chapter 2 Flashcards
What is the primary responsibility of a cloud provider?
A cloud provider is responsible for making cloud services available to cloud consumers, as per agreed upon SLA
Define a cloud consumer.
A cloud consumer is an organization or individual that has a formal contract with a cloud provider to use IT resources made available by the cloud provider.
What role does a cloud broker play in cloud computing?
A cloud broker negotiates, manages, and operates cloud services on behalf of a cloud consumer. They provide mediation services between cloud consumers and cloud providers.
Who is a cloud service owner?
A cloud service owner is the person or organization that legally owns a cloud service [ externally accessible IT resources that reside in a cloud ]
Who can be a cloud service owner in a third-party cloud?
Either the cloud consumer that develops and deploys the service or the
cloud provider that hosts the service can be the cloud service owner in a third-party cloud.
What does a cloud resource administrator do?
A cloud resource administrator is responsible for administering a cloud-based IT resource, which can include cloud services. They can belong to the cloud consumer, cloud provider, or a third-party organization contracted to administer the resource.
when does A cloud provider become a cloud service owner
when it deploys its own cloud service, typically for other cloud consumers to use.
What distinguishes a cloud service owner from a cloud resource owner?
A cloud service owner owns the cloud service, which is an externally accessible IT resource in the cloud.
while a cloud resource owner may own any IT resource, not necessarily accessible as a cloud service.
cloud service owner vs cloud resource administrator
The service owner oversees the entire service lifecycle, while the resource administrator focuses on managing specific cloud resources.
Describe the role of a cloud auditor.
A cloud auditor is a third-party, often accredited, that conducts independent assessments of cloud environments.
including:
evaluating security controls,
privacy impacts, and
performance.
what is The reason a cloud resource administrator is not referred to as a “cloud service administrator”
A cloud resource administrator may manage any cloud-based IT resource, not limited to cloud services, while a cloud service administrator specifically manages cloud services.
Describe the role of a cloud auditor.
A cloud auditor is a third-party, often accredited, that conducts independent assessments of cloud environments, including evaluating security controls, privacy impacts, and performance.
What supplementary roles does The NIST Cloud Computing Reference Architecture define?
cloud auditor
cloud carrier
What is the responsibility of a cloud carrier?
A cloud carrier provides the wire-level connectivity between cloud consumers and cloud providers, often assumed by network and telecommunication providers.
Explain the concept of an organizational boundary in cloud computing.
An organizational boundary represents the physical perimeter surrounding a set of IT resources owned by an organization.
It does not represent the boundary of an actual organization but rather a set of IT assets and resources.
What is a trust boundary in cloud environments?
A trust boundary is a logical perimeter that extends beyond physical boundaries to represent the extent to which IT resources of a cloud provider are trusted by an organization acting as the cloud consumer.
List common cloud environments characteristics:
on-demand usage
ubiquitous access
multi-tenancy (and resource pooling)
elasticity
measured usage
resiliency
What does on-demand usage mean in cloud computing?
On-demand usage allows cloud consumers to access cloud-based IT resources when they want to.
enabling self-provisioning and automated usage
Define ubiquitous access in the context of cloud services.
the ability for a cloud service to be widely accessible across a range of devices, transport protocols, interfaces, and security technologies.
Explain multitenancy in cloud computing.
Multi-tenancy is a software architecture that allows a single instance of a software application to serve multiple customers (tenants), each isolated from the other.