SE4455 Midterm

Question 1

How much do we have to do for capstone?

Answer 1

Everything - we are not in good shape!

Question 2

What is a Network Cloud?

Answer 2

Delivery method of data across heterogenous public and semi-public networks

Question 3

Gartner definition of cloud?

Answer 3

scalable and elastic IT enabled capabilities that are delivered as a service to external customers using internet technologies

Question 4

What is the NIST definition of cloud?

Answer 4

Too long to put in the cards :p

Question 5

Two types of motivations for cloud?

Answer 5

Business and technology drivers

Question 6

3 types of business drivers?

Answer 6

1. Capacity Planning
2. Cost Reduction
3. Organizational Agility

Question 7

8 types of technology drivers?

Answer 7

1. Clustering
2. Grind Computing
3. Virtualization
4. Broadband networks / internet architecture
5. Data centre technology
6. Web technology
7. Multitenant technology
8. Service technology

Question 8

What is capacity planning ? (and list 3 strategies)

Answer 8

Focused on minimizing the discrepancy between capacity and demand of an IT resource

1. Lead strategy
2. Lag strategy
3. Match strategy

Question 9

What is a lead capacity planning strategy?

Answer 9

adding capacity in anticipation

Question 10

What is a lag capacity planning strategy?

Answer 10

adding capacity after a resource reaches full capacity

Question 11

What is a match capacity planning strategy?

Answer 11

adding capacity in small increments as demand increases

Question 12

Two types of cost reduction methods?

Answer 12

1. Cost of acquiring new infrastructure

2. Cost of ongoing ownership

Question 13

What are the 3 main aspects to organizational agility?

Answer 13

(Highlighted red on the organizational agility slide)

1. Adapt and evolve
2. Scaling IT resources
3. Changing business needs and priorities

Question 14

What is Clustering?

Answer 14

• Group of independent IT resources acting as a single system
• Reduced failure rates, increased reliability / availability
• synchronized through high speed communication

Question 15

What is Grid computing?

Answer 15

• Organized resources into one or more logical poolss
• Loosely coupled and distributed systems
• Heterogeneous and geographically disbursed computer resources

Question 16

What is Virtualization?

Answer 16

• Physical resources providing multiple virtual images of themselves to share underlying process capabilities
• Hardware requirements simulated through emulation
• Severs software-hardware dependency

Question 17

Jeff Jeff Jeff Jeff

Answer 17

What is San Francisco?

Question 18

Basic concepts definition of Cloud

Answer 18

A distinct IT environment designed for remotely provisioning scalable and measurable IT resources

Question 19

What are the different IT resources?

Answer 19

• Physical server
• Virtual server
• Software program
• Service
• Storage Device
• Network Device

Question 20

What are on premise IT resources?

Answer 20

• Not cloud based
• Can access, interact, or be moved to cloud
• Redundant deployments can exist

Question 21

What is a cloud consumer?

Answer 21

someone who consumes clouds ;)

Question 22

What is a cloud provider?

Answer 22

someone who provides clouds ;)

Question 23

What are two types of scalability?

Answer 23

1. Horizontal scalability

2. Vertical scalability

Question 24

What are the aspects of horizontal scalability?

Answer 24

• less expensive
• instantly available
• replication and automation
• additional IT resources needed
• NOT limited by hardware capacity

Question 25

What are the aspects of vertical scalability?

Answer 25

• more expensive
• normally instantly available
• additional set up needed
• NO additional IT resources needed
• limited by hardware capacity

Question 26

What is a cloud service?

Answer 26

IT resources made available by cloud

Question 27

What does SLA stand for?

Answer 27

Service Level Agreement

Question 28

What is a Service Level Agreement

Answer 28

• Describes QoS features: availability, reliability, performance
• IT outcomes: uptime and security characteristics
• SLA is a critical specification

Question 29

What can be a cloud service consumer?

Answer 29

• Software program
• Service
• Workstation
• Laptop
• Cellphone

Question 30

What are the three main benefits of cloud computing?

Answer 30

1. Reduced investment and proportional cost
2. Increased scalability
3. Increased availability

Question 31

What are the 4 main risks and challenges?

Answer 31

1. Security vulnerabilities
2. Operational governance
3. Limited portability between cloud providers
4. Multi-regional compliance

Question 32

What is a Cloud Resource Administrator?

Answer 32

• Administers cloud based resources
• Can be consumer, provider, or third party
• NOT a cloud service administrator

Question 33

What is a Cloud Auditor?

Answer 33

Evaluates security controls, privacy and performance

Question 34

What is a Cloud Broker?

Answer 34

Manages the negotiating of cloud services between providers and consumers

Question 35

What is a Cloud Carrier?

Answer 35

• Provides wire-level connectivity between consumers and providers
• Usually network/telecom providers (e.g. Rogers)

Question 36

What are the two cloud boundaries?

Answer 36

1. Organizational Boundary

2. Trust Boundary

Question 37

What is ubiquitous access?

Answer 37

Widely accessible cloud services tailors to specific cloud needs of consumer

Question 38

What is Multitenancy ?

Answer 38

• Characteristics that allow the instance of the program to service different consumers
• Relies on virtualization

Question 39

What is resource pooling?

Answer 39

Allows providers to pool large scale IT resources to serve multiple cloud consumers

Question 40

What is cloud elasticity?

Answer 40

Transparently scale IT resources in response to runtime or pre-determined conditions

Question 41

What is Measured usage?

Answer 41

The ability of a cloud platform to keep track of IT resource usage / usage reporting

Question 42

What is resiliency?

Answer 42

Form of failover that distributes redundant implementations

Question 43

What are the 3 main cloud delivery models?

Answer 43

1. Infrastructure-as-a-Service (IaaS)
2. Platform-as-a-Service (PaaS)
3. Software-as-a-Service (SaaS)

Question 44

Which cloud delivery model has full administrative control?

Answer 44

Infrastructure-as-a-Service

Question 45

Which cloud delivery model has the most limited administrative control?

Answer 45

Software-as-a-Service

Question 46

Which cloud delivery model has only usage-related configuration controls?

Answer 46

Software-as-a-Service

Question 47

There are also other specialized delivery models

Answer 47

Storage, database, security, communication, integration, testing, process (all as services)

Question 48

What are the 6 cloud deployment models?

Answer 48

1. Public Cloud
2. Community Cloud
3. Private Cloud
4. Hybrid Cloud
5. Virtual Private Cloud
6. Inter-Cloud

Question 49

Owned by community members or third party, and limited to a specific community is what type of cloud deployment model?

Answer 49

Community cloud deployment model

Question 50

A self contained cloud environment, managed by a public cloud provider, is what type of cloud deployment model?

Answer 50

Virtual cloud deployment model

Question 51

A cloud comprised of two or more inter-connected clouds is what type of cloud deployment model?

Answer 51

Inter-cloud deployment model

Question 52

A cloud offered to consumers at cost or advertisement is what type of cloud deployment model?

Answer 52

Public cloud deployment model

Question 53

A complex and challenging cloud due to potential disparity is what type of cloud deployment model?

Answer 53

Hybrid cloud deployment model

Question 54

A cloud owned by a single organization is what type of cloud deployment model?

Answer 54

Private cloud deployment model

Question 55

What is an ISP

Answer 55

Internet Service Provider

-Hierarchical topology composed of Tiers 1,2,3

Question 56

What are 3 main technical and business considerations?

Answer 56

1. connectivity issues
2. network bandwidth latency issues
3. cloud carrier and cloud provider selection

Question 57

Why do you group IT resources in close proximity? (3 reasons)

Answer 57

1. power sharing
2. higher efficiency
3. improved accessibility

Question 58

Here is just a list of data centre characteristics to read over:

Answer 58

• virtualization
• standardization/modularity
• automation
• remote operation / management
• high availability
• security

Question 59

What are the main data centre components?

Answer 59

1. Facilities
2. Computing Hardware
3. Storage Hardware
4. Networked Storage
5. Network Hardware

Question 60

Classify the hardware under each type of data centre component: Rackmount servers, processing architecture, hot swaps

Answer 60

Computing Hardware

Question 61

Classify the hardware under each type of data centre component: SAN and NAS

Answer 61

Networked Storage

Question 62

What is SAN?

Answer 62

• Storage Area Network

- Multiple storage devices connected through LAN network

Question 63

What is NAS?

Answer 63

• Network Attached Storage

- Array of storages connected through NAS device and have access to the network

Question 64

Classify the hardware under each type of data centre component: Hard disk array, I/O caching, hot swaps, virtualized storage

Answer 64

Storage Hardware

Question 65

Classify the hardware under each type of data centre component: LAN / SAN fabric, NAS gateway, Web-tier load balancing, carrier and external network interconnection

Answer 65

Network Hardware

Question 66

What is virtualization technology?

Answer 66

converting physical IT resources into virtual IT resources

Question 67

T/F: Servers, Storage, Network, and Power are all resources that can be virtualized

Answer 67

True

Question 68

What are the 4 main parties involved with virtualization (concepts slide)

Answer 68

1. Physical Host - Virtualized Server
2. Host Operating System - Virtualized server OS
3. Guest operating system - virtual machine OS
4. Hypervisor (virtual machine manager) - virtual server and host physical resources manager

Question 69

3 main characteristics of virtualization?

Answer 69

1. Hardware independence
2. Server consolidation
3. Resource replication

Question 70

What is another name for hardware-based virtualization?

Answer 70

Hypervisor

Question 71

What are 3 concerns with virtualization?

Answer 71

1. performance overhead
2. special hardware compatibility
3. portability

Question 72

What are web technology resources?

Answer 72

Artifacts accessible via world wide web

Question 73

What is the World Wide Web?

Answer 73

System of interlinked IT resources accesses through internet

Question 74

List two BASIC components of world wide web:

Answer 74

1. Web browser client
2. Web server

(other components also include proxies, caching services, gateways, load balancers)

Question 75

What is a URL

Answer 75

• Uniform Resource Locator

- identifier for web-based resorces

Question 76

What is HTTP

Answer 76

• Hypertext transfer protocol

- primary communications protocol for the internet

Question 77

What are the two main markup languages?

Answer 77

1. HTML - expresses presentation

2. XML - defines vocabularies associated with web-based data via metadata

Question 78

What is a web application?

Answer 78

• distributed application using web-based technologies

- supports almost all cloud-based environments

Question 79

T/F: presentation layer is client side

Answer 79

True

Question 80

T/F: application layer is client side

Answer 80

False; application layer is server side

Question 81

T/F: Data layer is server side

Answer 81

True

Question 82

Fun Fact:

Answer 82

Presentation Layer
Application Layer
Data Layer

Are all web application layers

Question 83

What is multitenant technology

Answer 83

• enables multiple users (tenants) to access the same application logic simultaneously
• only have access to their own view/data

Question 84

There are 7 characteristics of multitenant applications:

Answer 84

1. usage isolation
2. data security
3. recovery
4. application upgrades
5. scalability
6. metered usage
7. data tier isolation

Question 85

What is the difference between virtualization and multitenancy?

Answer 85

virtualization has multiple virtual copies (each provided to client) of environment hosted by single physical server

compared to

multitenancy having physical or virtual serves hosting an application designed to allow multiple users on the same application with usage exclusivity

Question 86

What is a SOAP based web service?

Answer 86

• Simple Object Access Protocol (SOAP)

- common messaging format for request and response messages

Question 87

T/F: Web Service Description Language (WSDL) is a SOAP based web service?

Answer 87

True

Question 88

T/F: XML Schema Definition Language is a REST based web service?

Answer 88

False; XML Schema is a SOAP based web service

Question 89

What is UDDI?

Answer 89

• Universal Description Discovery and Integration

- regulates service registries in which WSDL definitions can be published

Question 90

What is a REST API?

Answer 90

• Representational State Transfer

- set of recommendations for designing loosely coupled applications using HTTP protocol

Question 91

What is the difference between SOAP and REST?

Answer 91

REST allows developers to implement details according to their own needs

Question 92

What are Service agents?

Answer 92

Event driven programs for intercepting messages at runtime

Question 93

What are the two types of service agents?

Answer 93

Active - actions upon intercepting and reading require making changes to message contents

Passive - don’t change message content, my capture contents for monitoring

Question 94

What is service middleware?

Answer 94

Platform designed to accommodate complex service compositions

Question 95

What are the two types of service middleware?

Answer 95

1. Enterprise Service Bus (ESB) - intermediary processing features (routing, queuing, broker)
2. Orchestration Platform (OP) - hosts / executes workflow logic for runtime composition

Question 96

Define confidentiality in terms of a cloud security concept

Answer 96

Something made accessible only to authorized parties

a message is considered confidential if it is not accessed or read by any unauthorized party

Question 97

Define integrity in terms of a cloud security concept

Answer 97

Something not having been altered by an unauthorized party

data transmitted matches data received

Question 98

Define authenticity in terms of a cloud security concept

Answer 98

Something having been provided by an authorized source

Question 99

Define availability in terms of a cloud security concept

Answer 99

Something being accessible and usable at any specific time

responsibility is shared by cloud consumers and providers

Question 100

Define threat in terms of a cloud security concept

Answer 100

A potential security violation in attempt to breach privacy / cause harm

(threats can be automatic or manual)

Question 101

Define vulnerability in terms of a cloud security concept

Answer 101

Weakness that can be exploited due to:

• insufficient security controls
• existing security is overcome by an attack

Question 102

List the 6 main cloud vulnerabilities

Answer 102

1. configuration deficiency
2. security policy weakness
3. user error
4. hardware / firmware flaws
5. software bugs
6. poor security

Question 103

What are security controls?

Answer 103

Countermeasures used to prevent security threats and reduce risk

Question 104

What are two security mechanisms?

Answer 104

1. defensive frameworks

2. countermeasures

Question 105

What is a threat agent?

Answer 105

An entity that poses a threat because it’s capable of an attack

Question 106

What are the 4 main threat agents?

Answer 106

1. Anonymous attacker
2. Malicious Service Agent
3. Trusted Attacker
4. Malicious Insider

Question 107

Based on the description what type of threat agent is this: Human threat agent acting on behalf of a cloud provider

Answer 107

Malicious Insider

Question 108

Based on the description what type of threat agent is this: Non-trusted cloud service consumer without permission in the cloud

Answer 108

Anonymous Attacker

Question 109

Based on the description what type of threat agent is this: Able to intercept and forward network traffic that flows within a cloud; external program able to remotely intercept messages

Answer 109

Malicious Service Agent

Question 110

Based on the description what type of threat agent is this: Shares IT resources in same cloud as the consumer and exploits legitimate credentials targeting cloud providers and tenants

Answer 110

Trusted Attacker

Question 111

What is traffic eavesdropping?

Answer 111

Data is passively intercepted by malicious service agents; compromises confidentiality

Question 112

What is a malicious intermediary?

Answer 112

Intercepts messages and alters them with harm data that compromises both confidentiality and integrity of the message

Question 113

What is a DoS?

Answer 113

• Denial of service

- overloads resources to the point of the cloud not being able to function properly

Question 114

What is insufficient authorization?

Answer 114

Access is granted to attackers too broadly, leads to attackers gaining direct access to resources

Question 115

What is a virtualization attack?

Answer 115

Exploits vulnerability in virtualization platform; jeopardizes confidentiality, integrity, availability, and the underlying physical infrastructure

Question 116

How are overlapping trust boundaries a cloud security threat?

Answer 116

Malicious consumers target shared resources and compromise other cloud consumers or other IT resources with the same trust boundary

Question 117

What is security policy disparity?

Answer 117

IT resources may not be identical between consumers and providers

Question 118

Risks are quantified and qualified based on what two main aspects?

Answer 118

1. Probability of occurrence

2. Degree of impact

Question 119

What is a logical network perimeter?

Answer 119

isolation of a network environment from the rest of a network

Question 120

what are the objectives of a logical network perimeter?

Answer 120

1. isolate non-authorized users
2. isolate non-users
3. isolate cloud consumers
4. control available bandwidth

Question 121

How are logical network perimeters deployed?

Answer 121

• deployed as virtualized IT environment
• things like virtual firewalls to filter network traffic
• things like VLANs to isolate network environment within a data center

Question 122

What is the most foundational building block of a cloud environment?

Answer 122

Virtual server

Question 123

What is a virtual server?

Answer 123

share same physical server with multiple cloud consumers by hosting numerous IT resources provided for individuals

Question 124

What type of software controls a virtual server?

Answer 124

Hyperviser

Question 125

What is a cloud storage device?

Answer 125

• virtualized storage designed for cloud-based provisioning

- provides fixed increment capacity allocation in support of pay-per-use mechanism

Question 126

What are the concerns of cloud storage?

Answer 126

security, integrity, confidentiality, performance

Question 127

What are the 4 cloud storage levels?

Answer 127

1. Files
2. Blocks
3. Datasets
4. Objects

Question 128

Classify the description as a cloud storage level: sets of data organized into table-based formats

Answer 128

Datasets

Question 129

Classify the description as a cloud storage level: data and metadata organized as web-based

Answer 129

Objects

Question 130

Classify the description as a cloud storage level: lowest level of storage; smallest unit of data still individually accessible

Answer 130

Blocks

Question 131

Classify the description as a cloud storage level: collections of data that are grouped

Answer 131

Files

Question 132

What are the two network storage interfaces?

Answer 132

1. Storage blocks - fixed format, closest to hardware

2. File and network storage

Question 133

T/F: Server message block (SMB) and Small computer system interface (SCSI) are part of the storage blocks network storage interface

Answer 133

True

Question 134

T/F: Common internet file system (CIFS) and Network file system (NFS) are part of the storage blocks network storage interface

Answer 134

False; CIFS and NFS are part of the File and network storage interfaces

Question 135

T/F: Object storage interfaces are web resources

Answer 135

True

Question 136

T/F: Object storage interfaces are accessed via SOAP or web services using HTTP

Answer 136

False; Object storage interfaces are accessed via REST or web services using HTTP

Question 137

T/F: Storage networking industry association’s cloud data management interface (SNIA’s CDMI) does NOT support object storage interfaces

Answer 137

False; SNIA’s CDMI supports object storage interfaces

Question 138

What are the two main categories of database storage interfaces?

Answer 138

1. Relational data storage

2. Non-relational data storage

Question 139

What is relational data storage?

Answer 139

• Uses structured query language (SQL)
• relies on tables to organize data
• protection against integrity and redundancy

Question 140

what are 2 challenges of relational data storage?

Answer 140

1. vertical scaling

2. performance

Question 141

What is non-relational data storage?

Answer 141

• avoids complexity and overhead of relational storage
• No normalization
• more horizontally scalable than relational
• data loses native form

Question 142

What is a cloud usage monitor?

Answer 142

Lightweight and autonomous software responsible for collecting / processing IT resource usage data

Question 143

What are the 3 main usage monitors?

Answer 143

1. Monitoring agent
2. Resource agent
3. Polling agent

Question 144

Classify the usage monitor based on the following description: monitors usage based on pre-defined events at the resource software level including: initiating, suspending, resuming, or vertical scaling

Answer 144

Resource Agent

Question 145

Classify the usage monitor based on the following description: Event driven program that monitors and analyzes data flow measuring network traffic and message metrics

Answer 145

Monitoring Agent

Question 146

Classify the usage monitor based on the following description: Processing module that collects cloud service usage data on select IT resources; periodically monitors IT resource status, and uptime / downtime

Answer 146

Polling Agent

Question 147

And the grand finally:

You mom is?

Answer 147

YOUR DAD!