IT Infrastructure Flashcards
What are the 3 primary service models for Cloud Service Provides (CSPs)?
“IaaS - Infrastructure as a Service
PaaS - Platform as a Service
SaaS - Software as a Service”
What are the differences between the CSP models?
SaaS - Hosted Apps, DB and Analytics tools, Operating Systems, Servers and storage, Networks and Security, and Infrastructure facility.
PaaS - minus Hosted Apps - all others
IaaS - Only Servers 7 Storage, Networks & Security, and Infrastructure facility.
What is a Pubic Cloud model and why is it advantageous?
Multiple users share access to a 3rd party’s computing architecture. Multienancy results in lower costs, scalability, and efficiency. Increased risk of data leakage. Start Ups would liley use this model.
What is considered Tech Debt?
Heavily customized enterprise resource planning systems.
What is an Internet of Things Sensor and what is it’s purpose?
It is an endpoint device that can be used for collection data about environmental conditions. For example, server room temperature, humidity, smoke and flooding. It can sound an alarm and also collect data for analysis and to find ways to improve performance.
What does the Governance & Culture component of COSO ERM for Cloud Computing do?
Its focus is to set the tone at the top to ensure cloud strategies are aligned with the company’s values, including its risk appetite for migration to the cloud. A cloud computing steering committee helps definte these areas with participation from all relevant personnel.
What is a Community Cloud model?
Cloud computing model for companies with a common purpose. Eg. Health care providers sharing patient information. PENN and MLH in Epic
What risk factors should a company consider when evaluating a cloud service provider?
The provider’s 3rd party suppliers, muti-tenant architecture, and cloud of cloud agreements. Vertical scalability does not impact cloud computing risk.
What cloud model contains the highest inherent risk to an organization?
Less Direct Control (low to high control) - IaaS, PaaS, SaaS (e.g., Delivery Models).
Less Direct Control (low to high control) - Private, Hybrid, Public.
What is the objective of the IT architecture functional risk area?
To ensure that IT systems can support operational, reporting, and compliance objectives.
In a SaaS mode, who owns the Security?
Both the customer and the vendor
What is a tool that controls the flow of data into and out of an information system at network entry points?
A firewall
What is a network switch?
It connects the devices (desktop computers, printers) within a single network and allows for the exchange of data within the network.
What is meant by Virtualization?
It enables multiple virtual servers with independent operating systems and workloads to efficiently share the same physical server hardware resources.
What is a wireless access point?
It is a type of networking equipment that enables devices to connect to a network wirelessly.
