4455 - Midterm Flashcards
what is capacity planning?
focuses on minimizing the difference between capacity of an IT resource and the demand for the resource
what are the 3 types of capacity planning strategies?
lead, lag and matching
what is the lead capacity planning strategy?
adding capacity to a resource in anticipation of demand
what is the lag capacity planning strategy?
adding capacity to a resource after it has reached its full capacity
what is the matching capacity planning strategy?
adding capacity to a resource in small increments as demand increases
what are the two cost buckets associated with cloud technology?
cost of acquiring infrastructure and the cost of ongoing ownership of infrastructure
what is organizational agility?
the ability to adapt to change caused by internal or external factors
what is clustering?
when independent IT resources are connected into a single system
what is reduced and what is increased when clustering is used?
failure rates are reduced, availability and reliability are increased
what is grid computing?
when IT resources are grouped into logical pools - heterogeneous and geographic distribution
what is the difference between clustering and grid computing?
grid systems are much more loosely coupled and distributed
what is virtualization?
it allows IT resources to provide multiple virtual images of themselves, essentially severing the hardware-software dependency, and allowing multiple users to share their capabilities
what is a cloud?
an IT environment that can provision resources remotely which is also scalable
TF: cloud has a finite boundry
T
TF: it is necessary for clouds to be web based
F
what processing capabilities are cloud environment dedicated to supplying?
back-end
what are the differences between horizontal and vertical scaling?
horizontal: cheaper, replicates existing resources, not limited by hardware capacity
vertical: more expensive, requires setup, limited by hardware capacity
what is a cloud service?
an IT resource that is remotely accessible through the cloud
what do SLA’s define?
quality of service specifications and IT outcomes
what are the benefits of cloud computing?
eliminates upfront IT investment, increased scaleability, improved availability and reliability
what are unique issues that face cloud computing?
security vulnerabilities, regional compliance and legal issues, reduced operational governance and control
what causes security vulnerabilities with cloud computing?
overlapping trust boundaries
to improve cloud security what should cloud consumer and providers have?
compatible security frameworks
what are the reasons for reduced operational governance control?
shitty cloud providers and bandwidth constraints
what is portability?
a measure of the impact of moving cloud consumer resources and data between clouds
TF: There are no established industry standards for cloud portability?
T
Researchers referred to the cloud computing technologies since mid of 1960 as
a) Public Computer utilities
b) Artificial intelligence
c) Distributed systems
d) Wide area networks
a
All of the following considered as cloud computing systems except
a) Amazon web services
b) UWO email services
c) Google documents
d) Linux servers
b
The adjective “elastic” in the cloud computing definition refer to
a) The cloud is upgradable
b) Adding or releasing resources on demand
c) Support integration with other clouds
d) Support different computations needs
b
All the following technologies is cloud computing enablers except
a) Web technology
b) Distributed systems.
c) Machine learning
d) WIFI Technology
c
Which of the following cloud computing characteristics is the most important for the IT systems capacity planning a) Scalability b) Reliability c) Availability d) Cost
a
The most cost factor will be reduced by using the cloud technology rather than the using on-premise systems is a) Operational cost b) Infrastructure cost c) Maintenance cost d) None of the above
b
The main common characteristic between clustering and grid computing systems
is
a) Cooperative systems
b) Composed of Tightly coupled IT resources
c) Built by interconnected homogeneous IT resources.
d) Geographically distributed systems
b
Which of the following best define the Virtualization technology
a) Technology allow multiple users to work remotely in the same physical server.
b) Technology eliminate the dependency between operating systems and physical
servers
c) Technology that enables the parallel processing
d) Technology to optimize the computing resources allocation
b
Which of the following best to achieve the availability of the IT resources
1) Deploy in single cloud.
2) Deploy in private environment not accessed remotely
3) Deploy in a cloud and on-premise environment
4) Deploy in multiple reliable clouds
3
Why is the horizontal scaling is less expensive than the vertical one
a) No need for additional IT resources
b) Using automated scaling
c) No needs for physical upgrades
d) Not limited by the hardware capacity
c
Which of the following is not cloud service
a) Google Assistant
b) Microsoft .NET platform
c) Amazon Alexa
d) None of the above
b
Which of the following is correct about the SLA
a) include the response time of the cloud service
b) Include the security technology used in the service
c) Useful for the service consumer because services details are always
encapsulated.
d) All of the above
d
Which of the following is advantage of adopting the cloud computing technology
a. meet and fulfill unpredictable usage
b. “ready-to-use” concept
c. tangible business benefits due to the availability and reliability
d. elimination of up-front IT investments
e. All of the above
e
who can a cloud administrator be?
a cloud provider, consumer or a third party
what are the four cloud roles
administrator, broker, auditor, carrier
what is ubiquitous access
wide accessibility that is tailored to different cloud service consumers
what is multitenancy?
characteristic of a software program that allows an instance of the program to serve multiple users
what is cloud elasticity
ability of cloud to scale IT resources to respond to runtime or pre-determined conditions
what is cloud measured usage?
ability of cloud to track usage of IT resources
what is cloud resiliency?
ability of cloud to distribute redundant implementations of IT resources across physical locations
what is IaaS, Paas, and SaaS
infrastructure, platform, and software as a service
what are the typical levels of control granted to cloud customers for:
- SaaS
- PaaS
- IaaS
- usage related configuration
- limited administrative
- full administrative
what are the typical functionality granted to cloud customers for:
- SaaS
- PaaS
- IaaS
- access to front end user interfaces
- moderate level of admin control
- full accessed to IT resources
what are the common cloud consumer activities for:
- SaaS
- PaaS
- IaaS
- uses and configures cloud service
- develops, tests, deploys and manages cloud service
- set up and configure bare infrastructure
what are the common cloud provider activities for:
- SaaS
- PaaS
- IaaS
- implement, manage, maintain and monitor usage
- pre configure and provide underlying infrastructure, monitor usage
- provision and manage the physical processing, storage and networking, monitor usage
what are the differences between public, private and community clouds?
varying levels of accessibility
public: offered at a cost or advertisement
private: owned by organization that is both the consumer and provider
community: owned by community member or a third party
what is a hybrid cloud and why are they challenging?
a combination of public, private and community clouds, challenging due to disparity between environments
what is a virtual private cloud?
a self contained cloud hosted by a public cloud provider
what is a inner-cloud?
a cloud comprised of two or more inner connected clouds
What is the role of the cloud broker
a) Provide the communication link between the cloud provider and consumers
b) Provide best offers from cloud providers in term of services and prices.
c) Provide cloud different services such as IaaS, PaaS, SaasS.
d) Both b & c
b
IT Company leases platform from public cloud provider, what is the security
boundary should be applied for the company
a) Organizational boundary
b) Private boundary
c) Trust boundary
d) None of the above
c
Which of the following is not main characteristic of the cloud technology
a) High speed communication
b) Usage On demand
c) Widely accessible
d) Consumed by different of users
a
Which of the following technologies required to do the IT resource pooling
a) Multitenancy
b) Virtualization
c) Resiliency
d) Measured usage
b
Testing as service can be classified as
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
b
§ Printer as service can be classified as
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
c
Which of the following is environment comprised of infrastructure-centric IT resources a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above
a
SaaS cloud services are always provided as
a) Virtual servers
b) Preconfigured environments
c) Physical computing resources
d) Cloud web services
d
Which of the following is a task for the PaaS delivery model owner
a) Develops cloud services.
b) Manages physical resources and hard storages
c) Preconfigure the DBMSs
d) Non of the above
c
Which of the following cloud delivery models has the highest degree of the administrative control? a) Infrastructure-as-a-Service (IaaS) b) Platform-as-a-Service (PaaS) c) Software-as-a-Service (SaaS) d) None of the above
a
A company provide PaaS cloud , what possible option for building the infrastructure layer a) owning IasS b) Consuming IaaS c) Own on-premise Infrastructure d) All of the above
d
Communication-as-a-Service is cloud delivery models , which are more close to
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
c
Database-as-a-Service is cloud delivery models , which are more close to
a) Infrastructure-as-a-Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
b
What is the main difference between private and public cloud
a) Ownership
b) Ownership and access
c) Access
d) Size
b
A company has multi level of data sensitivities which makes that not all the data IT
resources can be available to public access, which is the deployment model best
for the company
a) Private cloud
b) Public cloud
c) Hybrid cloud
d) Hosted cloud
c
All the following are correct about the hosted cloud except
a) Owned and managed by a public cloud provider
b) Consumed by a private organization
c) The model is based on the ownership and access roles
d) None of the above
d
Interconnected cloud deployment model is defined based on
a) Size
b) Access
c) Architecture
d) Ownership
c
what is the architecture of ISP’s?
a hierarchical topology composed of 3 tiers
what is a data center?
a grouping of IT resources in close physical proximity
what are the benefits of using a data center?
higher usage efficiency for shared resources, power sharing, better accessibility
what are the components of a data center?
computing hardware, storage hardware, network storage, and the facility itself
what network hardware is there in data centers?
nas gateways, lan fabric, san fabric, web tier load balancing and acceleration, carriers and external network connections
what is a hypervisor?
a virtual machine monitor or manager
what are the 3 main positive characteristics of virtualization?
hardware independence, server consolidation, resource replication
what is operation system based virutalization
installing virtualization software in a pre existing operating system
what is the problem associated with operation system based virtualization?
can lead to lots of performance overhead
what are the advantages of hardware based virtualization?
it requires negligible storage space, is easy to use, and handles hardware management functions
what are the disadvantages of hardware based virtualization?
hardware compatibility can be problematic
what is VIM?
virtualization infrastructure management
what does VIM rely on?
centralized management modules
what are the 3 concerns with virutalization?
- performance overhead
- hardware compatibility
- portability
The main concern about the Broadband Networks and Internet in the cloud
computing industry is
a) The bandwidth limits
b) Latency delays
c) Cloud services availability depends on the cloud carrier
d) All of the above
d
All the following can be hot-swappable components in the data center except
a) Storages
b) Switches
c) CPUs
d) Virtual memory
d
SAN is :
a) Array of storages connected through the SAN and have access to network
b) Storage Area Network
c) Multiple storage devices connected through LAN network.
d) b & c
d
NAS is :
a) Array of storages connected through the NAS device and have access to the network
b) Network Area Storage
c) Multiple storage devices connected through LAN network.
d) Virtual storage network
a
All the following are IT resources can be virtualized except:
a) Printers
b) Routers
c) Monitors
d) None of the above
d
Guest operating system in virtualization technology is
a) The hypervisor OS
b) The virtualized machine OS
c) The virtual machine OS
d) The virtualization manager
b
Which of the following is advantage of the virtualization technology
a) Virtual machine mobility
b) Easy and automated VMs administration
c) Increase hardware utilization
d) All of the above
d
Which of the following is not part of the Operating System-Based Virtualization
a) Virtual machines
b) Virtual networks
c) Physical routers
d) Hypervisors
c
Hypervisor advantage over the OS-Based Virtualization is
a) Advanced administrative features.
b) More compatible to physical servers
c) More efficient.
d) More scalable
c
Which is the following is not a concern for the virtualization technology.
a) Performance overhead of the guest Virtual OS
b) Performance overhead of the Host OS
c) Compatibility between the hypervisors and hardware.
d) Lack of portability of virtualization management
a
what are web resources?
artifacts that can be accessed over the world wide web
what are the two basic components of the world wide web?
web browser client and web server
what are the three layers of a web application?
- presentation layer
- application layer
- data layer
TF: tenants in multi-tenant application have access to application data and configuration information
F - only their own data and no configuration information
Define the following characteristics of multitenant applications:
- usage isolation
- data security
- recovery
– The usage behavior of one tenant does not affect the application availability and performance of other tenants.
– Tenants cannot access data that belongs to other tenants.
– Backup and restore procedures are separately executed for the data of
each tenant.
Define the following characteristics of multitenant applications: - application upgrades § Scalability tenants. § Metered Usage § Data Tier Isolation
- individual tenant usage does not effect other tenants
- tenants can’t access data of other tenants
- backup and restore can be executed for the data of each individual tenant
- tenants can have individual databases
what is the difference between virtualization and multitenancy
virtualization - multiple copies of the server environment can be hosted by a single physical server
multitenancy - a physicla OR virtual server hosting an application that is designed to allow usage by multiple users
what sort of interaction do web based services provide?
machine to machine
what are SOAP based web services?
simple object access protocol
- a common messaging format for request and response messages
what is REST API?
a design for loosely coupled application that use the HTTP protocol to transfer data (representational state transfer)
what are the REST services architecture constraints?
uniform interface - all client requests should look the same
client server separation - the client and the server should act independently
statelessness - each request should contain all the info the server needs to know
cacheable resources - server responses should contain information on whether the information is cacheable or not
layered system - layers should not effect requests or responses
code on demand - a response can include code that the client can execute
SOAP vs REST: design
standardized protocol with predefined rules vs architecture style with loose recommendations
SOAP vs REST: approach
function driven vs data driven
SOAP vs REST: statefulness
stateless by default but can be stateful vs always stateless
SOAP vs REST: caching
API calls cannot be cached vs API calls can be cached
SOAP vs REST: security
WS/SSL vs HTTPS/SSL
SOAP vs REST: performance
more resources vs less resources
SOAP vs REST: message format
XML vs lots of formats
SOAP vs REST: transfer protocols
lots of protocols vs HTTP only
SOAP vs REST: best for
enterprise apps, high security apps vs public API’s, social networks
SOAP vs REST: advantages
high security, standardized vs scalable, better performance, flexibility
SOAP vs REST: disadvantages
poorer performance, more complex, less flexible vs less security, not suitable for distributed environments
what are service agents?
event-driven programs designed to intercept messages at runtime
what do cloud based services rely on service agents for?
monitoring and measuring during runtime
what is the difference between an active and a passive service agent?
active - changes the message contents
passive - reads and records message contents but makes no changes
what does service middleware accomodate?
complex service compositions
what are the two types of service middleware platforms
enterprise service bus - intermediary processing features
orchestration platform - hosts and executes workflow logic
Which of the following is NOT an element of the web technology
a) Web communication protocol
b) Web Representational language
c) Web browsers
d) Web resource identifier
c
All the following are a typical web application tasks except
1) Retrieving the data from the data storage upon user request.
2) Execute the application logics.
3) Respond to the client request.
4) Represent the response for the client.
4
Multitenancy is different than virtualization in following
a) It can be applied in software only
b) It allows different users to use the IT-resource
c) It can be applied in virtual servers only
d) It can be applied in physical servers only
a
SOAP service should be discoverable by
a) Following SOAP message format to search for the service
b) Developing the Service description using XML schema
c) Using java language in the implementation
d) Developing Statefulness service
b
REST service response message should
a) Be encoded only in JSON format
b) Include a flag to indicate if the data is cashable or not
c) Include a code to be executed in the client side
d) Has no body
b
Why REST service technology is not adequate for distributed environments
a) Support limited security protocols
b) Support limited transfer protocols
c) Support Limited message format
d) All of the above
d
Statefulness service should
a) Allow save information about the client request at the server side
b) Respond to service based on the client request and client previous status
c) Allows session between client and servers
d) Respond to service based on the client request only
a
§ Stateful service should
a) Allows save information about the client request at the server side
b) Responds to service based on the client request and previous client status
c) Allows session between client and servers
d) All of the above
d
The advantage of the SOAP services over the REST services is
a) Better Performance
b) Security
c) Scalability
d) All of the above
b
The advantage of the REST services over the SOAP services
a) Better Performance
b) Flexibly to develop and design
c) Scalability
d) All of the above
d
cloud service broker platform is type
a) ESB platform
b) middleware orchestration platform
c) SOAP platform
d) None of the above
a
A service intercept a message and send it back to different destination , is type of
a) Active agent
b) Passive agent
c) Middleware service
d) REST service
a/c?
What is the main characteristic of the tire 3 infrastructure data centers
a) Have single configuration for all the data center components
b) Have redundant configuration for all the data center components except the
power supply
c) Have redundant configuration for all the data center components
d) Have redundant configuration for servers and storages only
c
who is responsible for ensuring the availability of cloud services?
the provider and the carrier
what are security controls?
counter measures used to respond to security threats and reduce or avoid risk
what are security mechanisms?
a defensive framework put in place to protect IT resources
what is a cloud security policy?
the defined positioning and usage of security controls and mechanisms
what is a threat agent?
an entity that is capable of carrying out an attack
what is a malicious service agent?
an entity that can intercept and forward network traffic that flows within a cloud
can exist as an external program
what is a trusted attacker?
an entity that launches attacks within the trust boundary
usually appears to be a legitimate user that is sharing IT resources within the cloud
what is a malicious insider?
a human attacker that have privileged access to the cloud
what is traffic eavesdropping and what does it compromise?
passively intercepting messages
comprises confidentiality
what is a malicious intermediary and what does it compromise?
intercept and alters messages
comprises confidentiality and integrity
what is a denial of service attack?
attacker overloads IT resources until they don’t function properly anymore
what is insufficient authorization?
when attacker is granted direct access to IT resources
what is a virtualization attack and what does it comprimise?
an attack that exploits vulnerabilities in virtualized environment
compromises confidentiality, integrity, availability and underlying physical infrastructure
what is the problem with overlapping trust boundaries?
malicious cloud consumers can target shared IT resources within the same trust boundaries impacting their performance relative to other users
what are security brokers?
entity with distinct set of security policies3
with regard to what 2 measures are security risk evaluated?
probability of occurrence and degree of impact
Unauthorized cloud consumer intercept a message have been sent to a cloud and
change the destination to other cloud this will be violation for
1. Integrity
2. Authenticity
3. Confidentiality
4. All of the above
4
