C90.02A: Cloud Computing Mechanism Flashcards Preview

Certified Cloud Technology Professional > C90.02A: Cloud Computing Mechanism > Flashcards

Flashcards in C90.02A: Cloud Computing Mechanism Deck (91)
Loading flashcards...
1
Q

Which of the following cloud computing mechanisms can exist as a service agent that monitors and keeps track of communication between cloud service consumers and cloud services for load balancing purposes?

A. multi-device broker
B. pay-for-use monitor
C. resource replicator
D. automated scaling listener

A

D. automated scaling listener

2
Q

A failover system can increase ___________________and ___________________ by using _______________ technology.

A. resources, usage thresholds, legacy
B. reliability, availability, clustering
C. flexibility, integrity, real-time
D. confidentiality, responsiveness, cloud

A

B. reliability, availability, clustering

3
Q
A virtual server is a form of \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ software that emulates a(n) \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ computer.
A. virtual monitoring, on-premise 
B. virtual monitoring, cloud-based 
C. virtualization, physical
D. virtualization, logical
A

C. virtualization, physical

4
Q

The ____________________ is a service agent that can measure the usage of a cloud-based IT resource by a cloud consumer for billing purposes.

A. automated scaling listener
B. pay-for-use monitor
C. multi-device broker
D. resource replicator

A

B. pay-for-use monitor

5
Q

A ____________________ is a pre-defined cloud-based platform comprised of a set of already installed IT resources that can be used and customized by a cloud consumer.

A. failover system
B. pay-for-use monitor
C. ready-made environment
D. multi-device broker

A

C. ready-made environment

6
Q

A ___________________ is an IT resource that contains mapping logic capable of performing runtime transformation to enable communication between a cloud service and different types of cloud service consumers.

A. failover system
B. pay-for-use monitor
C. ready-made environment
D. multi-device broker

A

D. multi-device broker

7
Q

Which of the following is an IT resource that can be provided in a ready-made environment?

A. database
B. development tool
C. virtual server
D. All of the above.

A

D. All of the above

8
Q

A ___________________ is a mechanism used to temporarily persist certain types of data as an alternative to caching the data in memory.

A. resource replicator
B. state management database
C. failover system
D. multi-device broker

A

B. state management database

9
Q

A hypervisor can independently manage and monitor the virtualization of multiple virtual servers, and is therefore associated with the __________________ mechanism.

A. pay-for-use monitor
B. automated scaling listener
C. multi-device broker
D. None of the above.

A

D. None of the above

10
Q

Which of the following cloud computing mechanisms helps enable on-demand usage by allowing cloud services to be configured to support higher usage thresholds automatically, and within pre- defined parameters?

A. pay-for-use monitor
B. automated scaling listener
C. multi-device broker
D. resource replication

A

B. automated scaling listener

11
Q

Assuming a cloud service is configured to support on-demand usage, which of the following cloud computing mechanisms would the cloud provider need to use in order to keep track of what to charge cloud consumers?

A. on-demand usage listener
B. multi-device broker
C. resource billing replicator
D. None of the above.

A

D. None of the above

12
Q

__________________ represents the ability of a cloud platform to keep track of the usage of its IT resources by cloud consumers, and is therefore directly related to the __________________ mechanism.

A. Replicated usage, cloud monitor
B. Measured usage, pay-for-use monitor
C. Agent usage, on-premise monitor
D. None of the above.

A

B. Measured usage, pay-for-use monitor

13
Q

Which of the following IT resources are examples of multi-device brokers?

A. An XML gateway that performs runtime transformation of messaging protocols.
B. A cloud storage gateway that performs runtime transformation of cloud storage device protocols.
C. A middleware product that performs runtime transformation of XML schemas.
D. All of the above.

A

D. All of the above

14
Q

A cloud service can be hosted by a physical server or a virtual server. When using the failover system mechanism, the same cloud service cannot be hosted by more than one physical server.

A. True
B. False

A

B. False

15
Q

Which of the following statements are true about the failover system mechanism?

A. A failover system can only be used for legacy batch programs.
B. A failover system cannot span over more than one geographical region.
C. A failover system can be used to make redundant implementations of the same cloud service.
D. A failover system can be used to avoid introducing cloud services as single points of failure.

A

C. A failover system can be used to make redundant implementations of the same cloud service.

D. A failover system can be used to avoid introducing cloud services as single points of failure.

16
Q

Which of the following statements are true about the state management database mechanism?

A. Software programs can off-load state data to a state management database in order to reduce the amount of runtime memory they consume.
B. The use of a state management database can improve scalability.
C. State management databases rely on the use of virtualization software.
D. The use of state management databases requires a ready-made environment.

A

A. Software programs can off-load state data to a state management database in order to reduce the amount of runtime memory they consume.

B. The use of a state management database can improve scalability.

17
Q

It is possible to make ten virtual servers available via two physical servers.

A. True
B. False

A

A. True

18
Q

A human working for a cloud consumer can access a virtual server to set up or maintain a cloud service that belongs to the cloud consumer.

A. True
B. False

A

A. True

19
Q

The resource replication mechanism can encompass a hypervisor that can support the multitenancy cloud characteristic.

A. True
B. False

A

A. True

20
Q

A ready-made environment must be hosted by and accessed via a virtual server.

A. True
B. False

A

B. False

21
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the elasticity cloud characteristic?

A. virtualserver
B. automated scaling listener
C. resource replication
D. pay-for-use monitor

A

A. virtualserver
B. automated scaling listener
C. resource replication
D. pay-for-use monitor

22
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the multitenancy cloud characteristic?

A. automated scaling listener
B. failover system
C. resource replication
D. virtual server

A

C. resource replication

D. virtual server

23
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the
resiliency cloud characteristic?

A. automated scaling listener
B. failover system
C. resource replication
D. state management database

A

B. failover system
C. resource replication
D. state management database

24
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the on- demand usage cloud characteristic?

A. automated scaling listener
B. failover system
C. resource replication
D. pay-for-use monitor

A

A, D

25
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the measured usage cloud characteristic?

A. automated scaling listener
B. pay-for-use monitor
C. resource replication
D. state management database

A

B. pay-for-use monitor

26
Q

Which of the following cloud computing mechanisms are directly associated with the realization of the ubiquitous access cloud characteristic?

A. failover system
B. multi-device broker
C. ready-made environment
D. virtual server

A

B. multi-device broker

27
Q

Which of the following cloud computing mechanisms is not directly associated with the realization of the resiliency cloud characteristic?

A. automated scaling listener
B. failover system
C. resource replication
D. state management database

A

A. automated scaling listener

28
Q

The ___________________ mechanism is directly associated with the realization of the ubiquitous access cloud characteristic.

A. resource replication
B. state management database
C. multi-device broker
D. automated scaling listener

A

C. multi-device broker

29
Q

_______________________ is a form of dynamic routing whereby a cloud service consumer’s request is redirected to one of several redundant IT resources located on different clouds.

A. Cloud balancing
B. Cloud bursting
C. Replication leveling
D. Virtual state caching

A

A. Cloud balancing

30
Q

Two redundantly deployed cloud services need to be configured so that they are kept in sync with each other. Which of the following roles would be most suitable for this task?

A. cloud service consumer
B. cloud service owner
C. cloud resource administrator
D. None of the above.

A

C. cloud resource administrator

31
Q

_______________________ is a form of dynamic scaling whereby on-premise IT resources can scale into a cloud when pre-defined thresholds are reached.

A. Resource leveling
B. Resource replication
C. Resource virtualization
D. None of the above.

A

D. None of the above

32
Q

Where is the automated scaling listener in a cloud bursting architecture most commonly deployed?

A. on-premise with the cloud consumer
B. in the cloud that hosts the cloud-based IT resources being scaled
C. in a separate cloud from the cloud-based IT resources being scaled
D. None of the above.

A

A. on-premise with the cloud consumer

33
Q

Which cloud computing mechanism is used to maintain synchronicity between on-premise and cloud-based IT resources?

A. automated scaling listener
B. failoversystem
C. pay-for-use monitor
D. None of the above.

A

D. None of the above

34
Q

In a cloud bursting environment, cloud-based IT resources typically remain idle until an actual cloud burst occurs.

A. True
B. False

A

A. True

35
Q

Cloud balancing can be used to increase both the availability and scalability of IT resources.

A. True
B. False

A

A. True

36
Q

In a cloud balancing environment, routing criteria can be based on which of the following factors?

A. load balancing of cloud-based IT resources
B. on-premise service usage
C. cloud bursting thresholds
D. None of the above. Cloud bursting does not utilize routing logic.

A

A. load balancing of cloud-based IT resources

37
Q

Which of the following mechanisms are combined in a cloud balancing architecture?

A. automated scaling listener
B. failover system
C. multi-device broker
D. pay-for-use monitor

A

A. automated scaling listener

B. failover system

38
Q

Cloud balancing cannot be achieved by redundantly deploying IT resources in advance. Redundant instances of IT resources must be dynamically generated on-demand, at runtime.

A. True
B. False

A

B. False

39
Q

Which of the following mechanisms are combined in a cloud bursting architecture?

A. automated scaling listener
B. failoversystem
C. multi-device broker
D. resource replication

A

A. automated scaling listener

D. resource replication

40
Q

Which of the following security threats is classified as a data-oriented threat?

A. insufficient authorization
B. malicious intermediary
C. overlapping trust boundary
D. virtualization attack

A

B. malicious intermediary

41
Q

Messages being sent from a cloud service consumer to a cloud service are intercepted and maliciously altered by an intermediary service. This is an example of which cloud security threat?

A. denial of service
B. insufficient authorization
C. virtualization attack
D. None of the above.

A

D. None of the above

42
Q

The ___________________ attack occurs when access is granted to an attacker erroneously or too broadly, resulting in the attacker gaining access to IT resources that are normally protected.

A. denial of service
B. malicious intermediary
C. insufficient authorization
D. virtualization

A

C. insufficient authorization

43
Q

Cloud Service A resides on Virtual Server A and Cloud Service B resides on Virtual Server B. Both virtual servers are hosted by the same physical server and the trust boundaries of Cloud Services A and B overlap.
A cloud service consumer successfully uses Cloud Service A to gain access to the underlying physical server. This enables the cloud service consumer to attack Cloud Service B, which negatively affects the cloud service consumers of Cloud Service B. This is an example of which cloud security threat?

A. denial of service
B. insufficient authorization
C. weak authorization
D. None of the above.

A

D. None of the above

44
Q

A malicious cloud service consumer circumvents the authentication enforced by the virtual server and manages to attack the underlying hardware directly. This is an example of which cloud security threat?

A. denial of service
B. insufficient authorization
C. information leakage
D. None of the above.

A

D. None of the above

45
Q

A cloud provider grants cloud consumers administrative access to a virtual server. One of the cloud consumers deploys a cloud service consumer that abuses its administrative access to exploit the underlying physical server. This kind of attack is known as: __________________ .

A. bufferoverrun
B. weak authorization
C. virtualization attack
D. information leakage

A

C. virtualization attack

46
Q

A virtual server is being attacked by a malicious cloud service consumer that is generating increased usage loads upon the underlying physical server. As a result, other virtual servers being hosted by the physical server are becoming unavailable to other cloud service consumers. This kind of attack is known as: __________________.

A. denial of service
B. overlapping trust boundary
C. insufficient authorization
D. buffer overrun

A

A. denial of service

47
Q

Which of the following are security threats that are directly related to the multitenancy cloud characteristic?

A. XML parser attack
B. virtualization attack
C. overlapping trust boundary
D. information leakage

A

B. virtualization attack

C. overlapping trust boundary

48
Q

Which of the following are classified as access-oriented threats?

A. denial of service
B. malicious intermediary
C. overlapping trust boundary
D. virtualization attack

A

A. denial of service
C. overlapping trust boundary
D. virtualization attack

49
Q

In a denial of service attack, the attacker can cause increased loads on a physical server by overloading it with communication requests. Alternatively, the attacker can engage the physical server in tasks that result
in excessive memory usage.

A. True
B. False

A

A. True

50
Q

Which of the following can be the result of a successful malicious intermediary attack?

A. The confidentiality of a message is comprised.
B. The integrity of a message is comprised.
C. Private or sensitive data within a message is accessed by the attacker.
D. Harmful data is inserted into a message.

A

A. The confidentiality of a message is comprised.
B. The integrity of a message is comprised.
C. Private or sensitive data within a message is accessed by the attacker.
D. Harmful data is inserted into a message.

51
Q

A successful attack on a virtual server within a public cloud will negatively impact multiple cloud consumers, as long as none of the cloud consumers share the same trust boundary that encompasses the underlying physical server.

A. True
B. False

A

B. False

52
Q

When a pay-for-use mechanism is in place, a denial of service attack can target IT resources leased to a specific cloud consumer, resulting in the cloud consumer being charged for the extra usage.

A. True
B. False

A

A. True

53
Q

F1. Encryption is a security mechanism used to realize __________________.

A. availability
B. authentication
C. confidentiality
D. None of the above.

A

C. confidentiality

54
Q

An encrypted message is rendered unreadable except by those in possession of a __________________.

A. decryptedmessage
B. buffer
C. securitygroup
D. secret

A

D. secret

55
Q

Which of the following security mechanisms enables one cloud service consumer to be authenticated by a security broker, so that its security context is persisted when accessing other cloud services?

A. digital certificates
B. certificate authority
C. single sign-on
D. None of the above.

A

C. single sign-on

56
Q

The cloud service consumer sends its authentication ___________________ to the security broker. After successful authentication, the security broker responds with an authentication __________________ with which the cloud service consumer can access other cloud services. This describes how the __________________ security mechanism works.

A. token, acknowledgement certificate, certificate authority
B. credentials, token, single sign-on
C. certificate, message, certificate authority
D. certificate, key, single sign-on

A

B. credentials, token, single sign-on

57
Q

The single sign-on security mechanism helps mitigate which of the following threats? Select the correct answer.

A. malicious intermediary
B. denial of service
C. virtualization attack
D. None of the above.

A

D. None of the above

58
Q

With cloud-based security groups, a __________________ separation of network segments is performed. Each IT resource then becomes a member of __________________ security group(s).

Select the correct answer.

A. logical,only one
B. physical,only one
C. logical, one or more
D. physical, one or more

A

C. logical, one or more

59
Q

Hardened virtual server images are based on physical servers that have had unnecessary software programs removed in order to minimize potential security vulnerabilities.

Select the correct answer.

A. True
B. False

A

A. True

60
Q

The encryption security mechanism can help mitigate which of the following security threats? Select the correct answer.

A. malicious intermediary
B. insufficient authorization
C. overlapping trust boundary
D. All of the above.

A

D. All of the above

61
Q

Information that is encrypted is referred to as ___________________.

A. clear text
B. cipher text
C. plain text
D. secret text

A

B. cipher text

62
Q

Which of the following are data-oriented security mechanisms?

A. encryption
B. digital signatures
C. identity and access management
D. single sign-on

A

A. encryption

B. digital signatures

63
Q

When using the single sign-on security mechanism, a cloud service consumer is limited to being authenticated by a single cloud service.

A. True
B. False

A

B. False

64
Q

Which of the following technologies can be used to build cloud services?

A. Webservices
B. REST services
C. components
D. All of the above.

A

D. All of the above

65
Q

Cloud computing is a specialized form of ___________________ computing based on ___________________ access to IT resources.

A. legacy, local
B. batch, remote
C. distributed, remote
D. centralized, local

A

C. distributed, remote

66
Q

Which of the following are established industry standards used with SOAP-based Web services?

A. WADL/JSON
B. SOAP
C. XML Schema
D. WSDL

A

B. SOAP

C. XML Schema

67
Q

The required parts of a SOAP message are the envelope document and the header and body sections.

A. True
B. False

A

B. False

Optional header and
Required body sections

68
Q

A cloud-based REST service is most commonly accessed using which of the following protocols?

A. FTP
B. HTTP
C. SOAP
D. RPC

A

B. HTTP

69
Q

Cloud services can be built as components because Web-based communication is not an essential requirement for an IT resource to be considered cloud-based.

A. True
B. False

A

A. True

70
Q

REST services share a uniform contract and therefore cannot be deployed in cloud environments without a multi-device broker mechanism.

A. True
B. False

A

B. False

71
Q

Cloud service consumers typically use HTTP methods to communicate with cloud-based REST services.

A. True
B. False

A

A. True

72
Q

Cloud services cannot be built as components that use proprietary technologies, such as Java and .NET. This is because the use of Web-based communication technology is required in order for a service to be cloud-based.

A. True
B. False

A

B. False

73
Q

A cloud service built as a component will have a service contract that is physically coupled to the service’s logic.

A. True
B. False

A

A. True

74
Q

A cloud service built as a SOAP-based Web service will have a service contract that is physically decoupled from the service’s logic.

A. True
B. False

A

A. True

75
Q

Which of the following are data storage levels used by cloud-based storage mechanisms?

A. dataset
B. files
C. block
D. All of the above.

A

D. All of the above

76
Q

With cloud storage, consumers only pay for the actual storage they use.

A. True
B. False

A

A. True

77
Q

Non-relational cloud storage is identical to traditional relational storage, except that it exists as a database hosted in a cloud environment instead of an on-premise environment. It is referred to as “non-relational” because the database is no longer able to form relationships with on-premise databases. As a result, two- phase commit transactions across cloud and on-premise environments are no longer possible.

A. True
B. False

A

B. False

78
Q

Because non-relational cloud storage avoids the processing overhead that can be imposed by relational databases, it can be more scalable.

A. True
B. False

A

A. True

79
Q

A cloud service consumer can access a cloud-based relational database via a cloud service.

A. True
B. False

A

A. True

80
Q

We exported data from our on-premise relational database to a cloud-based non-relational database. After the export, we noticed that the size of the cloud-based database was significantly larger than our on- premise database. What is the likely reason that the database size increased?

A. The transmission of the data over a wide area network resulted in the accumulation of additional meta data from HTTP headers that was stored in the non-relational database, resulting in the increase in data received by the cloud.
B. The data in the relational database was normalized and became denormalized after being exported into a non-relational database.
C. In order to support higher levels of scalability, the cloud-based database is required to add state data to the non-relational data it stores. This state data is used to synchronize instances of the database tables during runtime usage, but also increases the size of the overall database.
D. All of the above.

A

B. The data in the relational database was normalized and became denormalized after being exported into a non-relational database

81
Q

Black box testing refers to a technique where testers are provided with ___________________ visibility into an IT resource’s implementation architecture.

A. complete
B. periodic
C. no
D. None of the above.

A

C. no

82
Q

When performing white box testing on a cloud service, testers are only provided with access to the cloud service contract. Underlying details of the service implementation are hidden from testers.

A. True
B. False

A

B. False

83
Q

Which of the following types of testing are directly associated with testing the speed, responsiveness, stability and/or reliability of cloud-based IT resources?

A. virtualtesting
B. performance testing
C. stress testing
D. regression testing

A

B. performance testing

84
Q

We are building a new service composition comprised of two on-premise services and two cloud services. What type of testing should we perform in order to ensure specifically that the on-premise and cloud-based services can interact as required?

A. virtual testing
B. integration testing
C. stability testing
D. regression testing

A

B. integration testing

85
Q

Which of the following are primary areas of testing a cloud service in relation to information published in its service level agreement?

A. availability
B. reliability
C. performance
D. All of the above.

A

D. All of the above

86
Q

White box testing is commonly used with which of the following cloud delivery models?

A. Infrastructure-as-a-Service (IaaS)
B. Platform-as-a-Service (PaaS)
C. Software-as-a-Service (SaaS)
D. Replicated Software-as-a-Service (SaaS)

A

A. Infrastructure-as-a-Service (IaaS)

87
Q

Which of the following characteristics of cloud-based IT resources are difficult to fully test on Software-as-a- Service (SaaS) implementations?

A. availability
B. confidentiality
C. reliability
D. performance

A

A. availability

C. reliability

88
Q

Which of the following characteristics of cloud-based IT resources can be measured with Infrastructure-as- a-Service (IaaS) and Platform-as-a-Service (PaaS) implementations?

A. availability
B. confidentiality
C. reliability
D. performance

A

A. availability
C. reliability
D. performance

89
Q

Performance testing on Software-as-a-Service (SaaS) implementations is almost always carried out with a white box testing approach that does not involve the use of automated testing software.

A. True
B. False

A

B. False

90
Q

Which cloud computing mechanism is used to maintain synchronicity between on-premise and cloud-based IT resources?

Select the correct answer.

A. automated scaling listener
B. failover system
C. pay-for-use monitor
D. None of the above.

A

D. None of the above

91
Q

Cloud balancing cannot be achieved by redundantly deploying IT resources in advance. Redundant instances of IT resources must be dynamically generated on-demand, at runtime.

Select the correct answer.

A. True
B. False

A

B. False