S13-Cloud & Datacenter

Question 1

What are some Benefits of Cloud Computing?

Answer 1

• High Availability
• Scalability
• Elasticity
• Metered Utilization
• shared Resources
• File Sync

Question 2

High Availability

Answer 2

Service experience very little downtime

Question 3

Scalability

Answer 3

Ability to expand a system at a linear rate

Question 4

Elasticity

Answer 4

Ability to quickly scale up or down in response to fluctuating demand

Question 5

Metered Utilization

Answer 5

Being Charged for a service on a Pay per use Basis

Question 6

Shared Resources

Answer 6

Ability to minimize the costs by putting VMs on other servers

Question 7

File Sync

Answer 7

Ability to store data which can then spread to other places depending on config

Question 8

in terms of Scalability What are 2 ways you can scale?

Answer 8

• Vertical Scaling (Scaling up)
• Horizontal Scaling (Scale out)

Question 9

Vertical Scaling

Answer 9

Increasing the power of existing resources in the working environment

Question 10

Horizontal Scaling

Answer 10

Adding additional resources to help handle the extra load

Question 11

what is the Difference between a metered and Measured service?

Answer 11

Metered
- you are paying based on actual usage

Measured
- Paying for a certain amount of quantity upfront

Question 12

On - Premise Solution

Answer 12

All necessary components to run an Organization’s cloud need to be acquired, installed and configured.

Question 13

Hosted Solution

Answer 13

Third Party service provider, provides all the resources needed to maintain a cloud solution

Question 14

What is Multitenancy?

Answer 14

Hosted Solution provides service to several different orgs using the same hardware, but logically separates each.

Question 15

What are some things to consider when choosing a Hosted Solution?

Answer 15

• Authentication Mechanisms
• Redundancy & Fault tolerance
• Storage location and region legality

Question 16

What are the 3 main cloud service models?

Answer 16

• Software as a Service (SaaS)
• Platform as a Service (PaaS)
• Infrastructure as a Service (IaaS)

Question 17

What is SaaS?

Answer 17

“Software as a Service”

a cloud-based software delivery model where a provider hosts and manages applications, and users access them over the internet

• Full solution w/ Hosted Application Software

Question 18

What are some SaaS examples?

Answer 18

Microsoft Office 365, Goggle Drive, Turbo Tax, Dropbox, Netflix etc.

Question 19

What is PaaS?

Answer 19

“Platform as a Service”

provides a ready-to-use platform for developing, deploying, and managing applications.

• Hardware Infrastructure solution
• Infrastructure Software Solution (Middleware, Runtime, OS)

Question 20

PaaS Examples

Answer 20

AWS, Azure App Service, Google Cloud Platform (GCP)

Question 21

what is IaaS?

Answer 21

“Infrastructure as a Service”

a cloud computing model where a third-party provides on-demand access to virtualized infrastructure, including compute, storage, and networking resources

• Hardware focused Infrastructure solution

Question 22

IaaS Examples

Answer 22

Microsoft Azure Machines, Google Compute Engine, AWS EC2

Question 23

What are the 6 types of Cloud Deployment Models?

Answer 23

• Public
• Private
• Hybrid
• Community
• Multi-Tenancy
• Single-Tenancy

Question 24

Public

Answer 24

Service Provider makes resources available to end users over the internet
Eg. Google Drive

Question 25

Private

Answer 25

a cloud computing environment exclusively used by a single organization Eg. AWS GovCloud (US)

Question 26

Hybrid

Answer 26

Combination of private and Public clouds

Question 27

Single-Tenancy

Answer 27

Assigns a particular resource to a single Organization

Question 27

Community

Answer 27

Collaborative infrastructure shared between several organizations with common service needs

Question 28

Multi-Tenancy

Answer 28

Allows Customers to share computing resources in a public or private cloud

Question 29

Virtual Private Network (VPN)

Answer 29

an encrypted connection over the internet from a device to a network

Question 30

What is a Private-Direct Connection?

Answer 30

establishes a dedicated, secure link between a user's network and a cloud service provider's data center, bypassing the public internet

Question 31

Why a Private direct Connection over a VPN?

Answer 31

Private direct offers faster speeds & better performance - Multiple VPCs - Better Redundancy - Higher cost

Question 32

What Components make up cloud security?

Question 33

What is a VPC?

Answer 33

"Virtual Private Cloud" A private cloud environment built on top of a public cloud infrastructure.

Question 34

What is IAC?

Answer 34

"Infrastructure as Code" the practice of managing and provisioning IT infrastructure by using computer code instead of manual configuration or manual steps.

Question 35

What are some features and core components of VPC?

Answer 35

- Subnets - Route Tables - Internet Gateways - Network Address Translation Gateways - Network access Control lists - Security Groups - VPC Peering - VPC Endpoints - VPN connections

Question 36

Subnet (Vpc)

Answer 36

logical network segment that divides the VPC into smaller, isolated networks. can have Public and Private subnets

Question 37

Route Table

Answer 37

Contains a set of rules (routes), that determine where network traffic is directed within the VPC network

Question 38

Internet Gateway

Answer 38

a horizontally scaled, redundant, and highly available VPC component that allows communication between your Virtual Private Cloud (VPC) and the public internet

Question 39

Network Address Translation (NAT) Gateway

Answer 39

a managed service that enables instances in private subnets to connect to the internet by translating the private IP addresses of these instances to a public IP address,

Question 40

Network Access Control List (ACL)

Answer 40

VPC Feature that acts as a firewall, controlling traffic in and out of one or more subnets

Question 41

How does a Network ACL behave?

Answer 41

Like a stateless firewall: examines each network packet independently, without maintaining a record of previous connections.

Question 42

Security Groups

Answer 42

an instance level, virtual stateful firewall that controls inbound and outbound traffic for resources within a VPC

Question 43

How does a Security Group behave?

Answer 43

Like a Stateful Firewall: monitors and tracks the state of ongoing network connections to make decisions about which packets to allow through

Question 44

VPC Peering

Answer 44

A networking connection between 2 VPCs that enables routing traffic between them privately

Question 45

VPC Endpoints

Answer 45

virtual devices that provide secure, private connectivity between resources within a Virtual Private Cloud (VPC) and specific AWS services, without requiring public IP addresses or traversing the internet.

Question 46

What are some VPC advantages?

Answer 46

- Mixing Products from different Vendor - Faster network development - Automation and Policy Management

Question 47

Network Function Virtualization (NFV)

Answer 47

a networking approach that virtualizes network functions (like firewalls or load balancers) instead of relying on dedicated hardware appliances

Question 48

What 3 main components are needed for NFV?

Answer 48

- NFV Infrastructure - Management and Network Orchestration - Virtual Network Functions

Question 49

NFV Infrastructure

Answer 49

All the hardware and virtual resources needed for deploying, managing, and executing VNFs

Question 50

Management and network Orchestration (MANO)

Answer 50

Oversees the lifecycle management of the VNFs, and orchestrates the resources across the NFVI

Question 51

Virtual Network Functions (VNFs)

Answer 51

Software implementations of network functions previously bound to hardware devices.

Question 52

What are the advantages of NFV?

Answer 52

- Flexibility and Rapid deployments - Cost efficiency

Question 53

NFV drawbacks

Answer 53

- Need for security - Complex - Installation

Question 54

Software Defined Network (SDN)

Answer 54

Networking that uses software-based controllers or APIs to communicate with underlying hardware infrastructure and direct traffic on a network

Question 55

What are the 3 parts of a typical network architecture?

Answer 55

- Control Plane - Data Plane - Management Plane

Question 56

Control Plane

Answer 56

Carries the traffic that provides the signals to an from a router. Decides traffic priority and how its secured - Decides where data goes

Question 57

Data Plane

Answer 57

(Forwarding plane) Carries user traffic on the network - Moves the Data

Question 58

Management Plane

Answer 58

Administers the routers and switches inside the network and monitors traffic conditions and the status of the network

Question 59

Advantages of an SDN

Answer 59

- Flexibility - Speed and Agility - Automation - Security

Question 60

SDN Drawbacks

Answer 60

- Single Point of failure - High Vulnerability

Question 61

What are the 3 main types of SDNs?

Answer 61

- Open SDN - Hybrid SDN - SDN Overlay

Question 62

Open SDN

Answer 62

SDN that relies on open-source technology

Question 63

Hybrid SDN

Answer 63

Network that employs traditional SN protocols to operate itself

Question 64

SDN Overlay

Answer 64

a virtual network built on top of an existing physical network infrastructure,

Question 65

Software-Defined Wide Area Network (SD-WAN)

Answer 65

Virtually optimizing WAN connections to efficiently route traffic between remote sites, data centers, and cloud environments - Software based WAN architecture

Question 66

Virtual Extensible Local Area Network (VXLAN)

Answer 66

Network Virtualization technology that addresses the limitations posed by traditional network infrastructures

Question 67

How does a VXLAN work

Answer 67

Encapsulates L2 Ethernet frames within Layer 3 UDP packets

Question 68

What is included in a VXLAN packet?

Answer 68

- 24-bit VXLAN Network Identifier (VNI)

Question 69

How many Identifiers can VXLAN support?

Answer 69

- 16 million +

Question 70

What are the 2 primary VXLAN components?

Answer 70

- VXLAN Tunnel End Points - VXLAN Segments

Question 71

VXLAN Tunnel End Points (VTEPs)

Answer 71

Encapsulates and de-encapsulates Ethernet frames into VXLAN packets

Question 72

VXLAN segments

Answer 72

Layer 2 network overlaid onto a Layer 3 network that is then identified by a unique 24-bit VNI

Question 73

VXLAN Benefits

Answer 73

- Scalability (supports 16 mil V-networks) - Flexibility (extend L2 networks across different data centers and clouds) - Improved Utilization (Optimizes traffic flows)

Question 74

VXLAN Drawbacks

Answer 74

- Complex - Latency - Configuration

Question 75

Secure Access Secure Edge (SASE)

Answer 75

a cloud-based framework that combines network and security functions into a single service.

Question 76

Security Service Edge (SSE)

Answer 76

Subset of SASE that focuses on Security services to protect access between users, devices, and the cloud

Question 77

Secure Web Gateway (SWG)

Answer 77

Used to inspect and filter unwanted Software and Malware from user-initiated web and internet traffic.

Question 78

Cloud Access Security Broker (CASB)

Answer 78

Border device between cloud service consumers and providers to monitor activity and enforce security Policies

Question 79

Zero Trust Network Access (ZTNA)

Answer 79

Designed on the principle that trust is not a default for any user or device, inside or outside the organization's network