, not suitable for distributed environments

what are service agents?

event-driven programs designed to intercept messages at runtime

what do cloud based services rely on service agents for?

monitoring and measuring during runtime

what is the difference between an active and a passive service agent?

active - changes the message contents | passive - reads and records message contents but makes no changes

what does service middleware accomodate?

complex service compositions

what are the two types of service middleware platforms

enterprise service bus - intermediary processing features | orchestration platform - hosts and executes workflow logic

Which of the following is NOT an element of the web technology a) Web communication protocol b) Web Representational language c) Web browsers d) Web resource identifier

All the following are a typical web application tasks except 1) Retrieving the data from the data storage upon user request. 2) Execute the application logics. 3) Respond to the client request. 4) Represent the response for the client.

Multitenancy is different than virtualization in following a) It can be applied in software only b) It allows different users to use the IT-resource c) It can be applied in virtual servers only d) It can be applied in physical servers only

SOAP service should be discoverable by a) Following SOAP message format to search for the service b) Developing the Service description using XML schema c) Using java language in the implementation d) Developing Statefulness service

REST service response message should a) Be encoded only in JSON format b) Include a flag to indicate if the data is cashable or not c) Include a code to be executed in the client side d) Has no body

Why REST service technology is not adequate for distributed environments a) Support limited security protocols b) Support limited transfer protocols c) Support Limited message format d) All of the above

Statefulness service should a) Allow save information about the client request at the server side b) Respond to service based on the client request and client previous status c) Allows session between client and servers d) Respond to service based on the client request only

§ Stateful service should a) Allows save information about the client request at the server side b) Responds to service based on the client request and previous client status c) Allows session between client and servers d) All of the above

The advantage of the SOAP services over the REST services is a) Better Performance b) Security c) Scalability d) All of the above

The advantage of the REST services over the SOAP services a) Better Performance b) Flexibly to develop and design c) Scalability d) All of the above

cloud service broker platform is type a) ESB platform b) middleware orchestration platform c) SOAP platform d) None of the above

A service intercept a message and send it back to different destination , is type of a) Active agent b) Passive agent c) Middleware service d) REST service

a/c?

What is the main characteristic of the tire 3 infrastructure data centers a) Have single configuration for all the data center components b) Have redundant configuration for all the data center components except the power supply c) Have redundant configuration for all the data center components d) Have redundant configuration for servers and storages only

who is responsible for ensuring the availability of cloud services?

the provider and the carrier

what are security controls?

counter measures used to respond to security threats and reduce or avoid risk

what are security mechanisms?

a defensive framework put in place to protect IT resources

what is a cloud security policy?

the defined positioning and usage of security controls and mechanisms

what is a threat agent?

an entity that is capable of carrying out an attack

what is a malicious service agent?

an entity that can intercept and forward network traffic that flows within a cloud can exist as an external program

what is a trusted attacker?

an entity that launches attacks within the trust boundary | usually appears to be a legitimate user that is sharing IT resources within the cloud

what is a malicious insider?

a human attacker that have privileged access to the cloud

what is traffic eavesdropping and what does it compromise?

passively intercepting messages | comprises confidentiality

what is a malicious intermediary and what does it compromise?

intercept and alters messages | comprises confidentiality and integrity

what is a denial of service attack?

attacker overloads IT resources until they don't function properly anymore

what is insufficient authorization?

when attacker is granted direct access to IT resources

what is a virtualization attack and what does it comprimise?

an attack that exploits vulnerabilities in virtualized environment compromises confidentiality, integrity, availability and underlying physical infrastructure

what is the problem with overlapping trust boundaries?

malicious cloud consumers can target shared IT resources within the same trust boundaries impacting their performance relative to other users

what are security brokers?

entity with distinct set of security policies3

with regard to what 2 measures are security risk evaluated?

probability of occurrence and degree of impact

Unauthorized cloud consumer intercept a message have been sent to a cloud and change the destination to other cloud this will be violation for 1. Integrity 2. Authenticity 3. Confidentiality 4. All of the above

Authorized user get an error exception that include server ports , which would allow him to hack these ports , the error exception is 1) Security Threat 2) Security weakness 3) Security Risk 4) Security mechanism

``` Using the digital signature in the cloud to ensure the data integrity and authenticity is 1) Security mechanism 2) Security control 3) Security risk 4) Security policy ```

``` Which is of the following is not violated by the trusted attacker and malicious insider: § Confidentiality § Authenticity § Integrity § Availability ```

authenticity

Traffic eavesdropping threat is hard to be detected by any security mechanisms because 1. It is a passive action 2. It violate the confidentiality of the data 3. It used to collect illegitimate information about the cloud 4. Always occurs by malicious service agent

Malicious Intermediary threats is more danger than the eavesdropping because 1. Violate the integrity and confidentiality of the data 2. Send harm data to the cloud. 3. Messages from consumers are intercepted and altered 4. All of the above

All the following is correct about the insufficient authorization threat except: 1. Always done by anonymous attacker 2. Done by unauthorized consumers 3. It violates the authenticity 4. It can be done by malicious insider

What is the risk of the virtualization attack 1. Lose the data confidentiality and integrity in the virtual server 2. Denial of service for virtual service 3. Compromising the physical infrastructure 4. All of the above

In the overlapping trusted boundaries the trusted attacker can compromise a) Shared IT-resources only b) All resources in the trusted boundaries c) Authorized IT-resources only d) Un-authorized IT-resources only

All of the following are a concerns regarding cloud computing security except a) Flaw implementation b) Security policy disparity c) unclear contracts between consumer and provider d) Cloud availability

Identify a web service security defect is a part of 1. Risk assessment 2. Risk mitigation 3. Risk monitoring 4. Risk control

``` Firing a employee that previously violate the confidentiality and privacy of the company data 1. Risk assessment 2. Risk Treatment 3. Risk monitoring 4. Risk control ```

A company decided to upgrade their security encryption technology used after it discover that the previous technology was not effective to avoid some type of attacks , this situation is part of 1. Risk assessment 2. Risk Treatment 3. Risk monitoring 4. Risk control

what is a logical network perimeter?

isolation of a network environment from the rest of the network

what are the uses of a logical network perimeter?

to isolate resources for consumers, authorized users, and other user groups as well as a means of bandwidth control

what is included in a logical network perimeter?

virtual firewall and virtual network

what does a virtual firewall do?

filter traffic through the isolated network

what does a virtual network do?

isolated the network environment within a data center

what is the most foundational building block for cloud environments?

cloud servers

what limits the number of virutal servers one physical server can create?

its capacity

what are template virtual servers?

pre-made VM images

TF: can a cloud storage device be virutalized?

what mechanism supports the fixed increment capacity allocation of cloud storage devices?

pay per use

what are the concerns with cloud storage device?

confidentiality, integrity, security, and performance on large amounts of data

what is the lowest level of cloud data storage and what are they?

blocks - smallest unit of data that is still individually accessible

what are the two types of network storage interfaces?

storage blocks and file & network storage

how are object storage interfaces accessed?

via REST or web based cloud services using HTTP

who supports the use of object storage interfaces?

SNIA's CDMI

what are the 2 main categories of storage interfaces?

relational and non-relational

how is storage management carried out?

using either a standard API or administrator interface

what are the challenges for relational database storage?

vertical scaling and performance

what are the benefits of a non-relational database?

- less processing overhead and complexity | - more horizontally scalable than relational database storage

what are the challenges of a non-relational database?

- schemas and models are primitive and not complete picture of data - can't use relational database functions - lack of normalization

what is cloud usage monitor?

a lightweight and automated software program that keeps track of IT resource usage data

what are the 3 formats of cloud usage monitor?

monitoring agent, polling agent and resource agent

what does a monitoring agent measure?

network traffic and message metrics

what is a monitoring agent?

an event driven program that exists as a intermediary service agent that exists along communication paths

what is a resource agent?

a program that collects usage data based on event driven interaction with specialized resource hardware

what is a polling agent?

a processing module that collected usage data by polling IT resources

All the following are correct about cloud IT-resource isolation except a) Supports the cloud security b) Enables cloud IT-resources distribution c) Uses virtual firewalls d) Uses physical LAN

In addition to the IT-resources isolation the logical network perimeter mechanism can a) Improve the logical network performance b) Increase the bandwidth used by the logical network c) Improve the vertical scalability of the cloud IT-Resources d) Reduce the virtualization over head

Logical Network Perimeter mechanism can isolate cloud IT-Resource from a) Other IT-Resource within cloud b) Internet and public users c) Malicious attacker d) All of the above

The deployment of the Logical Network Perimeter mechanism include a) Virtual networks b) Virtual networks and virtual firewalls c) Physical networks d) Physical networks and virtual firewalls

``` Which one of the following virtual networks is the most loosely isolated from the cloud external user? a) VIM virtual network b) Consumer IT-Resources virtual network c) Cloud storage virtual network d) internet routers virtual network ```

Which the following is part of the virtualization logical architecture a) Physical IT-resources b) VIMs and hypervisors c) Virtual machines d) All of the above

In virtualization the virtual server instance is created by a) VIM b) Hypervisor c) Consumer d) Usage monitor

Which of the following is not standard storage interface a) Block b) Object c) Relational dataset d) Multimedia

Which is of the following is concern about the relational cloud storage a) Doesn't support vertical scalability b) Doesn't support horizontal scalability c) Is not scalable d) Is not support REST services

Which of the following is best storage interface for multimedia web resources a) Files b) Block c) Object d) NoSQL database

Which of the following are correct about the LUN a) Stands for logic unit number b) Created and configured by the VIM c) Used by Storage Virtualization software to create the consumer storage device d) All of the above

§ Monitoring agent actions is similar to a) Eavesdropping attack b) Malicious intermediary attack c) Denial of service attack d) authorization attack

a or b not sure

The resources agent is different than monitor agent in following a) is event driven b) collects traffic data c) collects IT-Resource usage d) counts the consumer messages

Polling Agent is cloud usage agent that can capture the IT-resource a) Usage b) Performance c) Availability d) Security weaknesses

``` _________ receives predefined events from VIM as response for the consumer VM stopping request a) Polling agent b) Resource agent c) Monitor agent d) None of the above ```

``` Usually resource agent receives predefined events from the _______ as response for the consumer VM upgrade request a) Hyper visor b) VIM c) Virtual machine d) Administrative portal ```

what is an automated scaling listnener?

tracks comms between cloud service consumers and cloud services for DYNAMIC SCALING purposes

where are automated scaling listeners typically located?

near the firewall

what are workloads for automated scaling listeners determined by?

volume of cloud consumer generated requests and back end processing demands triggered by certain types of requests

§ The automated scaling listener could be a part of of _____ a) VIM b) Hypervisor c) Virtual machine d) Usage and administration portal

b) hypervisor

The scaled virtual server should be migrated to other physical host in the case of ____ a) Scaling up b) Scaling down c) The scale is above the host capabilities. d) The scale is below the host capabilities.

``` § The automated scaling listener detects the need to scale down the VM and send a commands to _____ to scale down the VM a) Hypervisor b) VM c) VIM d) Physical server ```

c) VIM

what scaling problem does a load balancer address?

horizontal scaling

what are the 3 types of workload distribution functions?

1. Asymmetric (larger first) 2. Prioritized (assigned priority levels) 3. Content Aware (request content based)

load balancers can exists as what?

- switch - appliance - software based system - service agent

§ Load balancer mechanism enables the a) Vertical scaling b) Horizontal scaling c) Vertical and horizontal scaling d) None of the above

§ Which of the following is load balancer advantage provided to the cloud consumer a) Optimize the cloud resources usage. b) Minimize the waiting time for requested tasks c) Apply priority strategies for task processing. d) All of the above

Which of the following is a distribution methodology for the load balancer a) Fair distribution b) Size based c) Content based d) All of the above

what does the SLA monitor observe?

the runtime performance of cloud services

The SLA Monitor observe the _____ of the web services a) The performance b) The availability c) The reliability d) All of the above

§ The SLA monitoring agent can be a) Polling agent b) Event based agent c) Usage monitor agent d) Both a , b

§ The following agent is needed to review and audit QoS Requirements a) SLA Monitor b) Audit monitor c) Failover monitor d) Quality monitor

what processes the data collected by a pay per use monitor?

billing managment system

what are typical monitoring variables for a pay per use monitor?

request/response volumes, data volume, bandwidth consumption, usage time

§ Most of the time the billing receipt for the cloud consumer is calculated by____ a) Usage monitor b) Pay-per-use Monitor c) Billing management system d) SLA Monitor

which of the following parameters can be measured by pay-per-used monitor a) Number of of consumer messages b) IT-resource usage period c) The cloud services bandwidth consumption d) All of the above

§ Which of the following is needed to by the pay-per-use monitor to fulfill its task 1. Pricing scheme database 2. Usage monitor 3. VIM 4. All of the above

§ Which of the following is one of the pay-per-use monitor tasks? a) Respond to VIM events b) Request Inquiries about the service usage pricing schemes c) Store billable events d) All of the above

how is an audit monitor implemented?

as a monitoring agent

what does an audit monitor intercept?

Which cloud monitor should be implemented to keep track of all log in requests ? a) Audit b) SLA c) Load d) Failover

hich cloud monitor should be implemented to apply location based access ? a) Audit b) SLA c) Load d) Failover

a (Audit)

what does a failover system help increase?

the availability and reliability of a system

what are failover systems often used for?

mission critical programs, reusable services

what are the two types of failover configurations?

- active active | - active passive

what failover configuration has redundant implementations serving the workload synchronously?

active active

which failover configuration involves the load balancer?

active active

which failover configuration redirects workload towards redundant implementation in the event of a failure?

active passive

In active passive failover mechanism , the recovered resource status becomes a) Active resource b) Standby resource c) Failed resource d) Deleted resource

§ which is of the following agents is needed by the active–active fail over system a) Router b) Load balancer c) Audit monitor d) SLA monitor

Which of the following is a technology that enables the failover systems 1. Clustering 2. Resource replication 3. Load balancing 4. All of the above

§ Which of the following government artifacts most needs the failover system a) Distributed database systems b) Centralized data centers c) web services d) None of the above need failover system

what tasks are done by a hypervisor

create, start, shutdown, scale, suspend

§ All the following tasks are done by the hypervisor except a) Create new VM b) Delete VM c) Migrate VM d) Scale VM

``` How many hypervisor instances needed for 3 physical servers and 6 virtual servers model a) 6 b) 1 c) 3 d) 2 ```

§ One of the VIM commands to migrate the virtual server from busy server to other idle server is a) Ask the busy server’s hypervisor to migrate the VM b) Ask the busy server hypervisor to suspend the VM c) Ask the Idle server hypervisor to to migrate the VM d) Ask the busy server hypervisor to start the VM

what are the 3 resource cluster types?

server, database, large dataset

what does a server cluster increasee?

performance and availability

what does a database cluster increase?

availability

how does a database cluster maintain consistency across different storage devices?

with synchronization

what is implemented with a large dataset cluster?

data partitioning and distribution

what two layers are required between nodes in a cluster?

one for accessing storage devices, another for executing IT resource orchestration

what are the two types of resource clusters?

load balance and HA

what does load balance cluster preserve?

centralization of IT resoure

what has redundant implementation of most clustered It resources?

a HA cluster (high availability)

what does a HA cluster implement?

failover system mechanisms

§ All the following can be improved by using clustering mechanism except a) Resource usage optimization b) Availability of the cloud resource. c) The cloud security d) The cloud performance

§ Clustered servers needs dedicated networks to a) Distribute workloads among clusters. b) To apply orchestration among cluster nodes c) To increase the availability of the resources d) To improve the performance of the cluster

Large dataset cluster mechanism is similar to a) Centralized database b) Distributed database c) Replicated Database d) Database failover mechanism

High availability cluster is different than load balanced cluster in the following a) Uses Active –active failover b) Uses Active –passive failover c) Uses Load-balancer d) Uses storage clusters

b *confimred with prof

§ How many cluster enabled hypervisors needed to implement 10 virtual servers for 2 physical server clusters each composed of 4 nodes a) 10 b) 4 c) 2 d) 8

what is used to overcome incompatibilities between cloud service and cloud customers?

multi-device broker

what does a multi device broker facilitate?

runtime data transformation

``` § All the following database transformations can be done by MULTI-Device broker except a) Adding constraints b) Changing data fields names c) Deleting rows or columns d) Change the data filed type ```

``` § What is the type of gateway needed by drobox cloud service to provide its services to mobile and desktop devices a) SQL Gateway b) Cloud Storage Gateway c) Mobile Device Gateway d) b and c ```

what are the four cloud management mechanisms?

remote, resource, billing, sla

remote admin systems provide the user interface and tools for what cloud resource administrators?

external ones

what are the two remote system admin portals?

usage and administration portal, and self service portal

cloud consumers like working with remote administration systems that offer what?

standardized api's

resource management system coordinates what in response to what action?

coordinates IT resources in response to management actions

what is core to the resource management system ?

VIM (virtual infrastructure manager)

what does a resource managment system contain?

a VIM and a VM image repository

what does an SLA management system apply for SLA data?

administration, collection, storage, reporting, runtime notifications

what does the SLA managmet system rely on?

SLA monitors

what does the billing management system rely on?

pay per use monitors

what is a billing managment system comprised of?

and pricing and contract manager, and a pay per use measurement repository

what are the 3 pricing models in billing management system

flat rate, pay per use, pay per allocation

ALL standard cloud managements functionalities provided through 1. APIs 2. Custom Applications 3. Open source modules 4. Cloud services

``` § Which of the following is used by remote administration system to control, and manage the cloud a) Resource Management System b) SLA Management System c) Billing Management System d) All of the above ```

§ Self-Service Portal is used for a) Initiating virtual machines b) Getting the usage of the virtual machines c) Getting possible configurations for the virtual machines d) Checking the status of virtual machines

§ What is the advantages of providing the remote administration system through standard APIs a) Easy to access the cloud administration b) Enable centralized administration for multiple clouds c) Can be used by different cloud administrators d) Easy to interoperate with single access security mechanism

Which of the following is not a task for remote administration system a) Issues receipts for the cloud consumer usage b) Releases cloud services upon consumer requests c) Manages the consumer payments d) Reports the consumer resources availability

Which of the following is the core of the resource management system a) hypervisors b) The virtual servers c) VIM d) LUN

``` § the resource management system can monitor the operation of the resources through a) SLA monitor b) VIM c) Pay per use Monitor d) Usage monitor ```

§ The VM image repository is used to save a) Active virtual machines images b) Hypervisor software images c) Virtual machines configuration templates images d) Virtual machine status image

§ SLA management repository stores a) Billable events b) Resource Usage events c) Resource status events d) None of the above

§ SLA Management System can be accessed through a) Usage and Administration Portal b) Self-Service Portal c) Directly through than SLA manger d) a and c

§ Which of the following is part of Billing Management System a) Billable events repository b) Pricing models repository c) Pricing manager d) All of the above

what does the cloud security mechanism of encryption preserve?

confidentiality and integrity of data

what does encryption rely on?

a cipher

what does encryption help counter?

man in the middle, eavesdropping, authorization issues, trust boundary overlap

what characteristic does symmetric encryption not have? why?

non-repudiation, you can't determine which party performed what action

TF: asymmetric encryption is slower than symmetric encryption

how is encryption most commonly provided for web based communication?

HTTPs

§ Which of the following attacks that Encryption can be used against ? a) traffic eavesdropping b) Malicious intermediary c) insufficient authorization d) All of the above

Which of the following can NOT be provided by private key encryption a) message confidentiality b) Message authenticity c) Message integrity d) Non of the above

§ Which of the following is transport layer security protocol a) SSL b) RC4 c) RSA d) Triple-DES

§ Which of the following is asymmetric encryption cipher a) SSL b) RC4 c) RSA d) Triple-DES

what clod threats can hashing solve?

malicious intermediary, insufficient authorization

§ Which of the of the following IT-Resources that Hashing technique can be applied for to check the originality of the resource ? § Data repositories § On-premise applications § Web-services § All of the above

§ Cloud consumer uses hashing technique to communicate with the cloud so any request sent by the consumer should include a) Message only b) Message and hashing algorithm c) Message and message digest d) The hash code only

Hashing technique can discover changes in the message by having both a) Original message and original message digest b) Changed message and original message digest c) Original message and changed message digest d) Changed message and original message digest

what do digital signatures provide?

data authenticity and integrity

what is involved in the digital signature process

hashing and assymetric encrytpion

what is encyrpted by the private key and appended to the original message in digital signing?

the message digest

The two major security concepts can be provided by the digital signature are a) Data integrity and non-repudiation. b) Data authenticity and confidentiality c) Data confidentiality and non-repudiation d) Non of the above

``` What are the two security mechanisms are applied to implement the digital signature? a) Hashing and public key encryption b) Hashing and private key encryption c) Hashing and secret key encryption d) Symmetric and asymmetric encryption ```

``` § Attacker having the public and private keys intercept a message with digital signature can violate a) message confidentiality and integrity b) message confidentiality only c) message integrity only d) Nothing violated ```

what is a PKI?

public key infrastructure - associated a public key with its owner

what does a PKI rely on?

digital certificates

what are digital certificated signed by?

third party certificate authority

§ The digital certificate should include a) Authorized consumer public key b) Consumer identity authorized by a private key c) Authorized consumer identity and public key d) Authorized private key

what is an IAM

identity and access manager

what are teh four main componenents of an IAM

authentication, authorization, user management , credential management

what is an IAM used to counter?

insufficient authentication, denial of service, and overlapping trust boundaries

what does authorization define?

the correct granularity for access controls

what does user management involve?

creating access groups, resetting passwords, defining password policies, managing user priveleges

what threat to credential management address?

insufficient authorization

``` § Which one of the following IAM components has responsibility to create new user password? a) Authentication b) Authorization c) User Management d) Credential Management ```

Which one of the following IAM components can provide the face id access? a) Authentication b) Authorization c) User Management d) Credential Management

what authenticates cloud users in SSO?

a security broker

what security threats does SSO address?

none

what does SSO enhance?

usability

``` Which of the following cloud quality factors that single sign on security mechanism can improve it? a) Security b) Usability c) Availability d) Resource usage ```

Single sign on is optimum for the authentication of the administrators that managed a) Single cloud recourses b) Distributed resources in multiple cloud providers c) On-premise resources d) Non of the above

what process creates a cloud based security group

cloud based resource segmentation

what security threats does clod based security groups help adress?

denial of service, sufficient authentication and overlapping trust boundaries

§ What is correct about the security group IT-Resources a) They are virtual servers b) They have the same capacity configurations c) They have the same security rules and mechanism d) They have the same virtual network

``` § Which of the following cloud infrastructure cloud mechanism can be similar to the security groups a) Virtualization b) Logical network perimeter c) Replication d) None of the above ```

what is software hardneing?

stripping away unnecessary features of a software to remove potential vulnerabilities

what cloud security threats does virtual server hardening help prevents?

DOS, insufficient auth, trust boundaries

§ Hardening process can be done for a) Virtual servers b) Physical servers c) Database servers d) All of the above

§ All the following tasks can be done during the Virtual server hardening except a) Removing programs b) closing server ports c) Upgrading memories d) disabling services

what is the purpose of workload distribution architecture?

to reduce it under utilization and over utilization

what does workload distibution architecture rely on?

sophistication of load balancing mechanism and run time logic

what does workload distribution architecture support?

cloud services, virtual servers, cloud storage devices

what are the 3 mechanisms for workload distribution architecture?

load balancing, cloud storage device, and virtual server

a) Replicated data storages b) Load balancer c) Security broker d) Resource cluster

``` Which of the following is applying the workload distribution architecture to implement its mechanism a) Cloud data storages b) Load balancer c) Security broker d) Resource cluster ```

§ Which one of the following architectures is reducing the over utilization of ITresources a) Workload Distribution Architecture b) Resource Pooling Architecture c) Dynamic Scalability Architecture d) Elastic Resource Capacity Architecture

what is the underlying principle of resource pooling architecture

that resource pools with identical IT resources are synchronized

what is a sub-pool

a resource pool within a resource pool (of resource pools)

when are nested pools commonly used?

when cloud services need to be rapidly instantiated with the same type of it resource and the same configuration

Which of the following are correct about the resource pool a) Group of multi-type resource instances. b) Group of single resource type instances that have different configuration. c) Group of sub pools d) Group cloud mechanisms

§ IF we have pool A comprised { 10 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage } which of the following is possible sibling of parent A a) { 8 : 1 G Ram ,2 : dual Core CPU, 4 : 10G storage } b) { 2 : 4 G Ram ,2 : Quad Core CPU} c) {1 : 100G storage } d) { 8 : 8 G Ram ,10 : Quad Core CPU}

IF we have pool A comprised { 10 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage } which of the following is possible nested pool a) { 8 : 8 G Ram ,2 : dual Core CPU, 4 : 100G storage } b) { 2 : 8 G Ram ,2 : Quad Core CPU} c) { 8 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage } d) { 8 : 8 G Ram ,10 : Quad Core CPU, 5 : 100G storage }

what is dynamically scaling architecture based on?

predefined scaling conditions

in dynamically scaling architecture what dictates the new IT resources that need to be added to workload processing?

the automated scaling listener

what type of scaling handles fluctuatioing workload?

horizontal

what type of scaling handles the need to adjust processing capacity of single IT resource

vertical

what type of scaling relocates an IT resource to a host withmore capacity?

rellocation

``` § Moving virtual machine to new physical host in order to accommodate dynamic memory upgrade is a) Dynamic Horizontal Scaling b) Dynamic vertical Scaling c) Dynamic reallocation d) Dynamic virtualization ```

§ In order to accommodate the increase in the database inquiries, the hypervisor has been asked to add more storage to the virtual database server A then the replication monitor create new instance B of the virtual database server A to process 30% of the incoming requests while the other 70% requests is served by server A, what is the type of the scaling has been applied in this sitiuation a) Load balance scaling b) Horizontal scaling c) Vertical scaling d) Horizontal and vertical scaling

§ Which of the following are the main mechanisms that used to apply horizontal scaling a) Hypervisor & Pay-Per-Use Monitor b) Cloud Usage Monitor & automated scaling listener c) automated scaling listener & Hypervisor d) automated scaling listener & resource replication

elastic resource capacity architecture provisions what dynamically? in response to what?

virtual servers, fluctuating processing requirements

what is an intelligent automation engine?

executes workflow logic which automates some administrative tasks

what additional mechanisms can be included in an elastic resource capacity architecture

cloud usage monitor, pay per use monitor, resource replicator

dynamic scalability architecture uses what ore mechanisms

resource replicator and automated scaling listener

what additional mechanisms can the dynamic scalability architecture use

cloud usage monitor, hypervisor, pay per use monitor

Elastic Resource Capacity Architecture is based in the following scaling a) Vertical b) Horizontal c) Multidimensional d) Storage and server

§ An intelligent automation engine is mainly applied in the following architecture a) Dynamic Scalability Architecture b) Elastic Resource Capacity Architecture c) Cloud Bursting Architecture d) Elastic Disk Provisioning Architecture

Intelligent Automation Engine is used to determine a) how many new virtual server instances needed to be replicated b) the upgrades needed to be added to the virtual servers c) The upgrades need to be added to the physical servers d) The virtual server usage

service load balancing architecture is most similar to what other architecture?

workload distribution architecture

service load balancing architecture uses what type of cloud service deployment?

redundant

duplicated cloud services are grouped into what in service load balancing architecture

resource pools

what are the mechanisms in service load balancing architecture?

cloud usage monitor, resource cluster, resource replication

``` § All the following are main mechanisms to apply the Service Load Balancing Architecture except a) Cloud Usage Monitor b) Resource Cluster c) Resource Replication d) Multitenancy ```

§ Which of the following is not correct regarding the service load balancer a) Can be independent to the service b) Can be embedded in the service c) Balance the load between service instances d) can be imbedded in the host server

§ resource replication in Cloud Bursting Architecture is always done for a) Cloud resources b) On-premise resources c) Virtual servers d) Virtual storages

§ Cloud bursting architecture implements the dynamic scaling by adding and releasing a) resources to cloud environment b) Resources to on-premise environment c) Cloud resources to on-premise environment d) On-premise resources to cloud environment

what mechanisms are core to cloud bursting architecture

resource replication and automated scaling listener

what core mechanisms are used in elastic disk provisioning architecture?

cloud storage device, virtual server, pay per use monitor, hypervisor

what additional mechanisms can be used in elastic disk provision architecture?

cloud usage monitor, resource replication

§ 400 G storage are provided through Elastic disk provisioning technology how much the consumer will be charged if used 30% of the storage and billing rate is 20 cent per 1 G Storage a) 80 $ b) 24 $ c) 56 $ d) 20 $

§ 400 G storage are provided through thick provisioning technology how much the consumer will be charged if used 30% of the storage and billing rate is 20 cent per 1 G Storage a) 80 $ b) 24 $ c) 56 $ d) 20 $

The redundant storage architecture introduces what?

a secondary duplicate cloud | storage device

what diverts cloud consumer requests to the secondary | device whenever the primary device fails

§ A storage service gateway

redundant storage architecture primarily | relies on what?

storage replication system

§ Which of the following is correct about the LUN a) Used to assign storage device to virtual servers b) Represent the physical locations of virtual storage device c) Used to apply redundant storage cloud architecture d) All of the above

§ A storage service gateway is used to a) Balance between multiple storage devices b) Divert request to the current active storage c) Reject invalid requests to the storage devices d) All of the above

§ State management database can help in a) Convert stateless service to stateful service b) Convert stateful service to stateless service c) Store the data of the stateless service d) Store the data of the stateful service

``` § Which of the following most be improved by using state management database mechanism? a) Resources usage optimization b) Resources availability c) Resources performance d) Resources replication ```