MODULE 2

Question 1

Write steps for Creating a Virtual Machine: Configure and deploy a virtual
machine with specific CPU and memory requirements in Google Cloud.
[or]
Write 5 commands and explain Exploring AWS Cloud Shell

Answer 1

Step 1: Sign in to Google Cloud Console
1. Go to Google Cloud Console: https://console.cloud.google.com/
2. Log in with your Google Account.
L2 7
3. Select or create a new project from the top navigation bar.
Step 2: Open Compute Engine
1. In the left sidebar, navigate to “Compute Engine” → Click “VM
instances”.
2. Click “Create Instance”.
Step 3: Configure the Virtual Machine
1. Name the VM
* Enter a name for your VM instance.
2. Select the Region and Zone
* Choose a region close to your target audience or users.
* Choose an availability zone (e.g., us-central1-a).
3. Choose the Machine Configuration
* Under “Machine Configuration”, select:
o Series (E2, N1, N2, etc.)
o Machine type (Select based on your CPU & RAM needs)
▪ Example:
▪ e2-medium (2 vCPU, 4GB RAM)
▪ n1-standard-4 (4 vCPU, 16GB RAM)
▪ Click “Customize” if you want specific CPU &
RAM.
4. Boot Disk (Operating System)
* Click “Change” under Boot Disk.
* Choose an Operating System (e.g., Ubuntu, Windows, Debian).
* Select disk size (e.g., 20GB or more).
5. Networking and Firewall
* Enable “Allow HTTP Traffic” or “Allow HTTPS Traffic” if needed.
* Click “Advanced options” for networking configurations.
Step 4: Create and Deploy the VM
1. Review all the configurations.
2. Click “Create” to deploy the VM.
3. Wait for the instance to be provisioned.
Step 5: Connect to the VM
1. Using SSH (Web)
* Go to Compute Engine → VM Instances.
* Click “SSH” next to your VM instance.
2. Using SSH (Terminal)
* Open Google Cloud SDK (Cloud Shell) or your local terminal.
* Run:
gcloud compute ssh your-instance-name –zone=us-central1-a
Step 6: Verify and Use the VM
* Check CPU and Memory:
lscpu # CPU details
free -h # Memory details
* Install required software (example: Apache web server)
sudo apt update && sudo apt install apache2 -y
Step 7: Stop or Delete the VM (Optional)
* Stop the VM:
gcloud compute instances stop your-instance-name –zone=us-central1-a
* Delete the VM:
gcloud compute instances delete your-instance-name –zone=us-central1-a

Question 2

Explain VM based intrusion detection system.

Answer 2

Importance of Intrusion Detection (ID) in Cloud
* Detects and responds to attacks on systems and data.
* Required by many security standards and regulations.
* Must be integrated into any cloud deployment strategy.

☁️ Intrusion Detection by Cloud Service Model
1. Software as a Service (SaaS)
* IDS responsibility: Provider
* Customer role: Limited, may access logs for monitoring.
2. Platform as a Service (PaaS)
* IDS responsibility: Provider
* Customer role: Can configure app logs for external monitoring.
3. Infrastructure as a Service (IaaS)
* IDS responsibility: Shared
* Customer has flexibility to deploy IDS within VMs, networks, etc.

🧭 Where to Perform Intrusion Detection in IaaS
1. Within Virtual Machines (VMs)
o Customer-managed HIDS
o Detects activity inside VM.
2. At Hypervisor or Host Level
o Provider-managed HIDS
o Monitors VM-to-VM traffic and host behavior.
3. In Virtual Network
o IDS monitors intra-VM and VM-host traffic (stays within
hypervisor).
4. In Traditional Network
o Provider-managed NIDS
o Detects traffic entering or leaving the host system.

👥 Responsibility Clarification
* Providers:
o Deploy and manage IDS (host, hypervisor, virtual network).
o Must notify customers (via SLA) of any relevant attacks.
* Customers:
o Deploy HIDS inside VMs.
o Integrate IDS into their monitoring systems.
o Must negotiate visibility/alerts via contracts.

🛡️ Types of Intrusion Detection Systems
1. Host-Based IDS (HIDS)
* Runs on individual VMs (by customer) or host (by provider).
* Monitors system activities and logs.
* Challenge: Limited provider transparency for hypervisor HIDS.
2. Network-Based IDS (NIDS)
* Monitors traditional network traffic.
* Limitations:
o Cannot inspect virtual network traffic.
o Ineffective against encrypted traffic.
3. Hypervisor-Based IDS (via VM Introspection)
* Monitors all inter-VM and VM-hypervisor communications.
* Advantage: Full visibility.
* Limitation: Complex, emerging technology; provider-managed.

Question 3

Explain how Migration of Memory, Files, and Network Resources happen in
cloud computing.

Answer 3

1. Memory Migration
   * Moves the VM’s memory state from source to destination host.
   * Internet Suspend-Resume (ISR) technique uses temporal locality to avoid
   redundant transfers.
   * Tree-based file structures allow only changed files to be sent.
   * ISR results in high downtime, suitable for non-live migrations.
   * Efficient memory handling is essential due to large size (MBs to GBs) and
   need for speed.
2. File System Migration
   * VMs need consistent, location-independent file systems on all hosts.
   * Using a virtual disk per VM is simple but not scalable.
   * Global/distributed file systems remove need for full file copying.
   * ISR copies only the required VM files into the local file system.
   * Smart copying and proactive transfer reduce data by using spatial
   locality and prediction.
3. Network Migration
   * Migrated VMs must retain all open network connections.
   * VMs use virtual IP/MAC addresses, independent of host hardware.
   * ARP replies notify the network of new locations (on LAN).
   * Live migration enables no downtime, with iterative precopy or postcopy
   techniques.
   * Precopy allows continuous execution but may suffer network load;
   postcopy reduces data size but increases downtime.
4. Live Migration Using Xen
   * Xen supports live VM migration with minimal service interruption.
   * Dom0 manages migration, using send/receive and shadow page tables.
   * RDMA enables fast transfer by bypassing TCP/IP stack and CPU.
   * Memory compression is used to reduce data size and overhead.
   * Migration daemons track and send modified pages based on dirty
   bitmaps.

Question 4

Explain in detail about Implementation Levels of virtualization.

Answer 4

1. Instruction Set Architecture (ISA) Level Virtualization
2. Emulates a guest ISA on a host with a different ISA.
3. Allows execution of legacy or cross-platform binary code.
4. Achieved through code interpretation or dynamic binary translation.
5. Very flexible but has low performance due to instruction overhead.
6. Adds a software translation layer between compiler and processor.
7. Hardware Abstraction Level Virtualization
8. Virtualizes hardware directly using a hypervisor (e.g., Xen, VMware).
9. Provides virtual CPUs, memory, and I/O to guest OSs.
10. High performance due to close interaction with physical hardware.
11. Complex to implement and manage.
12. Enables running multiple OSs on the same physical machine.
13. Operating System Level Virtualization
14. Provides isolated user-space instances (containers).
15. Shares a single OS kernel across all containers.
16. Efficient resource use and fast startup.
17. Limited flexibility – all containers must use the same OS.
18. Suitable for lightweight server consolidation
19. Library Support Level Virtualization
20. Virtualizes the API layer between apps and OS.
21. Allows apps to run in different environments (e.g., WINE for Windows
    apps on UNIX).
22. Less overhead than full system virtualization.
23. Not all applications may work correctly.
24. Useful for GPU virtualization (e.g., vCUDA).
25. User/Application-Level Virtualization
26. Virtualizes individual applications as isolated units.
27. Examples include JVM (.java) and .NET CLR (.NET apps).
28. Easy to deploy and portable across platforms.
29. Limited isolation compared to lower-level virtualization.
30. Used in sandboxing, application streaming, and secure app deployment.