SE4455 Midterm Flashcards
1
Q
How much do we have to do for capstone?
A
Everything - we are not in good shape!
2
Q
What is a Network Cloud?
A
Delivery method of data across heterogenous public and semi-public networks
3
Q
Gartner definition of cloud?
A
scalable and elastic IT enabled capabilities that are delivered as a service to external customers using internet technologies
4
Q
What is the NIST definition of cloud?
A
Too long to put in the cards :p
5
Q
Two types of motivations for cloud?
A
Business and technology drivers
6
Q
3 types of business drivers?
A
- Capacity Planning
- Cost Reduction
- Organizational Agility
7
Q
8 types of technology drivers?
A
- Clustering
- Grind Computing
- Virtualization
- Broadband networks / internet architecture
- Data centre technology
- Web technology
- Multitenant technology
- Service technology
8
Q
What is capacity planning ? (and list 3 strategies)
A
Focused on minimizing the discrepancy between capacity and demand of an IT resource
- Lead strategy
- Lag strategy
- Match strategy
9
Q
What is a lead capacity planning strategy?
A
adding capacity in anticipation
10
Q
What is a lag capacity planning strategy?
A
adding capacity after a resource reaches full capacity
11
Q
What is a match capacity planning strategy?
A
adding capacity in small increments as demand increases
12
Q
Two types of cost reduction methods?
A
- Cost of acquiring new infrastructure
2. Cost of ongoing ownership
13
Q
What are the 3 main aspects to organizational agility?
A
(Highlighted red on the organizational agility slide)
- Adapt and evolve
- Scaling IT resources
- Changing business needs and priorities
14
Q
What is Clustering?
A
- Group of independent IT resources acting as a single system
- Reduced failure rates, increased reliability / availability
- synchronized through high speed communication
15
Q
What is Grid computing?
A
- Organized resources into one or more logical poolss
- Loosely coupled and distributed systems
- Heterogeneous and geographically disbursed computer resources
16
Q
What is Virtualization?
A
- Physical resources providing multiple virtual images of themselves to share underlying process capabilities
- Hardware requirements simulated through emulation
- Severs software-hardware dependency
17
Q
Jeff Jeff Jeff Jeff
A
What is San Francisco?
18
Q
Basic concepts definition of Cloud
A
A distinct IT environment designed for remotely provisioning scalable and measurable IT resources
19
Q
What are the different IT resources?
A
- Physical server
- Virtual server
- Software program
- Service
- Storage Device
- Network Device
20
Q
What are on premise IT resources?
A
- Not cloud based
- Can access, interact, or be moved to cloud
- Redundant deployments can exist
21
Q
What is a cloud consumer?
A
someone who consumes clouds ;)
22
Q
What is a cloud provider?
A
someone who provides clouds ;)
23
Q
What are two types of scalability?
A
- Horizontal scalability
2. Vertical scalability
24
Q
What are the aspects of horizontal scalability?
A
- less expensive
- instantly available
- replication and automation
- additional IT resources needed
- NOT limited by hardware capacity
25
What are the aspects of vertical scalability?
- more expensive
- normally instantly available
- additional set up needed
- NO additional IT resources needed
- limited by hardware capacity
26
What is a cloud service?
IT resources made available by cloud
27
What does SLA stand for?
Service Level Agreement
28
What is a Service Level Agreement
- Describes QoS features: availability, reliability, performance
- IT outcomes: uptime and security characteristics
- SLA is a critical specification
29
What can be a cloud service consumer?
- Software program
- Service
- Workstation
- Laptop
- Cellphone
30
What are the three main benefits of cloud computing?
1. Reduced investment and proportional cost
2. Increased scalability
3. Increased availability
31
What are the 4 main risks and challenges?
1. Security vulnerabilities
2. Operational governance
3. Limited portability between cloud providers
4. Multi-regional compliance
32
What is a Cloud Resource Administrator?
- Administers cloud based resources
- Can be consumer, provider, or third party
- NOT a cloud service administrator
33
What is a Cloud Auditor?
Evaluates security controls, privacy and performance
34
What is a Cloud Broker?
Manages the negotiating of cloud services between providers and consumers
35
What is a Cloud Carrier?
- Provides wire-level connectivity between consumers and providers
- Usually network/telecom providers (e.g. Rogers)
36
What are the two cloud boundaries?
1. Organizational Boundary
| 2. Trust Boundary
37
What is ubiquitous access?
Widely accessible cloud services tailors to specific cloud needs of consumer
38
What is Multitenancy ?
- Characteristics that allow the instance of the program to service different consumers
- Relies on virtualization
39
What is resource pooling?
Allows providers to pool large scale IT resources to serve multiple cloud consumers
40
What is cloud elasticity?
Transparently scale IT resources in response to runtime or pre-determined conditions
41
What is Measured usage?
The ability of a cloud platform to keep track of IT resource usage / usage reporting
42
What is resiliency?
Form of failover that distributes redundant implementations
43
What are the 3 main cloud delivery models?
1. Infrastructure-as-a-Service (IaaS)
2. Platform-as-a-Service (PaaS)
3. Software-as-a-Service (SaaS)
44
Which cloud delivery model has full administrative control?
Infrastructure-as-a-Service
45
Which cloud delivery model has the most limited administrative control?
Software-as-a-Service
46
Which cloud delivery model has only usage-related configuration controls?
Software-as-a-Service
47
There are also other specialized delivery models
Storage, database, security, communication, integration, testing, process (all as services)
48
What are the 6 cloud deployment models?
1. Public Cloud
2. Community Cloud
3. Private Cloud
4. Hybrid Cloud
5. Virtual Private Cloud
6. Inter-Cloud
49
Owned by community members or third party, and limited to a specific community is what type of cloud deployment model?
Community cloud deployment model
50
A self contained cloud environment, managed by a public cloud provider, is what type of cloud deployment model?
Virtual cloud deployment model
51
A cloud comprised of two or more inter-connected clouds is what type of cloud deployment model?
Inter-cloud deployment model
52
A cloud offered to consumers at cost or advertisement is what type of cloud deployment model?
Public cloud deployment model
53
A complex and challenging cloud due to potential disparity is what type of cloud deployment model?
Hybrid cloud deployment model
54
A cloud owned by a single organization is what type of cloud deployment model?
Private cloud deployment model
55
What is an ISP
Internet Service Provider
| -Hierarchical topology composed of Tiers 1,2,3
56
What are 3 main technical and business considerations?
1. connectivity issues
2. network bandwidth latency issues
3. cloud carrier and cloud provider selection
57
Why do you group IT resources in close proximity? (3 reasons)
1. power sharing
2. higher efficiency
3. improved accessibility
58
Here is just a list of data centre characteristics to read over:
- virtualization
- standardization/modularity
- automation
- remote operation / management
- high availability
- security
59
What are the main data centre components?
1. Facilities
2. Computing Hardware
3. Storage Hardware
4. Networked Storage
5. Network Hardware
60
Classify the hardware under each type of data centre component: Rackmount servers, processing architecture, hot swaps
Computing Hardware
61
Classify the hardware under each type of data centre component: SAN and NAS
Networked Storage
62
What is SAN?
- Storage Area Network
| - Multiple storage devices connected through LAN network
63
What is NAS?
- Network Attached Storage
| - Array of storages connected through NAS device and have access to the network
64
Classify the hardware under each type of data centre component: Hard disk array, I/O caching, hot swaps, virtualized storage
Storage Hardware
65
Classify the hardware under each type of data centre component: LAN / SAN fabric, NAS gateway, Web-tier load balancing, carrier and external network interconnection
Network Hardware
66
What is virtualization technology?
converting physical IT resources into virtual IT resources
67
T/F: Servers, Storage, Network, and Power are all resources that can be virtualized
True
68
What are the 4 main parties involved with virtualization (concepts slide)
1. Physical Host - Virtualized Server
2. Host Operating System - Virtualized server OS
3. Guest operating system - virtual machine OS
4. Hypervisor (virtual machine manager) - virtual server and host physical resources manager
69
3 main characteristics of virtualization?
1. Hardware independence
2. Server consolidation
3. Resource replication
70
What is another name for hardware-based virtualization?
Hypervisor
71
What are 3 concerns with virtualization?
1. performance overhead
2. special hardware compatibility
3. portability
72
What are web technology resources?
Artifacts accessible via world wide web
73
What is the World Wide Web?
System of interlinked IT resources accesses through internet
74
List two BASIC components of world wide web:
1. Web browser client
2. Web server
(other components also include proxies, caching services, gateways, load balancers)
75
What is a URL
- Uniform Resource Locator
| - identifier for web-based resorces
76
What is HTTP
- Hypertext transfer protocol
| - primary communications protocol for the internet
77
What are the two main markup languages?
1. HTML - expresses presentation
| 2. XML - defines vocabularies associated with web-based data via metadata
78
What is a web application?
- distributed application using web-based technologies
| - supports almost all cloud-based environments
79
T/F: presentation layer is client side
True
80
T/F: application layer is client side
False; application layer is server side
81
T/F: Data layer is server side
True
82
Fun Fact:
Presentation Layer
Application Layer
Data Layer
Are all web application layers
83
What is multitenant technology
- enables multiple users (tenants) to access the same application logic simultaneously
- only have access to their own view/data
84
There are 7 characteristics of multitenant applications:
1. usage isolation
2. data security
3. recovery
4. application upgrades
5. scalability
6. metered usage
7. data tier isolation
85
What is the difference between virtualization and multitenancy?
virtualization has multiple virtual copies (each provided to client) of environment hosted by single physical server
compared to
multitenancy having physical or virtual serves hosting an application designed to allow multiple users on the same application with usage exclusivity
86
What is a SOAP based web service?
- Simple Object Access Protocol (SOAP)
| - common messaging format for request and response messages
87
T/F: Web Service Description Language (WSDL) is a SOAP based web service?
True
88
T/F: XML Schema Definition Language is a REST based web service?
False; XML Schema is a SOAP based web service
89
What is UDDI?
- Universal Description Discovery and Integration
| - regulates service registries in which WSDL definitions can be published
90
What is a REST API?
- Representational State Transfer
| - set of recommendations for designing loosely coupled applications using HTTP protocol
91
What is the difference between SOAP and REST?
REST allows developers to implement details according to their own needs
92
What are Service agents?
Event driven programs for intercepting messages at runtime
93
What are the two types of service agents?
Active - actions upon intercepting and reading require making changes to message contents
Passive - don't change message content, my capture contents for monitoring
94
What is service middleware?
Platform designed to accommodate complex service compositions
95
What are the two types of service middleware?
1. Enterprise Service Bus (ESB) - intermediary processing features (routing, queuing, broker)
2. Orchestration Platform (OP) - hosts / executes workflow logic for runtime composition
96
Define confidentiality in terms of a cloud security concept
Something made accessible only to authorized parties
| a message is considered confidential if it is not accessed or read by any unauthorized party
97
Define integrity in terms of a cloud security concept
Something not having been altered by an unauthorized party
| data transmitted matches data received
98
Define authenticity in terms of a cloud security concept
Something having been provided by an authorized source
99
Define availability in terms of a cloud security concept
Something being accessible and usable at any specific time
| responsibility is shared by cloud consumers and providers
100
Define threat in terms of a cloud security concept
A potential security violation in attempt to breach privacy / cause harm
(threats can be automatic or manual)
101
Define vulnerability in terms of a cloud security concept
Weakness that can be exploited due to:
- insufficient security controls
- existing security is overcome by an attack
102
List the 6 main cloud vulnerabilities
1. configuration deficiency
2. security policy weakness
3. user error
4. hardware / firmware flaws
5. software bugs
6. poor security
103
What are security controls?
Countermeasures used to prevent security threats and reduce risk
104
What are two security mechanisms?
1. defensive frameworks
| 2. countermeasures
105
What is a threat agent?
An entity that poses a threat because it's capable of an attack
106
What are the 4 main threat agents?
1. Anonymous attacker
2. Malicious Service Agent
3. Trusted Attacker
4. Malicious Insider
107
Based on the description what type of threat agent is this: Human threat agent acting on behalf of a cloud provider
Malicious Insider
108
Based on the description what type of threat agent is this: Non-trusted cloud service consumer without permission in the cloud
Anonymous Attacker
109
Based on the description what type of threat agent is this: Able to intercept and forward network traffic that flows within a cloud; external program able to remotely intercept messages
Malicious Service Agent
110
Based on the description what type of threat agent is this: Shares IT resources in same cloud as the consumer and exploits legitimate credentials targeting cloud providers and tenants
Trusted Attacker
111
What is traffic eavesdropping?
Data is passively intercepted by malicious service agents; compromises confidentiality
112
What is a malicious intermediary?
Intercepts messages and alters them with harm data that compromises both confidentiality and integrity of the message
113
What is a DoS?
- Denial of service
| - overloads resources to the point of the cloud not being able to function properly
114
What is insufficient authorization?
Access is granted to attackers too broadly, leads to attackers gaining direct access to resources
115
What is a virtualization attack?
Exploits vulnerability in virtualization platform; jeopardizes confidentiality, integrity, availability, and the underlying physical infrastructure
116
How are overlapping trust boundaries a cloud security threat?
Malicious consumers target shared resources and compromise other cloud consumers or other IT resources with the same trust boundary
117
What is security policy disparity?
IT resources may not be identical between consumers and providers
118
Risks are quantified and qualified based on what two main aspects?
1. Probability of occurrence
| 2. Degree of impact
119
What is a logical network perimeter?
isolation of a network environment from the rest of a network
120
what are the objectives of a logical network perimeter?
1. isolate non-authorized users
2. isolate non-users
3. isolate cloud consumers
4. control available bandwidth
121
How are logical network perimeters deployed?
- deployed as virtualized IT environment
- things like virtual firewalls to filter network traffic
- things like VLANs to isolate network environment within a data center
122
What is the most foundational building block of a cloud environment?
Virtual server
123
What is a virtual server?
share same physical server with multiple cloud consumers by hosting numerous IT resources provided for individuals
124
What type of software controls a virtual server?
Hyperviser
125
What is a cloud storage device?
- virtualized storage designed for cloud-based provisioning
| - provides fixed increment capacity allocation in support of pay-per-use mechanism
126
What are the concerns of cloud storage?
security, integrity, confidentiality, performance
127
What are the 4 cloud storage levels?
1. Files
2. Blocks
3. Datasets
4. Objects
128
Classify the description as a cloud storage level: sets of data organized into table-based formats
Datasets
129
Classify the description as a cloud storage level: data and metadata organized as web-based
Objects
130
Classify the description as a cloud storage level: lowest level of storage; smallest unit of data still individually accessible
Blocks
131
Classify the description as a cloud storage level: collections of data that are grouped
Files
132
What are the two network storage interfaces?
1. Storage blocks - fixed format, closest to hardware
| 2. File and network storage
133
T/F: Server message block (SMB) and Small computer system interface (SCSI) are part of the storage blocks network storage interface
True
134
T/F: Common internet file system (CIFS) and Network file system (NFS) are part of the storage blocks network storage interface
False; CIFS and NFS are part of the File and network storage interfaces
135
T/F: Object storage interfaces are web resources
True
136
T/F: Object storage interfaces are accessed via SOAP or web services using HTTP
False; Object storage interfaces are accessed via REST or web services using HTTP
137
T/F: Storage networking industry association's cloud data management interface (SNIA's CDMI) does NOT support object storage interfaces
False; SNIA's CDMI supports object storage interfaces
138
What are the two main categories of database storage interfaces?
1. Relational data storage
| 2. Non-relational data storage
139
What is relational data storage?
- Uses structured query language (SQL)
- relies on tables to organize data
- protection against integrity and redundancy
140
what are 2 challenges of relational data storage?
1. vertical scaling
| 2. performance
141
What is non-relational data storage?
- avoids complexity and overhead of relational storage
- No normalization
- more horizontally scalable than relational
- data loses native form
142
What is a cloud usage monitor?
Lightweight and autonomous software responsible for collecting / processing IT resource usage data
143
What are the 3 main usage monitors?
1. Monitoring agent
2. Resource agent
3. Polling agent
144
Classify the usage monitor based on the following description: monitors usage based on pre-defined events at the resource software level including: initiating, suspending, resuming, or vertical scaling
Resource Agent
145
Classify the usage monitor based on the following description: Event driven program that monitors and analyzes data flow measuring network traffic and message metrics
Monitoring Agent
146
Classify the usage monitor based on the following description: Processing module that collects cloud service usage data on select IT resources; periodically monitors IT resource status, and uptime / downtime
Polling Agent
147
And the grand finally:
| You mom is?
YOUR DAD!
