Domain 1

Question 1

Risk reduction

Answer 1

Users can use the cloud to test ideas and concepts before making major investments in technology.

Question 2

Scalability

Answer 2

Users have access to a large number of resources that scale based on user demand

Question 3

Elasticity

Answer 3

The environment transparently manages a user’s resource utilization based on dynamically changing needs.

Question 4

Virtualization

Answer 4

Each user has a single view of the available resources, independent of their arrangement in terms of physical devices.

Question 5

Cost

Answer 5

The pay-per-usage model allows an organization to pay only for the resources it needs with basically no investment in the physical resources available in the cloud. There are no infrastructure maintenance or upgrade costs.

Question 6

Mobility

Answer 6

Users can access data and applications from around the globe

Question 7

Collaboration and innovation

Answer 7

Users are starting to see the cloud as a way to work simultaneously on common data and information

Question 8

Anything as a service (XaaS):

Answer 8

The growing diversity of services available over the Internet via cloud computing as opposed to being provided locally or on premises.

Question 9

Apache CloudStack

Answer 9

An open source cloud computing and IaaS platform developed to help make creating, deploying, and managing cloud services easier by providing a complete stack of features and components for cloud environments

Question 10

Business continuity

Answer 10

The capability of the organization to continue delivery of products or services at acceptable predefined levels following a loss of service.

Question 11

Business continuity management:

Answer 11

A holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause. It provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand, and value-creating activities.

Question 12

Business continuity plan:

Answer 12

The creation of a strategy through the recognition of threats and risks facing a company, with an eye to ensure that personnel and assets are protected and able to function in the event of a disaster.

Question 13

Cloud app:

Answer 13

Short for cloud application, cloud app describes a software application that is never installed on a local computer. Instead, it is accessed via the Internet.

Question 14

Cloud Application Management for Platforms (CAMP):

Answer 14

CAMP is a specification designed to ease management of applications—including packaging and deployment—across public and private cloud computing platforms.

Question 15

Cloud backup:

Answer 15

Cloud backup, or cloud computer backup, refers to backing up data to a remote, cloud-based server. As a form of cloud storage, cloud backup data is stored in and accessible from multiple distributed and connected resources that comprise a cloud.

Question 16

Cloud backup solutions:

Answer 16

Cloud backup solutions enable enterprises or individuals to store their data and computer files on the Internet using a storage service provider rather than storing the data locally on a physical disk, such as a hard drive or tape backup.

Question 17

Cloud computing:

Answer 17

A type of computing, comparable to grid computing, that relies on sharing computing resources and using a network of remote servers to store, manage, and process data instead of using a local server or a personal computer

Question 18

Cloud computing accounting software:

Answer 18

Cloud computing accounting software is accounting software that is hosted on remote servers. It provides accounting capabilities to businesses in a fashion similar to the SaaS business model. Data is sent into the cloud, where it is processed and returned to the user. All application functions are performed offsite, not on the user’s desktop.

Question 19

Cloud database:

Answer 19

A database accessible to clients from the cloud and delivered to users on demand via the Internet. Also referred to as database as a service (DBaaS), cloud databases can use cloud computing to achieve optimized scaling, high availability, multitenancy, and effective resource allocation.

Question 20

Cloud enablement:

Answer 20

The process of making available one or more of the following services and infrastructures to create a public cloud computing environment: CSP, client, and application.

Question 21

Cloud management:

Answer 21

Software and technologies designed for operating and monitoring the applications, data, and services residing in the cloud. Cloud management tools help ensure a company’s cloud computing–based resources are working optimally and properly interacting with users and other services.

Question 22

Cloud migration:

Answer 22

The process of transitioning all or part of a company’s data, applications, and services from onsite premises behind the firewall to the cloud, where the information can be provided over the Internet on an on-demand basis

Question 23

Cloud OS:

Answer 23

A phrase frequently used in place of PaaS to denote an association to cloud computing

Question 24

Cloud portability:

Answer 24

In cloud computing terminology, this refers to the ability to move applications and their associated data between one CSP and another—or between public and private cloud environments.

Question 25

Cloud provisioning:

Answer 25

The deployment of a company’s cloud computing strategy, which typically first involves selecting which applications and services will reside in the public cloud and which will remain onsite behind the firewall or in the private cloud. Cloud provisioning also entails developing the processes for interfacing with the cloud’s applications and services as well as auditing and monitoring who accesses and utilizes the resources.

Question 26

Cloud server hosting:

Answer 26

A type of hosting in which hosting services are made available to customers on demand via the Internet. Rather than being provided by a single server or virtual server, cloud server hosting services are provided by multiple connected servers that comprise a cloud.

Question 27

Cloud storage:

Answer 27

The storage of data online in the cloud, whereby a company’s data is stored in and accessible from multiple distributed and connected resources that comprise a cloud.

Question 28

Cloud testing:

Answer 28

Load and performance testing conducted on the applications and services provided via cloud computing—particularly the capability to access these services—to ensure optimal performance and scalability under a variety of conditions.

Question 29

Desktop as a service:

Answer 29

A form of virtual desktop infrastructure (VDI) in which the VDI is outsourced and handled by a third party. Also called hosted desktop services, desktop as a service is frequently delivered as a cloud service along with the apps needed for use on the virtual desktop.

Question 30

Enterprise application:

Answer 30

Describes applications—or software—that a business uses to assist the organization in solving enterprise problems. When the word enterprise is combined with application, it usually refers to a software platform that is too large and complex for individual or small business use.

Question 31

Enterprise cloud backup:

Answer 31

Enterprise-grade cloud backup solutions typically add essential features such as archiving and disaster recovery (DR) to cloud backup solutions

Question 32

Eucalyptus:

Answer 32

An open source cloud computing and IaaS platform for enabling AWS-compatible private and hybrid clouds

Question 33

Event:

Answer 33

A change of state that has significance for the management of an IT service or other configuration item. The term can also be used to mean an alert or notification created by an IT service, configuration item, or monitoring tool. Events often require IT operations staff to take actions and lead to incidents being logged.

Question 34

Host:

Answer 34

A device providing a service.

Question 35

Hybrid cloud storage:

Answer 35

A combination of public cloud storage and private cloud storage in which some critical data resides in the enterprise’s private cloud and other data is stored and accessible from a public cloud storage provider.

Question 36

IaaS:

Answer 36

IaaS is defined as computer infrastructure, such as virtualization, being delivered as a service. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used—compared with the traditional method of buying software and servers outright.

Question 37

Incident:

Answer 37

An unplanned interruption to an IT service or reduction in the quality of an IT service.

Question 38

Managed service provider:

Answer 38

An IT service provider in which the customer dictates both the technology and the operational procedures.

Question 39

Mean time between failure (MTBF):

Answer 39

The measure of the average time between failures of a specific component or part of a system.

Question 40

Mean time to repair (MTTR):

Answer 40

The measure of the average time it should take to repair a failed component or part of a system.

Question 41

Mobile cloud storage:

Answer 41

A form of cloud storage that applies to storing an individual’s mobile device data in the cloud and providing the individual with access to the data from anywhere.

Question 42

Multitenant:

Answer 42

In cloud computing, multitenant is the phrase used to describe multiple customers using the same public cloud.

Question 43

Node:

Answer 43

A physical connection.

Question 44

Online backup:

Answer 44

In storage technology, online backup means to back up data from your hard drive to a remote server or computer using a network connection. Online backup technology leverages the Internet and cloud computing to create an attractive offsite storage solution with few hardware requirements for any business of any size.

Question 45

PaaS:

Answer 45

The process of deploying onto the cloud infrastructure consumer-created or acquired applications that are created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems (OSs), or storage but has control over the deployed applications and possibly the configuration settings for the application-hosting environment.

Question 46

Personal cloud storage:

Answer 46

A form of cloud storage that applies to storing an individual’s data in the cloud and providing the individual with access to the data from anywhere. Personal cloud storage also often enables syncing and sharing stored data across multiple devices such as mobile phones and tablet computers.

Question 47

Private cloud:

Answer 47

Describes a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. A private cloud is designed to offer the same features and benefits of cloud systems but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance

Question 48

Private cloud project:

Answer 48

Companies initiate private cloud projects to enable their IT infrastructure to become more capable of quickly adapting to continually evolving business needs and requirements. Private cloud projects can also be connected to public clouds to create hybrid clouds.

Question 49

Private cloud security:

Answer 49

A private cloud implementation aims to avoid many of the objections regarding cloud computing security. Because a private cloud setup is implemented safely within the corporate firewall, it remains under the control of the IT department.

Question 50

Private cloud storage:

Answer 50

A form of cloud storage in which both the enterprise data and the cloud storage resources reside within the enterprise’s data center and behind the firewall.

Question 51

Problem:

Answer 51

The unknown cause of one or more incidents, often identified as a result of multiple similar incidents.

Question 52

Public cloud storage:

Answer 52

A form of cloud storage in which the enterprise and storage service provider are separate and the data is stored outside of the enterprise’s data center.

Question 53

Recovery point objective (RPO):

Answer 53

The RPO helps determine how much information must be recovered and restored. Another way of looking at the RPO is to ask yourself, “How much data can the company afford to lose?”

Question 54

Recovery time objective (RTO):

Answer 54

A time measure of how fast you need each system to be up and running in the event of a disaster or critical failure.

Question 55

SaaS:

Answer 55

A software delivery method that provides access to software and its functions remotely as a web-based service. SaaS allows organizations to access business functionality at a cost typically less than paying for licensed applications since SaaS pricing is based on a monthly fee.

Question 56

Storage cloud:

Answer 56

Refers to the collection of multiple distributed and connected resources responsible for storing and managing data online in the cloud.

Question 56

Vertical cloud computing:

Answer 56

Describes the optimization of cloud computing and cloud services for a particular vertical (for example, a specific industry) or specificuse application

Question 57

Virtual host

Answer 57

A software implementation of a physical host

Question 58

Cloud backup service provider:

Answer 58

A third-party entity that manages and holds operational responsibilities for cloud-based data backup services and solutions to customers from a central data center

Question 59

Cloud computing reseller:

Answer 59

A company that purchases hosting services from a cloud server hosting or cloud computing provider and then resells them to its own customers.

Question 60

Cloud customer:

Answer 60

An individual or entity that utilizes or subscribes to cloud-based services or resources

Question 61

Cloud service auditor:

Answer 61

A third-party organization that verifies attainment of service-level agreements (SLAs).

Question 62

Cloud services brokerage (CSB):

Answer 62

Typically a third-party entity or company that looks to extend or enhance value to multiple customers of cloud-based services through relationships with multiple CSPs. It acts as a liaison between cloud services customers and CSPs, selecting the best provider for each customer and monitoring the services. The CSB can be utilized as a middleman to broker the best deal and customize services to the customer’s requirements. The CSB may also resell cloud services.

Question 63

CSP:

Answer 63

A company that provides cloud-based platform, infrastructure, application, or storage services to other organizations or individuals, usually for a fee; otherwise known to clients “as a service.”

Question 64

Cloud administrator:

Answer 64

This individual is typically responsible for the implementation, monitoring, and maintenance of the cloud within the organization or on behalf of an organization (acting as a third party). Most notably, this role involves the implementation of policies, permissions, access to resources, and so on. The cloud administrator works directly with system, network, and cloud storage administrators

Question 65

Cloud application architect:

Answer 65

This person is typically responsible for adapting, porting, or deploying an application to a target cloud environment.

Question 66

Cloud architect:

Answer 66

This role determines when and how a private cloud meets the policies and needs of an organization’s strategic goals and contractual requirements from a technical perspective

Question 67

Cloud data architect:

Answer 67

This individual is similar to the cloud architect. The data architect’s role is to ensure the various storage types and mechanisms utilized within the cloud environment meet and conform to the relevant SLAs and that the storage components are functioning according to their specified requirements

Question 68

Cloud developer:

Answer 68

This person focuses on development for the cloud infrastructure itself.

Question 69

Cloud operator:

Answer 69

This individual is responsible for daily operational tasks and duties that focus on cloud maintenance and monitoring activities.

Question 70

Cloud service manager:

Answer 70

This person is typically responsible for policy design, business agreement, pricing model, and some elements of the SLA (not necessarily the legal components or amendments that require contractual amendments).

Question 71

Cloud storage administrator:

Answer 71

This role focuses on the mapping, segregations, bandwidth, and reliability of storage volumes assigned.

Question 72

Remote Key Management Service (KMS)

Answer 72

This is where the customer maintains the KMS on-premises. Ideally, the customer will own, operate, and maintain the KMS.

Question 73

Client-Side Key Management:

Answer 73

Similarly to the remote KMS approach, the client-side approach looks to put the customer or cloud user in complete control of the encryption and decryption keys.

Question 74

Type 1 hypervisor:

Answer 74

Type 1 hypervisors as those running directly on the hardware with VM (guest operating system) resources provided by the hypervisor. These are also referred to as bare metal hypervisors.

Question 75

Type 2 hypervisor:

Answer 75

Type 2 hypervisors run on a host OS to provide virtualization services. Examples of Type 2 are VMware Workstation and Virtual Box.

Question 76

Type 1 security

Answer 76

Type 1 hypervisors significantly reduce the attack surface over Type 2 hypervisors.

Question 77

Type 2 security:

Answer 77

Because Type 2 hypervisors are OS based, they are more attractive to attackers, given that there are far more vulnerabilities associated with the OS as well as other applications that reside within the OS layer

Question 78

Due diligence

Answer 78

is the act of investigating and understanding the risks a company faces

Question 79

Due care

Answer 79

is the development and implementation of policies and procedures to aid in protecting the company, its assets, and its people from threats.

Question 80

VM attacks:

Answer 80

Cloud servers contain tens of VMs. These VMs may be active or offline and, regardless of state, are susceptible to attacks. Active VMs are vulnerable to all traditional attacks that can affect physical servers

Question 81

Virtual network

Answer 81

The virtual network contains the virtual switch software that controls the movement of traffic between the virtual network interface cards (NICs) of the installed VMs and the physical NICs of the host.

Question 82

Hypervisor attacks:

Answer 82

Malicious hackers consider the hypervisor a potential target because of the greater control afforded by lower layers in the system. Compromising the hypervisor enables control over the installed VMs, the physical system, and the hosted applications

Question 83

VM-based rootkits (VMBRs)

Answer 83

These rootkits act by inserting a malicious hypervisor on the fly or modifying the installed hypervisor to gain control over the host workload.

Question 84

Virtual switch attacks:

Answer 84

The virtual switch is vulnerable to a wide range of layer II attacks such as manipulation or modification of the virtual switch’s configuration, VLANs and trust zones, and ARP tables

Question 85

DoS attacks:

Answer 85

DoS attacks in a virtual environment form a critical threat to VMs, along with all other dependent and associated services.

Question 86

Colocation:

Answer 86

Multiple VMs residing on a single server and sharing the same resources increase the attack surface and the risk of VM-to-VM or VM-tohypervisor compromise. On the other hand, when a physical server is off, it is safe from attacks. However, when a VM comes offline, it is still available as VM image files that are susceptible to malware infections and patching.

Question 87

Multitenancy:

Answer 87

By design, different users within a cloud share the same applications and the physical hardware to run their VMs. As a result, information leakage as well as an increase in the attack surface and the risk of VM-to-VM or VM-tohypervisor compromise can occur.

Question 88

Loss of control

Answer 88

Users are typically not aware of the location of their data and services, whereas the CSPs host and run VMs without being aware of their contents.

Question 89

Network topology:

Answer 89

Cloud architecture is dynamic due to the fact that existing workloads change over time because of the creation and removal of VMs. In addition, the abilities of VMs to migrate from one host to another leads to the rise of nonpredefined network topologies.

Question 90

Logical network segmentation:

Answer 90

Within IaaS, the requirement for isolation alongside the hypervisor remains a key and fundamental activity to reduce external sniffing, monitoring, and interception of communications and others within the relevant segments.

Question 91

No physical endpoints:

Answer 91

Due to server and network virtualization, the number of physical endpoints (such as switches, servers, and NICs) is reduced. These physical endpoints are traditionally used in defining, managing, and protecting IT assets

Question 92

Single point of access (SPOA) or SPOF:

Answer 92

Hosts have a limited number of access points (NICs) available to all VMs

Question 93

Key components of user access manangement

Answer 93

Intelligence:

Administration:

Authentication

Authorization

Question 95

Middleware

Answer 95

software that lies between an operating system and the applications running on it. API

s