2.2 - Summarize virtualization and cloud computing concepts. Flashcards

1
Q

IaaS (Infrastructure as a service)

A

-AKA HaaS (Hardware as a Service)
->Outsource ur equipment

-ur still responsible 4 the mgmt + sec
-ur data is out there, but more within ur ctrl

-Web server providers
-AWS, MS Azure, Google Cloud Platform (GCP)

-allows customers to purchase + interact wth basic building blocks of a tech infra
->include: computing, storage, nets
-customers
->have flexibility to config + manage those services to meet own business needs
->doesn’t have to worry about the mgmt of underlying hardware BUT have the ability to customize components

-provider
->has to implement sec ctrls that prevent customers from eavesdropping on each other or interfering wth each others use of the infra environ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

PaaS (Platform as a service)

A

-No servers, no software, no maintenance team, no HVAC
->Someone else handles the platform
->u handle the development

-u don’t have direct control of;
->data, people, or infrastructure
->trained sec professionals r
watching ur stuff -> Choose carefully
Put the building blocks together

– Develop ur app from what’s
available on the platform (salesforce)

-builds + manages infra + offers execution environ
-execution environ may include;
->code libraries, services, tools that facilitate code execution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SaaS (Software as a service)

A

-on demand software
-no local installation
-central mgmt of data + apps
-complete app offering (no development work required)

-provider
->responsible 4 everything from op of data center to performance mgmt of the app

-customer
->only responsible 4 limited config of the app itself/selection of what data to use wth it/access ctrls to limit access to that idea

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

XaaS (Anything as a service)

A

-broad description of all cloud models
->Use any combination of the cloud

-Services delivered over the Internet
->Not locally hosted or managed

-Flexible consumption model
->No large upfront costs or ongoing licensing

-IT becomes more of an operating model
->And less of a cost-center model
->Any IT function can be changed into a service

-X indicates nature of specific service (SaaS, IaaS, etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Public (cloud models)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Community (cloud models)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Private (cloud models)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hybrid (cloud models)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cloud service providers

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Managed service provider (MSP)/ managed security service provider (MSSP)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

On-premises vs. off-premises

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fog computing

A

Fog
->A cloud that’s close to your data
->Cloud + Internet of Things - Fog computing
-A distributed cloud architecture
->Extends the cloud

-Distribute the data and processing
->Immediate data stays local -> No latency
->Local decisions made from local data
->No bandwidth requirements
->Private data never leaves -> Minimizes security concerns
-Long-term analysis can occur in the cloud - Internet
only when required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Edge computing

A

-Process application data on an edge server
-Close to the user
-Often process data on the device itself
->No latency, no network requirement
->increased speed and performance
->Process where the data is

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Thin client

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Containers

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Microservices/API

A
17
Q

Software-defined networking (SDN)

A
18
Q

Software-defined visibility (SDV)

A
19
Q

Serverless architecture

A
20
Q

Services integration

A
21
Q

Resource policies

A
22
Q

Transit gateway

A
23
Q

Virtual machine (VM) sprawl avoidance

A

-It becomes almost too easy to build instances -> can get out of hand quickly (VMs sprawled everywhere)
-ur not sure which VMs r related to which apps
-becomes difficult to deprovision
-when IaaS usrs create virtual service instances -> forget/abandon them -> accrue costs + sec issues over time

Prevention
-Formal process
-detailed documentation
->should have info on every virtual object

24
Q

VM escape protection

A

-VM = self contained
-escape is when break out of the VM + interact wth host OS/hardware

-Once u escape the VM, u have great ctrl
->ctrl the host/ctrl other guest VMs
-would be a huge exploit
->Full ctrl of the virtual world

-perp has access to one virtual host then gets access to intrude on resources assigned to a different VM
-hypervisor supposed to prevent this type of access by restricting VMs access to only resources assigned to that machine
->allows process running on the VM to escape hypervisor restrictions