SE4455 Final (Unit 5-8)

Question 1

Name 4 cloud management mechanisms

Answer 1

remote admin system
resource management system
SLA management system
Billing management system

Question 2

How does the remote admin system interface with underlying management systems?

Answer 2

Via APIs

Question 3

What are the two types of remote admin system portals?

Answer 3

usage & administration

self-service

Question 4

What does the usage & administration portal do?

Answer 4

centralized management controls of different cloud resources

Question 5

Which remote admin portal provides IT resource usage reports?

Answer 5

Usage and admin portal

Question 6

What does the self-service portal do?

Answer 6

shopping portal: allows consumers to search list of cloud services & resources

Question 7

Why do remote admin systems use standard APIs?

Answer 7

• consumer can create own administration console and reuse it with multiple cloud providers

Question 8

What does VIM stand for

Answer 8

Virtual Infrastructure manager

Question 9

What does the VIM do?

Answer 9

manages multiple virtual resources and hypervisors across multiple physical servers

Question 10

What is the name of the repository in a resource management system?

Answer 10

VM image repository

Question 11

What does the VM image repository store?

Answer 11

Virtual resource templates to create pre-built instances (virtual server images)

Question 12

Replication, load balancing, and failover systems are tasks performed by which cloud management system?

Answer 12

resource management system

Question 13

What are the 2 forms of access for resource management system

Answer 13

1. externally through a usage and administration portal

2. internally through the native user interface provided by VIM

Question 14

What are the 2 components of the SLA management system?

Answer 14

SLA manager

quality-of-service measurements repository

Question 15

What mechanisms are used to collect SLA data?

Answer 15

SLA monitors

Question 16

SLA monitor agents intercept messages between who?

Answer 16

cloud consumer

cloud service

Question 17

What are the 2 components of a billing management system?

Answer 17

pricing & contract manager

pay-per-use measurement repository

Question 18

What does encryption help counter?

Answer 18

eavesdropping
malicious intermediary
insufficient authorization
overlapping trust boundaries

Question 19

Symmetric key encryption is also known as ___

Answer 19

private/secret key encryption

Question 20

Asymmetric key encryption is also known as ___

Answer 20

public key encryption

Question 21

Which method of encryption is faster?

Answer 21

symmetric

Question 22

What security does private key encryption offer?

Answer 22

integrity and non-repudiation (not confidentiality)

Question 23

What security does public key encryption offer?

Answer 23

confidentiality only

Question 24

What is the underlying encryption protocol for HTTP?

Answer 24

SSL and TLS

Question 25

Does TLS use asymmetric or symmetric encryption?

Answer 25

Both

asymmetric for key exchange, then symmetric

Question 26

T/F: RSA is a symmetric encyption cipher

Answer 26

False: asymmetric

Question 27

T/F: AES is a symmetric encryption cipher?

Answer 27

True

Question 28

T/F: hashing is non-reversible

Answer 28

True

Question 29

What threats does hashing mitigate?

Answer 29

malicious intermediary

insufficient authorization

Question 30

What security does digital signature provide?

Answer 30

authentication
integrity
non-repudiation

Question 31

Digital signatures require ___ and ___ to be created

Answer 31

hashing

asymmetrical encryption

Question 32

What does PKI stand for?

Answer 32

Public key infrastructure

Question 33

What does PKI associate?

Answer 33

public keys with corresponding key owners

Question 34

PKI relies on the use of ____

Answer 34

digital certificates

Question 35

Who usually signs a digital certificate?

Answer 35

3rd party certificate authority

Question 36

What does IAM stand for?

Answer 36

Identity and access management

Question 37

What does IAM counter?

Answer 37

insufficient auth
DoS
overlapping trust boundaries

Question 38

What are the four components of IAM?

Answer 38

authentication
authorization
user management
credential management

Question 39

What does the authentication component of IAM include?

Answer 39

username  + passwords
digital signatures and certificates
biometrics
voice/face recognition
IP addresses

Question 40

What does the authorization component of IAM include?

Answer 40

defines granularity for access controls

Question 41

What does the user management component of IAM include?

Answer 41

admin capabilities
(create access groups, reset passwords, manage privileges)

Question 42

What does the credential management component of IAM include?

Answer 42

establishes identities and access control rules for user accounts

Question 43

What does SSO stand for?

Answer 43

Single sign-on

Question 44

In SSO, who authenticates the consumer?

Answer 44

security broker

Question 45

What security threat does SSO directly counter?

Answer 45

none!

Question 46

What is the purpose of SSO?

Answer 46

enhance usability of distributed resources

Question 47

When a security broker authenticates a consumer, what is established?

Answer 47

A security context (authentication token), which is persistent while the consumer accesses other cloud services

Question 48

How are cloud-based security groups segmented?

Answer 48

According to security policies

Question 49

T/F: cloud-based resources can be assigned to more than one logical cloud-based security group

Answer 49

true (assigned to at least one)

Question 50

What does cloud-based security groups help counter?

Answer 50

DoS
insufficient auth
overlapping trust boundaries

Question 51

What is hardening?

Answer 51

process of stripping unneccessary software to limit vulnerabilities

Question 52

What are some examples of hardening?

Answer 52

remove redundant programs
close server ports
disable services
internal root account, guest access

Question 53

What is a hardened virtual server image?

Answer 53

a template for a virtual server instance that has been hardened

Question 54

What does hardened virtual server images counter?

Answer 54

DoS
insufficient auth
overlapping trust boundaries

Question 55

Does workload distribution architecture reduce over or under-utilization?

Answer 55

both!

Question 56

Workload distribution architecture supports distributed ____ (3 types)

Answer 56

virtual servers
cloud storage devices
cloud services

Question 57

Name the workload distribution architecture mechanisms

Answer 57

load balancer
virtual server mechanisms
cloud storage device mechanism
audit monitor
cloud usage monitor
hypervisors
logical network perimeter
resource cluster
resource replication

Question 58

What are the different resource pool types?

Answer 58

physical server
virtual server
storage
network 
CPU
memory

Question 59

What type of server can CPU pools be allocated to?

Answer 59

Both physical and virtual servers

Question 60

What are sibling pools?

Answer 60

Sub pools comprised of subset of resources of parent pool (different resources and quantity)

Question 61

What are nested pools?

Answer 61

sub pools comprised of same resources as parent but in fewer quantities

Question 62

What are the resource pooling architecture mechanisms?

Answer 62

audit monitor
cloud usage monitor
hypervisor
logical network parameter
pay-per-use monitor
remote admin system
resource management system
resource replication

Question 63

What is the role of the hypervisor in a resource pooling architecture?

Answer 63

provide virtual servers with access to resource pools

Question 64

How does dynamic scalability architecture work?

Answer 64

predefined scaling conditions trigger dynamic allocation of resources from resource pools

Question 65

What are the different types of dynamic scaling?

Answer 65

dynamic horizontal scaling
dynamic vertical scaling
dynamic relocation

Question 66

What mechanism is used by dynamic horizontal scaling?

Answer 66

resource replication

Question 67

What is dynamic relocation?

Answer 67

When an IT resource is relocated to a host with more capacity

Question 68

What mechanisms are used in dynamic scalability architecture?

Answer 68

automated scaling listener
resource replication
cloud usage monitor
hypervisor
pay-per-use monitor

Question 69

What type of IT resource does elastic resource capacity architecture use to handle fluctuating processing requirements?

Answer 69

CPUs and RAM

Question 70

What is an intelligent automation engine?

Answer 70

Signaled by the scaling listener to execute workflow logic scripts

Question 71

What does a workflow logic script do?

Answer 71

signals hypervisor to allocate more resources from resource pools

Question 72

What are the mechanisms used by elastic resource capacity architecture?

Answer 72

cloud usage monitor
pay-per-use monitor
resource replication

Question 73

Service load balancing architecture is a variation of what other architecture?

Answer 73

workload distribution architecture

Question 74

Service load balancing architecture is geared specifically for scaling ____

Answer 74

cloud service implementations

Question 75

In service load balancing architecture, the load balancer is positioned in either __ or ___

Answer 75

external

built-in (in the host server)

Question 76

What does cloud bursting architecture mean?

Answer 76

on-premise IT resources “burst out” into cloud when capacity reached

Question 77

T/F: In cloud bursting architecture, the cloud resources are deployed only when capacity of on-premise resources is reached

Answer 77

F: they are redundantly pre-deployed

Question 78

What type of resource is replicated in cloud bursting architecture?

Answer 78

on premise

Question 79

Cloud bursting architecture implements the dynamic scaling by adding and
releasing ___

Answer 79

cloud resources to on-premise environment

Question 80

How is a cloud consumer charged in non elastic dick provisioning?

Answer 80

charged by disk capacity, not actual storage consumption

Question 81

What technology does elastic disk provisioning architecture use for dynamic allocation?

Answer 81

think disk technology

Question 82

How does elastic disk provisioning architecture use resource replication?

Answer 82

convert dynamic thin-disk storage into static thick-disk storage

Question 83

What is a storage service gateway?

Answer 83

External interface to cloud storage devices, redirects consumer requests when location of requested data has changed

Question 84

In redundant storage architecture, how is availability increased?

Answer 84

primary cloud storage device is replicated to secondary cloud storage device

Question 85

T/F: storage replication can be used to replicate both partial and entire LUNs

Answer 85

T

Question 86

Here is a fun list of the 10 specialized cloud mechanisms:

Answer 86

1. Automated Scaling Listener
2. Load Balancer
3. SLA Monitor
4. Pay-Per-Use Monitor
5. Audit Monitor
6. Failover System
7. Hypervisor
8. Resource Cluster
9. Multi-Device Broker
10. State Management Database

Question 87

Here is a fun list of why adam is a loser:

Answer 87

1. he watches the national in the morning ALONE
2. he still plays captin crunch video games
3. he didn’t have sheets for the first 20 years of his life
4. he probably wont have sheets after university
5. he is (ga)me craz(y)

Question 88

What is an automated scaling listener?

Answer 88

Tracks communications for dynamic scaling purposes

Question 89

T/F: VIM generally runs the automated scaling listener

Answer 89

F: The Hypervisor generally runs the automated scaling listener, then the hypervisor commands VIM to scale based on needs

Question 90

T/F: When scaling-up using the automated scaling listener, the virtual server might have to migrate

Answer 90

True

Question 91

T/F: When scaling-down using the automated scaling listener, the virtual server might have to migrate

Answer 91

False

Question 92

What are the objectives of a load balancer?

Answer 92

• Optimize IT resource usage
• Avoid overloading
• Maximize throughput (the goal remember!?)

Overall: Increases performance

Question 93

What does a load balancer do?

Answer 93

Balance workloads across the could’s IT resources

Question 94

What are the 3 types of Workload Distribution Functions?

Answer 94

1. Asymmetric Distribution
2. Workload Prioritization
3. Content-Aware Distribution

Question 95

What is an Asymmetric Distribution?

Answer 95

Larger workloads issued higher processing capacity

Question 96

What is a Workload Prioritization?

Answer 96

Workload distributed based on priority, and are scheduled, queued, then discarded

Question 97

What is a Content-Aware Distribution

Answer 97

Requests distributed to IT resources based on the content of the request

Question 98

Four ways a load balancer can exist:

Answer 98

1. Multi-layer network switch
2. Dedicated hardware appliance
3. Dedicated software system (server OS)
4. Service agent (cloud management software)

Question 99

What is an SLA Monitor?

Answer 99

• Monitors runtime performance of cloud services

- Ensures fulfillment of contractual QoS requirements published in SLA

Question 100

What are the two types of SLA Monitors?

Answer 100

1. SLA Monitor Polling Agent

2. SLA Monitoring Agent

Question 101

T/F: SLA monitor polling agent responds to physical and virtual failures

Answer 101

True

Question 102

T/F: SLA monitoring agent only responds to physical failures

Answer 102

True

Question 103

When does an SLA monitor polling agent log a PS_Timeout?

Answer 103

Physical server polling timed out

Question 104

When does an SLA monitor polling agent log a PS_Unreachable?

Answer 104

Physical server polling timed out 3 times in a row

Question 105

When does an SLA monitor polling agent log a PS_Reachable?

Answer 105

unavailable server responds to polling again

Question 106

When does an SLA monitoring agent log a VM_unreachable?

Answer 106

VIM cannot reach VM

Question 107

When does an SLA monitoring agent log a VM_Failure?

Answer 107

VM failed and is unavailable

Question 108

When does an SLA monitoring agent log a VM_Reachable?

Answer 108

VM is reachable

Question 109

Define a Pay-Per-Us Monitor

Answer 109

• Measures cloud IT resource usage with pre-defined pricing parameters
• Generates usage logs stored in a DB

Question 110

Which of these is not a TYPICAL way to calculate billing fees:

a) request / response message quantity
b) Data volumes
c) Upgrade logs
d) Usage period

Answer 110

c) Upgrade logs is not a typical way…

the others are typical, and the one I removed was “ Bandwidth consumption” is the other typical way

Question 111

Define an Audit Monitor

Answer 111

• Keeps track of all login requests and location based access
• collects “audit tracking data” for networks, regulation, and contract obligation purposes

Question 112

T/F: Audit Monitors are implemented as monitoring agents?

Answer 112

True

Question 113

T/F: Audit monitor only stores failed login attempts?

Answer 113

False, Audit monitor stores both failed and successful login attempts along with security credentials

Question 114

Define a Failover System

Answer 114

A resource replication mechanism using clustering technology to provide redundant implementation

Question 115

What does a failover system accomplish?

Answer 115

Increased the reliability and availability of IT resources

Question 116

What are the 2 circumstances failover systems are used in?

Answer 116

1. Mission critical programs

2. Reusable services that introduce single point of failure

Question 117

What are the two basic configurations of failover systems?

Answer 117

1. Active-Active

2. Active-Passive

Question 118

T/F: An active-active failover system needs a router?

Answer 118

False, and active-active failover system needs a load balancer

Question 119

T/F: An active-passive failover system needs a router?

Answer 119

True

Question 120

Define a hypervisor in a specialized cloud mechanism context

Answer 120

Hypervisor is a mechanism administered by a VIM used to generate the virtual instance of a physical server

Question 121

How many hypervisors can you have for every physical server?

Answer 121

1:1, you can only have 1 hypervisor for every physical server

Question 122

How many virtual servers can you have for every hypervisor?

Answer 122

1:*, you can have many virtual servers under the same hypervisor

Question 123

What is a resource cluster?

Answer 123

-Groups multiple IT resource instances to operate as a single IT resource

Question 124

Geographically diverse resources can improve:

Answer 124

1. allocation and usage

2. increased computing capacity, load balancing and resource availability

Question 125

T/F: High speed dedicated networks or cluster nodes are necessary for communication?

Answer 125

True

Question 126

What are the 3 types of resources clusters (BASED ON RESOURCE TYPE)?

Answer 126

1. Server cluster
2. Database cluster
3. Large Dataset Cluster

Question 127

T/F: cluster management programs run as operating systems

Answer 127

False: Cluster management programs run as distributed middleware

Question 128

What are the two types of resource clusters (BASED ON CLUSTER MECHANISM)?

Answer 128

1. Load Balanced Cluster (active-active failover)

2. High Availability (HA) Cluster (active-passive failover)

Question 129

What is a multi-device broker?

Answer 129

Used to overcome incompatibilities between cloud services and consumers (e.g. mobile –> cloud communication)

Question 130

What are the transformation levels related to multi-device broker?

Answer 130

1. transport protocol layer
2. messaging protocol layer
3. storage protocol layer
4. Data schema / data model protocols layer

Question 131

What is a state management database?

Answer 131

A storage device used to temporarily persist state data, acting as an alternative to caching data

Question 132

What is the benefit of a state management database?

Answer 132

• Programs off-load state data to database to reduce runtime memory consumption
• creates more scalable software