2.2 Virtualization and Cloud Computing

Question 1

Cloud Model:

Sometimes called Hardware as a Service (HaaS)
– Outsource your equipment
• You’re still responsible for the management
– And for the security
• Your data is out there, but more within your control
• Web server providers

Answer 1

Infrastructure as a service (IaaS)

Question 2

Cloud Model:

• No servers, no software, no maintenance team, no HVAC
– Someone else handles the platform, you handle the development
• You don’t have direct control of the data, people, or infrastructure
– Trained security professionals are watching your stuff
– Choose carefully
• Put the building blocks together
– Develop your app from what’s available on the platform
– SalesForce.com

Answer 2

Platform as a service (PaaS)

Question 3

Cloud Model:

• On-demand software
– No local installation
– Why manage your own email distribution?
– Or payroll?
• Central management of data and applications
– Your data is out there
• A complete application offering
– No development work required
– Google Mail

Answer 3

Software as a service (SaaS)

Question 4

Cloud model:

• A broad description of all cloud models
– Use any combination of the cloud
• Services delivered over the Internet
– Not locally hosted or managed
• Flexible consumption model
– No large upfront costs or ongoing licensing
• IT becomes more of an operating model

Answer 4

Anything as a Service (XaaS)

Question 5

Cloud deployment model:

• Available to everyone on the internet

Answer 5

Public

Question 6

cloud deployment model:

• Several organizations share the same resources

Answer 6

Community

Question 7

Cloud deployment model:

• Your own virtualized local data center

Answer 7

Private

Question 8

Cloud deployment model:

• Mix of public and private

Answer 8

Hybrid

Question 9

Name a few benefits to cloud computing.

Answer 9

• Computing power is instantly available
• Massive data storage capabilities
• Rapid change adjustment
• Smaller start up costs

Question 10

Name a few drawbacks of cloud computing.

Answer 10

• Latency
• Limited bandwidth
• Difficult to protect data
• Requires internet/network connectivity at all times

Question 11

This type of computing is often associated with IoT devices. Processing occors on the local device and does not require any communication across the internet.

Answer 11

Edge Computing

Question 12

Type of computing that involves IoT devices that process data locally as well as across the internet. Allows private data to stay local, reducing security risks.

Answer 12

Fog computing

Question 13

What does it mean for cloud computing to be “elastic”?

Answer 13

Can scale up and down as needed

Question 14

The concept of apps being self-contained in a cloud system, preventing them from interacting with each other.

Answer 14

app containerization

Question 15

APIs are designed to break down monolithic apps into smaller instances that run independently. What are these services called?

Answer 15

Microservices

Question 16

Also known as Function as a service (FaaS) and involves applications running autonomously without the need of an operating system. Runs in a stateless compute container that may be event triggered.

Answer 16

Serverless architecture

Question 17

This gateway acts as a sort of “cloud router” which allows users to connect to multiple virtual private clouds (VPCs).

Answer 17

Transit gateway

Question 18

Policies that assign permissions to cloud resources.

Answer 18

Resource policies

Question 19

This is the integration of a wide variety of cloud service providers which allows the presentation of a single business facing interface.

Answer 19

Service integration and management (SIAM)

Question 20

Code written to define an infrastructure such as servers, networks, and applications.

Answer 20

Infrastructure as code

Question 21

A network that is configured to be centrally managed and configured programmatically with no human intervention.

Answer 21

Software defined networks (SDN)

Question 22

The process of monitoring the security and flow of data over a SDN.

Answer 22

Software defined visibility (SDV)

Question 23

This is something that’s easy to accidentally do when building VMs, but should be avoided at all costs to prevent VM escape attacks.

Answer 23

VM Sprawl

Question 24

What is the best way to prevent VM escape attacks?

Answer 24

Avoid VM sprawl and maintain documentation for deprovisioning of servers