Review - Section 4 and 5

Question 1

Cloud Computing

Answer 1

A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Question 2

Broad Network Access

Answer 2

Computing capabilities are available over the network.

Question 3

Resource Pooling

Answer 3

Provider’s computing resources are pooled to serve multiple consumers using a multitenant model.

Question 4

Rapid Elasticity

Answer 4

Computing capabilities can be elastically provisioned and released. Computing capabilities are scaled rapidly, commensurate with consumer’s demand.

Question 5

Measured Service

Answer 5

Cloud computing provides a metering system that continuously monitors resource consumption and generated reports.

Question 6

Infrastructure-as-a-Service (IaaS)

Answer 6

Capability provided to provision processing, storage, networks, and other fundamental computing resources.

Question 7

Platform-as-a-Service (PaaS)

Answer 7

Capability provided to deploy onto the cloud infrastructure consumer-created/acquired applications created using programming languages, libraries, services, and tools supported by the provider.

Question 8

Software-as-a-Service (SaaS)

Answer 8

Capability provided to use the provider’s applications running on a cloud infrastructure.

Question 9

Public Cloud Model

Answer 9

The cloud infrastructure is provisioned for open use by the general public.

Question 10

Private Cloud

Answer 10

The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers. Two variations of private cloud: on-premise, externally hosted.

Question 11

On-Premise Private Cloud

Answer 11

Aka internal cloud; hosted by an organization within its own data centers.

Question 12

Externally Hosted Private Cloud

Answer 12

Hosted external to an organization and is managed by a third-party organization.

Question 13

Community Cloud

Answer 13

The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns.

Question 14

Hybrid Cloud

Answer 14

The cloud infrastructure is a composition of two or more distinct cloud infrastructures that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.

Question 15

Storage Security

Answer 15

• Process of applying information security principles and practices within the domain of storage network technologies
• Focuses on securing access to information by implementing safeguards or controls

Question 16

Information Security Framework

Answer 16

Built to achieve four security goals:
○ Confidentiality
○ Integrity
○ Availability
○ Accountability

Question 17

Risk Triad

Answer 17

Defines risk in terms of threats, assets, and vulnerabilities.

Question 18

Assets

Answer 18

• Information is the most important asset

* Others include: hardware, software, and network infrastructure

Question 19

Threats

Answer 19

• Potential attacks that can be carried out on an IT infrastructure.
• Can be classified as active or passive

Question 20

Passive Attacks

Answer 20

• Attempts to gain unauthorized access into the system

* Threats to confidentiality of information

Question 21

Active Attacks

Answer 21

• Data modification and DoS attacks

* Threats to data integrity and availability

Question 22

Defense in Depth

Answer 22

Implementing security controls at each access point of every access path.

Question 23

Attack surface

Answer 23

The various entry points that an attacker can use to launch an attack.

Question 24

Attack vector

Answer 24

A step or series of steps necessary to complete an attack.

Question 25

Work factor

Answer 25

The amount of time and effort required to exploit an attack vector.

Question 26

Control Measure Types

Answer 26

Technical, Non-technical

Question 27

Control Measure Categories

Answer 27

Preventive, Corrective, Detective

Question 28

Storage Security Domains

Answer 28

• Application access
• Management access
• Backup, replication, and archive

Question 29

Storage Infrastructure Management

Answer 29

Key to ensuring business continuity

Question 30

Accessibility

Answer 30

The availability of a component to perform its desired operation during a specified time period.

Question 31

Capacity

Answer 31

The amount of storage infrastructure resources available.

Question 32

Capacity Monitoring

Answer 32

Ensures uninterrupted data availability and scalability by averting outages before they occur.

Question 33

Performance Monitoring

Answer 33

Evaluates how efficiently different storage infrastructure components are performing and helps to identify bottlenecks.

Question 34

Availability Management

Answer 34

Involves all availability-related issues for components or services to ensure that service levels are met.

Question 35

Capacity Management

Answer 35

Goal is to ensure adequate availability of resources based on their service level requirements.

Question 36

Performance Management

Answer 36

Ensures the optimal operational efficiency of all components.

Question 37

Security Management

Answer 37

Key objective is to ensure confidentiality, integrity, and availability of information in both virtualized and nonvirtualized environments.

Question 38

Reporting

Answer 38

Involves keeping track and gathering information from various components and processes.

Question 39

Enterprise Management Platform (EMP)

Answer 39

A suite of applications that provides an integrated solution for managing and monitoring an enterprise storage infrastructure.

Question 40

Information Lifecycle Management

Answer 40

A proactive strategy that enables an IT organization to effectively manage the information throughout its lifecycle.

Question 41

Storage Tiering

Answer 41

A technique of establishing a hierarchy of different storage type (tiers).

Question 42

Intra-Array Storage Tiering

Answer 42

The process of storage tiering within a storage array.

Question 43

Inter-Array Storage Tiering

Answer 43

The process of storage tiering between storage arrays.