Chapter 1 - Architectural Concepts Flashcards

1
Q

BIA (Business Impact Analysis)

A

an assessment of the priorities given to each asset and process within the organization; analysis considers the effect (impact) any hard or loss might mean to the organization overall; identify critical paths and single points of failure; determine costs of compliance (legislative and contractual requirements mandated)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Metered service

A

the organization only pays for what it uses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Rapid Elasticity

A

excess capacity available to be apportioned to cloud customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cloud bursting

A

organizations to use hosted cloud service to augment internal, private data center capabilities with managed services during times of increase demand; an org can rent the additional capacity as needed from an external cloud provider (crisis situation, heavy holiday shopping periods); rapid scalability allows customer to dictate the volume of resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cloud service benefits

A

reduction in personnel cost (data management); reduction in capital expenditure (metered service, rapid elasticity, cloud bursting); reduction in operational costs; transferring some regulatory costs; reduction in costs for data archival/backup services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ROI (Return on Investment)

A

term related to cost-benefit measures; used to describe a profitability ratio; calculated by dividing net profits by net assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Elasticity

A

customers can contract cloud providers to use virtualization to flexibly allocate only the needed usage of each resource to the organization, while holding costs while maintaining profitability; allow users to access their data from diverse platforms and locations, increasing portability, accessibility, and availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Simplicity

A

allow a user to seamlessly use the service without frequently interacting with the cloud service provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Scalability

A

Increasing/reducing services can be easily, quickly, and cost-effectively accomplished

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IaaS (Infrastructure as a Service)

A

most basic service; allows customer to install all software and OSs on hardware housed and connected by the cloud vendor; can be considered a warm site for BC/DR purposes; optimal for orgs wanting control over the security of their data and limited cloud vendor assistance (BC/DR or archiving); least expensive option; customer retain IT staffing

When to use: website or application hosting; virtual data centers; data analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PaaS (Platform as a Service)

A

includes services from IaaS and OSs (offers a selection for customers to use, Windows, Linux, Mac, etc.); vendor is responsible for patching, administering, and updating the OS; customer can install any software; useful for customers involved in software development (they can test on multiple OS platforms); includes cloud-based database engines and services “big data” style services (data warehousing and datamining); provider offers access to back-end engine/functionality, while customer can create/install apps/APIs to access the backend

When to use: reduce development time; support for different programming languages; easy collaboration for remote/distributed teams; high development capabilities w/o additional staff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Unstructured Data Types

A

qualitative data; natural-language text; incorporate media (audio, video, images); contains JSON, XML, binary objects (images encoded as text strings); important for data analytic strategies; noSQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Structured Data Types

A

quantitative data; organized and decipherable by machine learning algorithms; SQL (relational) can be used to quickly input, search, and manipulate data; used by machine learning algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SaaS (Software as a Service)

A

includes everything from IaaS and PaaS with the addition of software programs; vendor is responsible for administering, patching, and updating everything, also takes care of all infrastructure, compute, and storage needs as well as providing OSs and application; customer is only involved in uploading and processing data on a full production environment; application is a shared responsibility of all parties

When to use: (Personal) email services (gmail), cloud storage services (Dropbox), cloud-based file management (Google Docs); (Business) gmail, collaboration tools (Trello), CRM (Salfesforce), ERP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Public Cloud

A

resources are owned and operated by a vendor and sold, leased, or rented to anyone; multitenant environments; multiple customers will share resources; EX: customer might be using a AM that resides on the same hardware that hosts another VM as their competitor, but they do not know the entities using the same resources; Rackspace, Microsoft’s Azure, and AWS (Amazon Web Services)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Private Cloud

A

resources dedicated to a single customer; might be owned and maintained by the entity that is the sole customer (org might own and operate a data center that serves as the cloud environment for the org’s users); might be a set of resources (racks, blades, software packages) owned by the single customer but located and maintained at provider’s data center; provider might offer physical security, admin services, and utilities (power, Internet) for customers (referred to as co-lo (co-located) environment)

17
Q

Community Cloud

A

features infrastructure and processing owned and operated by/for an affinity group; orgs come together to perform joint tasks and functions; gaming communities, ownership is spread throughout the various members of the community; can be provisioned by a third party (FedRAMP service – only used by US federal gov)

18
Q

Hybrid Cloud

A

contains elements of other models; org might want to retain some private cloud resources (remote user access) but lease some public cloud space (PaaS function for software development/testing)

19
Q

Cloud Broker

A

company that purchases hosting services from a provider and resells them to its own customers

20
Q

CASB (Cloud Access Security Broker)

A

third-party entity offering independent IAM (identity and access management) services to CSPs and cloud customers; can be SSO, certificate management, and cryptographic key escrow

21
Q

Regulators

A

ensure orgs are incompliance with regulatory framework for which they are responsible for; HIPAA, GLBA, PCI DSS, ISO, SOX, etc.; regulators include FTC, SEC, and auditors

22
Q

Cost-Benefit Analysis

A

comparing potential positive impact (profit, efficiency, market share) of a business decision to potential negative impact (expense, detriment to production, risk) and weighing the two as equivalent or not (potential positive/negative)

23
Q

FIPS 140-2

A

NIST document that describes the process for accrediting and cryptosystems for use by the federal government; lists only approved cryptographic tools

24
Q

NIST 800-53

A

guidance document with primary goal of ensuring appropriate security requirements and controls are applied to all US federal government information in management systems

25
TCI (Trusted Cloud Initiative) Reference Model
guide for cloud providers, allowing them to create a holistic architecture that customers can purchase (including physical/logical layout of network and processes necessary to utilize both)
26
Vendor Lock-In
situation where a customer is unable to leave, migrate, retrieve, or transfer data to an alternate provider due to technical/nontechnical constraints; use portability for a level of ease when transporting data, ensure contract states so, avoid proprietary formats (requires specific software to read data), check for regulatory constraints; detrimental contract terms or technical limitations
27
Vendor Lock-Out
when a customer is unable to recover/access their own data due to provider going into bankruptcy or leaving the market
28
Blockchain
open means of conveying value using encryption technologies/algorithms (cryptocurrency); transactional ledger where all participants can view every transaction, making it extremely difficult to negatively affect the integrity of past transactions; each record (block) is distributed among all participants in a distributed or cloud-based manner
29
Containers
logical segmentation of memory space in a device, creating two or more abstract areas that cannot interface directly; commonly used in BYOD environment; distinguish two distinct partitions (one for work functions/data and other for personal functions/data)
30
Quantum Computing
emerging technology that allow IT systems to operate beyond binary math; instead of using the presence of electrons for calculations (electrons is either present/not present), quantum computing may use subatomic characteristics (electron spin, charm, etc.) to offer computing on exponentially larger scale
31
Homomorphic Encryption
theoretical phenomenon that allow processing of encrypted material without needing to first decrypt it; can allow cloud customers to upload encrypted data and still utilize data without sharing keys with provider or having to accommodate decryption as part of the process
32
STRIDE Threat Model
Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of Privilege
33
Apache cloud stack
open source cloud computing software for creating, managing, and deploying infrastructure cloud services; uses existing hypervisor platforms
34
Business Requirement
operational driver for decision-making and input for risk management