4455 - Midterm Flashcards
what is capacity planning?
focuses on minimizing the difference between capacity of an IT resource and the demand for the resource
what are the 3 types of capacity planning strategies?
lead, lag and matching
what is the lead capacity planning strategy?
adding capacity to a resource in anticipation of demand
what is the lag capacity planning strategy?
adding capacity to a resource after it has reached its full capacity
what is the matching capacity planning strategy?
adding capacity to a resource in small increments as demand increases
what are the two cost buckets associated with cloud technology?
cost of acquiring infrastructure and the cost of ongoing ownership of infrastructure
what is organizational agility?
the ability to adapt to change caused by internal or external factors
what is clustering?
when independent IT resources are connected into a single system
what is reduced and what is increased when clustering is used?
failure rates are reduced, availability and reliability are increased
what is grid computing?
when IT resources are grouped into logical pools - heterogeneous and geographic distribution
what is the difference between clustering and grid computing?
grid systems are much more loosely coupled and distributed
what is virtualization?
it allows IT resources to provide multiple virtual images of themselves, essentially severing the hardware-software dependency, and allowing multiple users to share their capabilities
what is a cloud?
an IT environment that can provision resources remotely which is also scalable
TF: cloud has a finite boundry
T
TF: it is necessary for clouds to be web based
F
what processing capabilities are cloud environment dedicated to supplying?
back-end
what are the differences between horizontal and vertical scaling?
horizontal: cheaper, replicates existing resources, not limited by hardware capacity
vertical: more expensive, requires setup, limited by hardware capacity
what is a cloud service?
an IT resource that is remotely accessible through the cloud
what do SLA’s define?
quality of service specifications and IT outcomes
what are the benefits of cloud computing?
eliminates upfront IT investment, increased scaleability, improved availability and reliability
what are unique issues that face cloud computing?
security vulnerabilities, regional compliance and legal issues, reduced operational governance and control
what causes security vulnerabilities with cloud computing?
overlapping trust boundaries
to improve cloud security what should cloud consumer and providers have?
compatible security frameworks
what are the reasons for reduced operational governance control?
shitty cloud providers and bandwidth constraints
what is portability?
a measure of the impact of moving cloud consumer resources and data between clouds
TF: There are no established industry standards for cloud portability?
T
Researchers referred to the cloud computing technologies since mid of 1960 as
a) Public Computer utilities
b) Artificial intelligence
c) Distributed systems
d) Wide area networks
a
All of the following considered as cloud computing systems except
a) Amazon web services
b) UWO email services
c) Google documents
d) Linux servers
b
The adjective “elastic” in the cloud computing definition refer to
a) The cloud is upgradable
b) Adding or releasing resources on demand
c) Support integration with other clouds
d) Support different computations needs
b
All the following technologies is cloud computing enablers except
a) Web technology
b) Distributed systems.
c) Machine learning
d) WIFI Technology
c
Which of the following cloud computing characteristics is the most important for the IT systems capacity planning a) Scalability b) Reliability c) Availability d) Cost
a
The most cost factor will be reduced by using the cloud technology rather than the using on-premise systems is a) Operational cost b) Infrastructure cost c) Maintenance cost d) None of the above
b
The main common characteristic between clustering and grid computing systems
is
a) Cooperative systems
b) Composed of Tightly coupled IT resources
c) Built by interconnected homogeneous IT resources.
d) Geographically distributed systems
b
Which of the following best define the Virtualization technology
a) Technology allow multiple users to work remotely in the same physical server.
b) Technology eliminate the dependency between operating systems and physical
servers
c) Technology that enables the parallel processing
d) Technology to optimize the computing resources allocation
b
Which of the following best to achieve the availability of the IT resources
1) Deploy in single cloud.
2) Deploy in private environment not accessed remotely
3) Deploy in a cloud and on-premise environment
4) Deploy in multiple reliable clouds
3
Why is the horizontal scaling is less expensive than the vertical one
a) No need for additional IT resources
b) Using automated scaling
c) No needs for physical upgrades
d) Not limited by the hardware capacity
c
Which of the following is not cloud service
a) Google Assistant
b) Microsoft .NET platform
c) Amazon Alexa
d) None of the above
b
Which of the following is correct about the SLA
a) include the response time of the cloud service
b) Include the security technology used in the service
c) Useful for the service consumer because services details are always
encapsulated.
d) All of the above
d
Which of the following is advantage of adopting the cloud computing technology
a. meet and fulfill unpredictable usage
b. “ready-to-use” concept
c. tangible business benefits due to the availability and reliability
d. elimination of up-front IT investments
e. All of the above
e
who can a cloud administrator be?
a cloud provider, consumer or a third party
what are the four cloud roles
administrator, broker, auditor, carrier
what is ubiquitous access
wide accessibility that is tailored to different cloud service consumers
what is multitenancy?
characteristic of a software program that allows an instance of the program to serve multiple users
what is cloud elasticity
ability of cloud to scale IT resources to respond to runtime or pre-determined conditions
what is cloud measured usage?
ability of cloud to track usage of IT resources
what is cloud resiliency?
ability of cloud to distribute redundant implementations of IT resources across physical locations
what is IaaS, Paas, and SaaS
infrastructure, platform, and software as a service
what are the typical levels of control granted to cloud customers for:
- SaaS
- PaaS
- IaaS
- usage related configuration
- limited administrative
- full administrative
what are the typical functionality granted to cloud customers for:
- SaaS
- PaaS
- IaaS
- access to front end user interfaces
- moderate level of admin control
- full accessed to IT resources
what are the common cloud consumer activities for:
- SaaS
- PaaS
- IaaS
- uses and configures cloud service
- develops, tests, deploys and manages cloud service
- set up and configure bare infrastructure
what are the common cloud provider activities for:
- SaaS
- PaaS
- IaaS
- implement, manage, maintain and monitor usage
- pre configure and provide underlying infrastructure, monitor usage
- provision and manage the physical processing, storage and networking, monitor usage
what are the differences between public, private and community clouds?
varying levels of accessibility
public: offered at a cost or advertisement
private: owned by organization that is both the consumer and provider
community: owned by community member or a third party
what is a hybrid cloud and why are they challenging?
a combination of public, private and community clouds, challenging due to disparity between environments
what is a virtual private cloud?
a self contained cloud hosted by a public cloud provider
what is a inner-cloud?
a cloud comprised of two or more inner connected clouds
What is the role of the cloud broker
a) Provide the communication link between the cloud provider and consumers
b) Provide best offers from cloud providers in term of services and prices.
c) Provide cloud different services such as IaaS, PaaS, SaasS.
d) Both b & c
b
IT Company leases platform from public cloud provider, what is the security
boundary should be applied for the company
a) Organizational boundary
b) Private boundary
c) Trust boundary
d) None of the above
c
Which of the following is not main characteristic of the cloud technology
a) High speed communication
b) Usage On demand
c) Widely accessible
d) Consumed by different of users
a
Which of the following technologies required to do the IT resource pooling
a) Multitenancy
b) Virtualization
c) Resiliency
d) Measured usage
b
Testing as service can be classified as
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
b
§ Printer as service can be classified as
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
c
Which of the following is environment comprised of infrastructure-centric IT resources a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above
a
SaaS cloud services are always provided as
a) Virtual servers
b) Preconfigured environments
c) Physical computing resources
d) Cloud web services
d
Which of the following is a task for the PaaS delivery model owner
a) Develops cloud services.
b) Manages physical resources and hard storages
c) Preconfigure the DBMSs
d) Non of the above
c
Which of the following cloud delivery models has the highest degree of the administrative control? a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above
a
A company provide PaaS cloud , what possible option for building the infrastructure layer a) owning IasS b) Consuming IaaS c) Own on-premise Infrastructure d) All of the above
d
Communication-as-a-Service is cloud delivery models , which are more close to
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
c
Database-as-a-Service is cloud delivery models , which are more close to
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
b
What is the main difference between private and public cloud
a) Ownership
b) Ownership and access
c) Access
d) Size
b
A company has multi level of data sensitivities which makes that not all the data IT
resources can be available to public access, which is the deployment model best
for the company
a) Private cloud
b) Public cloud
c) Hybrid cloud
d) Hosted cloud
c
All the following are correct about the hosted cloud except
a) Owned and managed by a public cloud provider
b) Consumed by a private organization
c) The model is based on the ownership and access roles
d) None of the above
d
Interconnected cloud deployment model is defined based on
a) Size
b) Access
c) Architecture
d) Ownership
c
what is the architecture of ISP’s?
a hierarchical topology composed of 3 tiers
what is a data center?
a grouping of IT resources in close physical proximity
what are the benefits of using a data center?
higher usage efficiency for shared resources, power sharing, better accessibility
what are the components of a data center?
computing hardware, storage hardware, network storage, and the facility itself
what network hardware is there in data centers?
nas gateways, lan fabric, san fabric, web tier load balancing and acceleration, carriers and external network connections
what is a hypervisor?
a virtual machine monitor or manager
what are the 3 main positive characteristics of virtualization?
hardware independence, server consolidation, resource replication
what is operation system based virutalization
installing virtualization software in a pre existing operating system
what is the problem associated with operation system based virtualization?
can lead to lots of performance overhead
what are the advantages of hardware based virtualization?
it requires negligible storage space, is easy to use, and handles hardware management functions
what are the disadvantages of hardware based virtualization?
hardware compatibility can be problematic
what is VIM?
virtualization infrastructure management
what does VIM rely on?
centralized management modules
what are the 3 concerns with virutalization?
- performance overhead
- hardware compatibility
- portability
The main concern about the Broadband Networks and Internet in the cloud
computing industry is
a) The bandwidth limits
b) Latency delays
c) Cloud services availability depends on the cloud carrier
d) All of the above
d
All the following can be hot-swappable components in the data center except
a) Storages
b) Switches
c) CPUs
d) Virtual memory
d
SAN is :
a) Array of storages connected through the SAN and have access to network
b) Storage Area Network
c) Multiple storage devices connected through LAN network.
d) b & c
d
NAS is :
a) Array of storages connected through the NAS device and have access to the network
b) Network Area Storage
c) Multiple storage devices connected through LAN network.
d) Virtual storage network
a
All the following are IT resources can be virtualized except:
a) Printers
b) Routers
c) Monitors
d) None of the above
d
Guest operating system in virtualization technology is
a) The hypervisor OS
b) The virtualized machine OS
c) The virtual machine OS
d) The virtualization manager
b
Which of the following is advantage of the virtualization technology
a) Virtual machine mobility
b) Easy and automated VMs administration
c) Increase hardware utilization
d) All of the above
d
Which of the following is not part of the Operating System-Based Virtualization
a) Virtual machines
b) Virtual networks
c) Physical routers
d) Hypervisors
c
Hypervisor advantage over the OS-Based Virtualization is
a) Advanced administrative features.
b) More compatible to physical servers
c) More efficient.
d) More scalable
c
Which is the following is not a concern for the virtualization technology.
a) Performance overhead of the guest Virtual OS
b) Performance overhead of the Host OS
c) Compatibility between the hypervisors and hardware.
d) Lack of portability of virtualization management
a
what are web resources?
artifacts that can be accessed over the world wide web
what are the two basic components of the world wide web?
web browser client and web server
what are the three layers of a web application?
- presentation layer
- application layer
- data layer
TF: tenants in multi-tenant application have access to application data and configuration information
F - only their own data and no configuration information
Define the following characteristics of multitenant applications:
- usage isolation
- data security
- recovery
– The usage behavior of one tenant does not affect the application availability and performance of other tenants.
– Tenants cannot access data that belongs to other tenants.
– Backup and restore procedures are separately executed for the data of
each tenant.
Define the following characteristics of multitenant applications: - application upgrades § Scalability tenants. § Metered Usage § Data Tier Isolation
- individual tenant usage does not effect other tenants
- tenants can’t access data of other tenants
- backup and restore can be executed for the data of each individual tenant
- tenants can have individual databases
what is the difference between virtualization and multitenancy
virtualization - multiple copies of the server environment can be hosted by a single physical server
multitenancy - a physicla OR virtual server hosting an application that is designed to allow usage by multiple users
what sort of interaction do web based services provide?
machine to machine
what are SOAP based web services?
simple object access protocol
- a common messaging format for request and response messages
what is REST API?
a design for loosely coupled application that use the HTTP protocol to transfer data (representational state transfer)
what are the REST services architecture constraints?
uniform interface - all client requests should look the same
client server separation - the client and the server should act independently
statelessness - each request should contain all the info the server needs to know
cacheable resources - server responses should contain information on whether the information is cacheable or not
layered system - layers should not effect requests or responses
code on demand - a response can include code that the client can execute
SOAP vs REST: design
standardized protocol with predefined rules vs architecture style with loose recommendations
SOAP vs REST: approach
function driven vs data driven
SOAP vs REST: statefulness
stateless by default but can be stateful vs always stateless
SOAP vs REST: caching
API calls cannot be cached vs API calls can be cached
SOAP vs REST: security
WS/SSL vs HTTPS/SSL
SOAP vs REST: performance
more resources vs less resources
SOAP vs REST: message format
XML vs lots of formats
SOAP vs REST: transfer protocols
lots of protocols vs HTTP only
SOAP vs REST: best for
enterprise apps, high security apps vs public API’s, social networks
SOAP vs REST: advantages
high security, standardized vs scalable, better performance, flexibility
SOAP vs REST: disadvantages
poorer performance, more complex, less flexible vs less security, not suitable for distributed environments
what are service agents?
event-driven programs designed to intercept messages at runtime
what do cloud based services rely on service agents for?
monitoring and measuring during runtime
what is the difference between an active and a passive service agent?
active - changes the message contents
passive - reads and records message contents but makes no changes
what does service middleware accomodate?
complex service compositions
what are the two types of service middleware platforms
enterprise service bus - intermediary processing features
orchestration platform - hosts and executes workflow logic
Which of the following is NOT an element of the web technology
a) Web communication protocol
b) Web Representational language
c) Web browsers
d) Web resource identifier
c
All the following are a typical web application tasks except
1) Retrieving the data from the data storage upon user request.
2) Execute the application logics.
3) Respond to the client request.
4) Represent the response for the client.
4
Multitenancy is different than virtualization in following
a) It can be applied in software only
b) It allows different users to use the IT-resource
c) It can be applied in virtual servers only
d) It can be applied in physical servers only
a
SOAP service should be discoverable by
a) Following SOAP message format to search for the service
b) Developing the Service description using XML schema
c) Using java language in the implementation
d) Developing Statefulness service
b
REST service response message should
a) Be encoded only in JSON format
b) Include a flag to indicate if the data is cashable or not
c) Include a code to be executed in the client side
d) Has no body
b
Why REST service technology is not adequate for distributed environments
a) Support limited security protocols
b) Support limited transfer protocols
c) Support Limited message format
d) All of the above
d
Statefulness service should
a) Allow save information about the client request at the server side
b) Respond to service based on the client request and client previous status
c) Allows session between client and servers
d) Respond to service based on the client request only
a
§ Stateful service should
a) Allows save information about the client request at the server side
b) Responds to service based on the client request and previous client status
c) Allows session between client and servers
d) All of the above
d
The advantage of the SOAP services over the REST services is
a) Better Performance
b) Security
c) Scalability
d) All of the above
b
The advantage of the REST services over the SOAP services
a) Better Performance
b) Flexibly to develop and design
c) Scalability
d) All of the above
d
cloud service broker platform is type
a) ESB platform
b) middleware orchestration platform
c) SOAP platform
d) None of the above
a
A service intercept a message and send it back to different destination , is type of
a) Active agent
b) Passive agent
c) Middleware service
d) REST service
a/c?
What is the main characteristic of the tire 3 infrastructure data centers
a) Have single configuration for all the data center components
b) Have redundant configuration for all the data center components except the
power supply
c) Have redundant configuration for all the data center components
d) Have redundant configuration for servers and storages only
c
who is responsible for ensuring the availability of cloud services?
the provider and the carrier
what are security controls?
counter measures used to respond to security threats and reduce or avoid risk
what are security mechanisms?
a defensive framework put in place to protect IT resources
what is a cloud security policy?
the defined positioning and usage of security controls and mechanisms
what is a threat agent?
an entity that is capable of carrying out an attack
what is a malicious service agent?
an entity that can intercept and forward network traffic that flows within a cloud
can exist as an external program
what is a trusted attacker?
an entity that launches attacks within the trust boundary
usually appears to be a legitimate user that is sharing IT resources within the cloud
what is a malicious insider?
a human attacker that have privileged access to the cloud
what is traffic eavesdropping and what does it compromise?
passively intercepting messages
comprises confidentiality
what is a malicious intermediary and what does it compromise?
intercept and alters messages
comprises confidentiality and integrity
what is a denial of service attack?
attacker overloads IT resources until they don’t function properly anymore
what is insufficient authorization?
when attacker is granted direct access to IT resources
what is a virtualization attack and what does it comprimise?
an attack that exploits vulnerabilities in virtualized environment
compromises confidentiality, integrity, availability and underlying physical infrastructure
what is the problem with overlapping trust boundaries?
malicious cloud consumers can target shared IT resources within the same trust boundaries impacting their performance relative to other users
what are security brokers?
entity with distinct set of security policies3
with regard to what 2 measures are security risk evaluated?
probability of occurrence and degree of impact
Unauthorized cloud consumer intercept a message have been sent to a cloud and
change the destination to other cloud this will be violation for
1. Integrity
2. Authenticity
3. Confidentiality
4. All of the above
4
Authorized user get an error exception that include server ports , which would
allow him to hack these ports , the error exception is
1) Security Threat
2) Security weakness
3) Security Risk
4) Security mechanism
2
Using the digital signature in the cloud to ensure the data integrity and authenticity is 1) Security mechanism 2) Security control 3) Security risk 4) Security policy
1
Which is of the following is not violated by the trusted attacker and malicious insider: § Confidentiality § Authenticity § Integrity § Availability
authenticity
Traffic eavesdropping threat is hard to be detected by any security mechanisms
because
1. It is a passive action
2. It violate the confidentiality of the data
3. It used to collect illegitimate information about the cloud
4. Always occurs by malicious service agent
1
Malicious Intermediary threats is more danger than the eavesdropping because
- Violate the integrity and confidentiality of the data
- Send harm data to the cloud.
- Messages from consumers are intercepted and altered
- All of the above
4
All the following is correct about the insufficient authorization threat except:
- Always done by anonymous attacker
- Done by unauthorized consumers
- It violates the authenticity
- It can be done by malicious insider
4
What is the risk of the virtualization attack
- Lose the data confidentiality and integrity in the virtual server
- Denial of service for virtual service
- Compromising the physical infrastructure
- All of the above
4
In the overlapping trusted boundaries the trusted attacker can compromise
a) Shared IT-resources only
b) All resources in the trusted boundaries
c) Authorized IT-resources only
d) Un-authorized IT-resources only
b
All of the following are a concerns regarding cloud computing security except
a) Flaw implementation
b) Security policy disparity
c) unclear contracts between consumer and provider
d) Cloud availability
d
Identify a web service security defect is a part of
- Risk assessment
- Risk mitigation
- Risk monitoring
- Risk control
a
Firing a employee that previously violate the confidentiality and privacy of the company data 1. Risk assessment 2. Risk Treatment 3. Risk monitoring 4. Risk control
2
A company decided to upgrade their security encryption technology used after it
discover that the previous technology was not effective to avoid some type of
attacks , this situation is part of
1. Risk assessment
2. Risk Treatment
3. Risk monitoring
4. Risk control
4
what is a logical network perimeter?
isolation of a network environment from the rest of the network
what are the uses of a logical network perimeter?
to isolate resources for consumers, authorized users, and other user groups as well as a means of bandwidth control
what is included in a logical network perimeter?
virtual firewall and virtual network
what does a virtual firewall do?
filter traffic through the isolated network
what does a virtual network do?
isolated the network environment within a data center
what is the most foundational building block for cloud environments?
cloud servers
what limits the number of virutal servers one physical server can create?
its capacity
what are template virtual servers?
pre-made VM images
TF: can a cloud storage device be virutalized?
T
what mechanism supports the fixed increment capacity allocation of cloud storage devices?
pay per use
what are the concerns with cloud storage device?
confidentiality, integrity, security, and performance on large amounts of data
what is the lowest level of cloud data storage and what are they?
blocks - smallest unit of data that is still individually accessible
what are the two types of network storage interfaces?
storage blocks and file & network storage
how are object storage interfaces accessed?
via REST or web based cloud services using HTTP
who supports the use of object storage interfaces?
SNIA’s CDMI
what are the 2 main categories of storage interfaces?
relational and non-relational
how is storage management carried out?
using either a standard API or administrator interface
what are the challenges for relational database storage?
vertical scaling and performance
what are the benefits of a non-relational database?
- less processing overhead and complexity
- more horizontally scalable than relational database storage
what are the challenges of a non-relational database?
- schemas and models are primitive and not complete picture of data
- can’t use relational database functions
- lack of normalization
what is cloud usage monitor?
a lightweight and automated software program that keeps track of IT resource usage data
what are the 3 formats of cloud usage monitor?
monitoring agent, polling agent and resource agent
what does a monitoring agent measure?
network traffic and message metrics
what is a monitoring agent?
an event driven program that exists as a intermediary service agent that exists along communication paths
what is a resource agent?
a program that collects usage data based on event driven interaction with specialized resource hardware
what is a polling agent?
a processing module that collected usage data by polling IT resources
All the following are correct about cloud IT-resource isolation except
a) Supports the cloud security
b) Enables cloud IT-resources distribution
c) Uses virtual firewalls
d) Uses physical LAN
d
In addition to the IT-resources isolation the logical network perimeter mechanism
can
a) Improve the logical network performance
b) Increase the bandwidth used by the logical network
c) Improve the vertical scalability of the cloud IT-Resources
d) Reduce the virtualization over head
b
Logical Network Perimeter mechanism can isolate cloud IT-Resource from
a) Other IT-Resource within cloud
b) Internet and public users
c) Malicious attacker
d) All of the above
d
The deployment of the Logical Network Perimeter mechanism include
a) Virtual networks
b) Virtual networks and virtual firewalls
c) Physical networks
d) Physical networks and virtual firewalls
b
Which one of the following virtual networks is the most loosely isolated from the cloud external user? a) VIM virtual network b) Consumer IT-Resources virtual network c) Cloud storage virtual network d) internet routers virtual network
d
Which the following is part of the virtualization logical architecture
a) Physical IT-resources
b) VIMs and hypervisors
c) Virtual machines
d) All of the above
d
In virtualization the virtual server instance is created by
a) VIM
b) Hypervisor
c) Consumer
d) Usage monitor
b
Which of the following is not standard storage interface
a) Block
b) Object
c) Relational dataset
d) Multimedia
d
Which is of the following is concern about the relational cloud storage
a) Doesn’t support vertical scalability
b) Doesn’t support horizontal scalability
c) Is not scalable
d) Is not support REST services
a
Which of the following is best storage interface for multimedia web resources
a) Files
b) Block
c) Object
d) NoSQL database
c
Which of the following are correct about the LUN
a) Stands for logic unit number
b) Created and configured by the VIM
c) Used by Storage Virtualization software to create the consumer storage device
d) All of the above
d
§ Monitoring agent actions is similar to
a) Eavesdropping attack
b) Malicious intermediary attack
c) Denial of service attack
d) authorization attack
a or b not sure
The resources agent is different than monitor agent in following
a) is event driven
b) collects traffic data
c) collects IT-Resource usage
d) counts the consumer messages
d
Polling Agent is cloud usage agent that can capture the IT-resource
a) Usage
b) Performance
c) Availability
d) Security weaknesses
c
\_\_\_\_\_\_\_\_\_ receives predefined events from VIM as response for the consumer VM stopping request a) Polling agent b) Resource agent c) Monitor agent d) None of the above
b
Usually resource agent receives predefined events from the \_\_\_\_\_\_\_ as response for the consumer VM upgrade request a) Hyper visor b) VIM c) Virtual machine d) Administrative portal
b
what is an automated scaling listnener?
tracks comms between cloud service consumers and cloud services for DYNAMIC SCALING purposes
where are automated scaling listeners typically located?
near the firewall
what are workloads for automated scaling listeners determined by?
volume of cloud consumer generated requests and back end processing demands triggered by certain types of requests
§ The automated scaling listener could be a part of of _____
a) VIM
b) Hypervisor
c) Virtual machine
d) Usage and administration portal
b) hypervisor
The scaled virtual server should be migrated to other physical host in the case of
____
a) Scaling up
b) Scaling down
c) The scale is above the host capabilities.
d) The scale is below the host capabilities.
c
§ The automated scaling listener detects the need to scale down the VM and send a commands to \_\_\_\_\_ to scale down the VM a) Hypervisor b) VM c) VIM d) Physical server
c) VIM
what scaling problem does a load balancer address?
horizontal scaling
what are the 3 types of workload distribution functions?
- Asymmetric (larger first)
- Prioritized (assigned priority levels)
- Content Aware (request content based)
load balancers can exists as what?
- switch
- appliance
- software based system
- service agent
§ Load balancer mechanism enables the
a) Vertical scaling
b) Horizontal scaling
c) Vertical and horizontal scaling
d) None of the above
b
§ Which of the following is load balancer advantage provided to the cloud consumer
a) Optimize the cloud resources usage.
b) Minimize the waiting time for requested tasks
c) Apply priority strategies for task processing.
d) All of the above
d
Which of the following is a distribution methodology for the load balancer
a) Fair distribution
b) Size based
c) Content based
d) All of the above
d
what does the SLA monitor observe?
the runtime performance of cloud services
The SLA Monitor observe the _____ of the web services
a) The performance
b) The availability
c) The reliability
d) All of the above
d
§ The SLA monitoring agent can be
a) Polling agent
b) Event based agent
c) Usage monitor agent
d) Both a , b
d
§ The following agent is needed to review and audit QoS Requirements
a) SLA Monitor
b) Audit monitor
c) Failover monitor
d) Quality monitor
a
what processes the data collected by a pay per use monitor?
billing managment system
what are typical monitoring variables for a pay per use monitor?
request/response volumes, data volume, bandwidth consumption, usage time
§ Most of the time the billing receipt for the cloud consumer is calculated by____
a) Usage monitor
b) Pay-per-use Monitor
c) Billing management system
d) SLA Monitor
c
which of the following parameters can be measured by pay-per-used monitor
a) Number of of consumer messages
b) IT-resource usage period
c) The cloud services bandwidth consumption
d) All of the above
d
§ Which of the following is needed to by the pay-per-use monitor to fulfill its task
- Pricing scheme database
- Usage monitor
- VIM
- All of the above
4
§ Which of the following is one of the pay-per-use monitor tasks?
a) Respond to VIM events
b) Request Inquiries about the service usage pricing schemes
c) Store billable events
d) All of the above
d
how is an audit monitor implemented?
as a monitoring agent
what does an audit monitor intercept?
login requests
Which cloud monitor should be implemented to keep track of all log in requests ?
a) Audit
b) SLA
c) Load
d) Failover
a
hich cloud monitor should be implemented to apply location based access ?
a) Audit
b) SLA
c) Load
d) Failover
a (Audit)
what does a failover system help increase?
the availability and reliability of a system
what are failover systems often used for?
mission critical programs, reusable services
what are the two types of failover configurations?
- active active
- active passive
what failover configuration has redundant implementations serving the workload synchronously?
active active
which failover configuration involves the load balancer?
active active
which failover configuration redirects workload towards redundant implementation in the event of a failure?
active passive
In active passive failover mechanism , the recovered resource status becomes
a) Active resource
b) Standby resource
c) Failed resource
d) Deleted resource
b
§ which is of the following agents is needed by the active–active fail over system
a) Router
b) Load balancer
c) Audit monitor
d) SLA monitor
b
Which of the following is a technology that enables the failover systems
- Clustering
- Resource replication
- Load balancing
- All of the above
4
§ Which of the following government artifacts most needs the failover system
a) Distributed database systems
b) Centralized data centers
c) web services
d) None of the above need failover system
b
what tasks are done by a hypervisor
create, start, shutdown, scale, suspend
§ All the following tasks are done by the hypervisor except
a) Create new VM
b) Delete VM
c) Migrate VM
d) Scale VM
c
How many hypervisor instances needed for 3 physical servers and 6 virtual servers model a) 6 b) 1 c) 3 d) 2
c
§ One of the VIM commands to migrate the virtual server from busy server to other
idle server is
a) Ask the busy server’s hypervisor to migrate the VM
b) Ask the busy server hypervisor to suspend the VM
c) Ask the Idle server hypervisor to to migrate the VM
d) Ask the busy server hypervisor to start the VM
b
what are the 3 resource cluster types?
server, database, large dataset
what does a server cluster increasee?
performance and availability
what does a database cluster increase?
availability
how does a database cluster maintain consistency across different storage devices?
with synchronization
what is implemented with a large dataset cluster?
data partitioning and distribution
what two layers are required between nodes in a cluster?
one for accessing storage devices, another for executing IT resource orchestration
what are the two types of resource clusters?
load balance and HA
what does load balance cluster preserve?
centralization of IT resoure
what has redundant implementation of most clustered It resources?
a HA cluster (high availability)
what does a HA cluster implement?
failover system mechanisms
§ All the following can be improved by using clustering mechanism except
a) Resource usage optimization
b) Availability of the cloud resource.
c) The cloud security
d) The cloud performance
c
§ Clustered servers needs dedicated networks to
a) Distribute workloads among clusters.
b) To apply orchestration among cluster nodes
c) To increase the availability of the resources
d) To improve the performance of the cluster
b
Large dataset cluster mechanism is similar to
a) Centralized database
b) Distributed database
c) Replicated Database
d) Database failover mechanism
b
High availability cluster is different than load balanced cluster in the following
a) Uses Active –active failover
b) Uses Active –passive failover
c) Uses Load-balancer
d) Uses storage clusters
b *confimred with prof
§ How many cluster enabled hypervisors needed to implement 10 virtual servers for
2 physical server clusters each composed of 4 nodes
a) 10
b) 4
c) 2
d) 8
d
what is used to overcome incompatibilities between cloud service and cloud customers?
multi-device broker
what does a multi device broker facilitate?
runtime data transformation
§ All the following database transformations can be done by MULTI-Device broker except a) Adding constraints b) Changing data fields names c) Deleting rows or columns d) Change the data filed type
c
§ What is the type of gateway needed by drobox cloud service to provide its services to mobile and desktop devices a) SQL Gateway b) Cloud Storage Gateway c) Mobile Device Gateway d) b and c
d
what are the four cloud management mechanisms?
remote, resource, billing, sla
remote admin systems provide the user interface and tools for what cloud resource administrators?
external ones
what are the two remote system admin portals?
usage and administration portal, and self service portal
cloud consumers like working with remote administration systems that offer what?
standardized api’s
resource management system coordinates what in response to what action?
coordinates IT resources in response to management actions
what is core to the resource management system ?
VIM (virtual infrastructure manager)
what does a resource managment system contain?
a VIM and a VM image repository
what does an SLA management system apply for SLA data?
administration, collection, storage, reporting, runtime notifications
what does the SLA managmet system rely on?
SLA monitors
what does the billing management system rely on?
pay per use monitors
what is a billing managment system comprised of?
and pricing and contract manager, and a pay per use measurement repository
what are the 3 pricing models in billing management system
flat rate, pay per use, pay per allocation
ALL standard cloud managements functionalities provided through
- APIs
- Custom Applications
- Open source modules
- Cloud services
1
§ Which of the following is used by remote administration system to control, and manage the cloud a) Resource Management System b) SLA Management System c) Billing Management System d) All of the above
d
§ Self-Service Portal is used for
a) Initiating virtual machines
b) Getting the usage of the virtual machines
c) Getting possible configurations for the virtual machines
d) Checking the status of virtual machines
c
§ What is the advantages of providing the remote administration system through
standard APIs
a) Easy to access the cloud administration
b) Enable centralized administration for multiple clouds
c) Can be used by different cloud administrators
d) Easy to interoperate with single access security mechanism
b
Which of the following is not a task for remote administration system
a) Issues receipts for the cloud consumer usage
b) Releases cloud services upon consumer requests
c) Manages the consumer payments
d) Reports the consumer resources availability
c
Which of the following is the core of the resource management system
a) hypervisors
b) The virtual servers
c) VIM
d) LUN
c
§ the resource management system can monitor the operation of the resources through a) SLA monitor b) VIM c) Pay per use Monitor d) Usage monitor
b
§ The VM image repository is used to save
a) Active virtual machines images
b) Hypervisor software images
c) Virtual machines configuration templates images
d) Virtual machine status image
c
§ SLA management repository stores
a) Billable events
b) Resource Usage events
c) Resource status events
d) None of the above
c
§ SLA Management System can be accessed through
a) Usage and Administration Portal
b) Self-Service Portal
c) Directly through than SLA manger
d) a and c
d
§ Which of the following is part of Billing Management System
a) Billable events repository
b) Pricing models repository
c) Pricing manager
d) All of the above
d
what does the cloud security mechanism of encryption preserve?
confidentiality and integrity of data
what does encryption rely on?
a cipher
what does encryption help counter?
man in the middle, eavesdropping, authorization issues, trust boundary overlap
what characteristic does symmetric encryption not have? why?
non-repudiation, you can’t determine which party performed what action
TF: asymmetric encryption is slower than symmetric encryption
Td
how is encryption most commonly provided for web based communication?
HTTPs
§ Which of the following attacks that Encryption can be used against ?
a) traffic eavesdropping
b) Malicious intermediary
c) insufficient authorization
d) All of the above
d
Which of the following can NOT be provided by private key encryption
a) message confidentiality
b) Message authenticity
c) Message integrity
d) Non of the above
a
§ Which of the following is transport layer security protocol
a) SSL
b) RC4
c) RSA
d) Triple-DES
a
§ Which of the following is asymmetric encryption cipher
a) SSL
b) RC4
c) RSA
d) Triple-DES
c
what clod threats can hashing solve?
malicious intermediary, insufficient authorization
§ Which of the of the following IT-Resources that Hashing technique can be applied
for to check the originality of the resource ?
§ Data repositories
§ On-premise applications
§ Web-services
§ All of the above
d
§ Cloud consumer uses hashing technique to communicate with the cloud so any
request sent by the consumer should include
a) Message only
b) Message and hashing algorithm
c) Message and message digest
d) The hash code only
c
Hashing technique can discover changes in the message by having both
a) Original message and original message digest
b) Changed message and original message digest
c) Original message and changed message digest
d) Changed message and original message digest
b
what do digital signatures provide?
data authenticity and integrity
what is involved in the digital signature process
hashing and assymetric encrytpion
what is encyrpted by the private key and appended to the original message in digital signing?
the message digest
The two major security concepts can be provided by the digital signature are
a) Data integrity and non-repudiation.
b) Data authenticity and confidentiality
c) Data confidentiality and non-repudiation
d) Non of the above
a
What are the two security mechanisms are applied to implement the digital signature? a) Hashing and public key encryption b) Hashing and private key encryption c) Hashing and secret key encryption d) Symmetric and asymmetric encryption
b
§ Attacker having the public and private keys intercept a message with digital signature can violate a) message confidentiality and integrity b) message confidentiality only c) message integrity only d) Nothing violated
b
what is a PKI?
public key infrastructure - associated a public key with its owner
what does a PKI rely on?
digital certificates
what are digital certificated signed by?
third party certificate authority
§ The digital certificate should include
a) Authorized consumer public key
b) Consumer identity authorized by a private key
c) Authorized consumer identity and public key
d) Authorized private key
c
what is an IAM
identity and access manager
what are teh four main componenents of an IAM
authentication, authorization, user management , credential management
what is an IAM used to counter?
insufficient authentication, denial of service, and overlapping trust boundaries
what does authorization define?
the correct granularity for access controls
what does user management involve?
creating access groups, resetting passwords, defining password policies, managing user priveleges
what threat to credential management address?
insufficient authorization
§ Which one of the following IAM components has responsibility to create new user password? a) Authentication b) Authorization c) User Management d) Credential Management
c
Which one of the following IAM components can provide the face id access?
a) Authentication
b) Authorization
c) User Management
d) Credential Management
a
what authenticates cloud users in SSO?
a security broker
what security threats does SSO address?
none
what does SSO enhance?
usability
Which of the following cloud quality factors that single sign on security mechanism can improve it? a) Security b) Usability c) Availability d) Resource usage
b
Single sign on is optimum for the authentication of the administrators that managed
a) Single cloud recourses
b) Distributed resources in multiple cloud providers
c) On-premise resources
d) Non of the above
b
what process creates a cloud based security group
cloud based resource segmentation
what security threats does clod based security groups help adress?
denial of service, sufficient authentication and overlapping trust boundaries
§ What is correct about the security group IT-Resources
a) They are virtual servers
b) They have the same capacity configurations
c) They have the same security rules and mechanism
d) They have the same virtual network
c
§ Which of the following cloud infrastructure cloud mechanism can be similar to the security groups a) Virtualization b) Logical network perimeter c) Replication d) None of the above
b
what is software hardneing?
stripping away unnecessary features of a software to remove potential vulnerabilities
what cloud security threats does virtual server hardening help prevents?
DOS, insufficient auth, trust boundaries
§ Hardening process can be done for
a) Virtual servers
b) Physical servers
c) Database servers
d) All of the above
d
§ All the following tasks can be done during the Virtual server hardening except
a) Removing programs
b) closing server ports
c) Upgrading memories
d) disabling services
c
what is the purpose of workload distribution architecture?
to reduce it under utilization and over utilization
what does workload distibution architecture rely on?
sophistication of load balancing mechanism and run time logic
what does workload distribution architecture support?
cloud services, virtual servers, cloud storage devices
what are the 3 mechanisms for workload distribution architecture?
load balancing, cloud storage device, and virtual server
a) Replicated data storages
b) Load balancer
c) Security broker
d) Resource cluster
c
Which of the following is applying the workload distribution architecture to implement its mechanism a) Cloud data storages b) Load balancer c) Security broker d) Resource cluster
d
§ Which one of the following architectures is reducing the over utilization of ITresources
a) Workload Distribution Architecture
b) Resource Pooling Architecture
c) Dynamic Scalability Architecture
d) Elastic Resource Capacity Architecture
a
what is the underlying principle of resource pooling architecture
that resource pools with identical IT resources are synchronized
what is a sub-pool
a resource pool within a resource pool (of resource pools)
when are nested pools commonly used?
when cloud services need to be rapidly instantiated with the same type of it resource and the same configuration
Which of the following are correct about the resource pool
a) Group of multi-type resource instances.
b) Group of single resource type instances that have different configuration.
c) Group of sub pools
d) Group cloud mechanisms
c
§ IF we have pool A comprised { 10 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage }
which of the following is possible sibling of parent A
a) { 8 : 1 G Ram ,2 : dual Core CPU, 4 : 10G storage }
b) { 2 : 4 G Ram ,2 : Quad Core CPU}
c) {1 : 100G storage }
d) { 8 : 8 G Ram ,10 : Quad Core CPU}
c
IF we have pool A comprised { 10 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage }
which of the following is possible nested pool
a) { 8 : 8 G Ram ,2 : dual Core CPU, 4 : 100G storage }
b) { 2 : 8 G Ram ,2 : Quad Core CPU}
c) { 8 : 8 G Ram ,7 : Quad Core CPU, 4 : 100G storage }
d) { 8 : 8 G Ram ,10 : Quad Core CPU, 5 : 100G storage }
c
what is dynamically scaling architecture based on?
predefined scaling conditions
in dynamically scaling architecture what dictates the new IT resources that need to be added to workload processing?
the automated scaling listener
what type of scaling handles fluctuatioing workload?
horizontal
what type of scaling handles the need to adjust processing capacity of single IT resource
vertical
what type of scaling relocates an IT resource to a host withmore capacity?
rellocation
§ Moving virtual machine to new physical host in order to accommodate dynamic memory upgrade is a) Dynamic Horizontal Scaling b) Dynamic vertical Scaling c) Dynamic reallocation d) Dynamic virtualization
c
§ In order to accommodate the increase in the database inquiries, the hypervisor has
been asked to add more storage to the virtual database server A then the replication
monitor create new instance B of the virtual database server A to process 30% of the incoming requests while the other 70% requests is served by server A, what is the type
of the scaling has been applied in this sitiuation
a) Load balance scaling
b) Horizontal scaling
c) Vertical scaling
d) Horizontal and vertical scaling
d
§ Which of the following are the main mechanisms that used to apply horizontal
scaling
a) Hypervisor & Pay-Per-Use Monitor
b) Cloud Usage Monitor & automated scaling listener
c) automated scaling listener & Hypervisor
d) automated scaling listener & resource replication
d
elastic resource capacity architecture provisions what dynamically? in response to what?
virtual servers, fluctuating processing requirements
what is an intelligent automation engine?
executes workflow logic which automates some administrative tasks
what additional mechanisms can be included in an elastic resource capacity architecture
cloud usage monitor, pay per use monitor, resource replicator
dynamic scalability architecture uses what ore mechanisms
resource replicator and automated scaling listener
what additional mechanisms can the dynamic scalability architecture use
cloud usage monitor, hypervisor, pay per use monitor
Elastic Resource Capacity Architecture is based in the following scaling
a) Vertical
b) Horizontal
c) Multidimensional
d) Storage and server
a
§ An intelligent automation engine is mainly applied in the following architecture
a) Dynamic Scalability Architecture
b) Elastic Resource Capacity Architecture
c) Cloud Bursting Architecture
d) Elastic Disk Provisioning Architecture
b
Intelligent Automation Engine is used to determine
a) how many new virtual server instances needed to be replicated
b) the upgrades needed to be added to the virtual servers
c) The upgrades need to be added to the physical servers
d) The virtual server usage
b
service load balancing architecture is most similar to what other architecture?
workload distribution architecture
service load balancing architecture uses what type of cloud service deployment?
redundant
duplicated cloud services are grouped into what in service load balancing architecture
resource pools
what are the mechanisms in service load balancing architecture?
cloud usage monitor, resource cluster, resource replication
§ All the following are main mechanisms to apply the Service Load Balancing Architecture except a) Cloud Usage Monitor b) Resource Cluster c) Resource Replication d) Multitenancy
d
§ Which of the following is not correct regarding the service load balancer
a) Can be independent to the service
b) Can be embedded in the service
c) Balance the load between service instances
d) can be imbedded in the host server
d
§ resource replication in Cloud Bursting Architecture is always done for
a) Cloud resources
b) On-premise resources
c) Virtual servers
d) Virtual storages
b
§ Cloud bursting architecture implements the dynamic scaling by adding and
releasing
a) resources to cloud environment
b) Resources to on-premise environment
c) Cloud resources to on-premise environment
d) On-premise resources to cloud environment
c
what mechanisms are core to cloud bursting architecture
resource replication and automated scaling listener
what core mechanisms are used in elastic disk provisioning architecture?
cloud storage device, virtual server, pay per use monitor, hypervisor
what additional mechanisms can be used in elastic disk provision architecture?
cloud usage monitor, resource replication
§ 400 G storage are provided through Elastic disk provisioning technology how
much the consumer will be charged if used 30% of the storage and billing rate is
20 cent per 1 G Storage
a) 80 $
b) 24 $
c) 56 $
d) 20 $
b
§ 400 G storage are provided through thick provisioning technology how much the
consumer will be charged if used 30% of the storage and billing rate is 20 cent per
1 G Storage
a) 80 $
b) 24 $
c) 56 $
d) 20 $
a
The redundant storage architecture introduces what?
a secondary duplicate cloud
storage device
what diverts cloud consumer requests to the secondary
device whenever the primary device fails
§ A storage service gateway
redundant storage architecture primarily
relies on what?
storage replication system
§ Which of the following is correct about the LUN
a) Used to assign storage device to virtual servers
b) Represent the physical locations of virtual storage device
c) Used to apply redundant storage cloud architecture
d) All of the above
d
§ A storage service gateway is used to
a) Balance between multiple storage devices
b) Divert request to the current active storage
c) Reject invalid requests to the storage devices
d) All of the above
b
§ State management database can help in
a) Convert stateless service to stateful service
b) Convert stateful service to stateless service
c) Store the data of the stateless service
d) Store the data of the stateful service
d
§ Which of the following most be improved by using state management database mechanism? a) Resources usage optimization b) Resources availability c) Resources performance d) Resources replication
a