Enroll. No.

_________
MARWADI UNIVERSITY
MU-FOT
CE-FOT1 (MU), IT-FOT1 (MU)
Semester
8
-
Summer

Subject :
CLOUD COMPUTING ( 01CE0803 )
Date :
17-Feb-2022 Time :
1 Hours 15 Minutes Total Marks :
30
Instructions :

1. Attempt all questions.

2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.

Que.1 Answer the following questions. [6]

(A)
(1) What is the Role of Hypervisor?
Ans. Isolating/Emulating resources
CPU: Scheduling virtual machines
Memory: Managing memory
I/O: Emulating I/O devices
Networking
Managing virtual machines

(2) Define Data ownership

Ans. Data ownership refers to both the possession of and responsibility for information. Ownership implies power as well as
control. The control of information includes not just the ability to access, create, modify, package, derive benefit from, sell
or remove data, but also the right to assign these access privileges to others

(3) How Can Security of Data Concerns Be addressed in cloud?

Ans. Security of Data Concerns Be addressed steps when working with the cloud:
Data encryption.
Access control and strong authentication.
Separate data.
Avoid storing sensitive and high-value data.

(4) What  Downtime in VM Migration.

Ans. Down time refers to the time during which the service of the VM is not available.

(5) What Is A Cloud?

Ans. A cloud is a combination of hardware, networks, storage, services, and interfaces that helps in delivering computing as a
service. It has broadly three users which are end user, business management user, and cloud service provider. The end user
is the one who uses the services provided by the cloud. The business management user in the cloud takes the responsibility
of the data and the services provided by the cloud.

(6) Give three Examples of PAAS

Ans. AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App Engine, Apache Stratos, OpenShift

Que.2
(A) Explain three phases in live migration approach: [6]
Ans. Warm-up phase-In this, copies all the memory pages from source to destination while the VM is still running on the source.
If some memory pages change during memory copy process dirty pages, they will be re-copied until the rate of recopy
pages is not less than dirty page rate.
Stop and Copy phase- In this, the VM will be stopped in source and the remaining dirty pages will be copied to the
destination and VM will be resumed in destination.
Pre-Copy Phase- At this stage, the VM continuously run, and its memory is copied page wise from the source to the target
host. It starts with transferring all active memory pages.

(B) What is the difference between IaaS and PaaS in Cloud? [6]
Ans. Basis Of IAAS PAAS  
Stands for Infrastructure as a services. Platform as a services.  
Uses IAAS is used by network architects. PAAS is used by developer.  
IAAS give access to the resources like virtual PAAS give access to run time environment to deployment
Access  
machines and virtual storage. and development tools for application.
It is service model that provide visualized It is a cloud computing model that delivers tools that is
Model  
computing resources over internet. used for development of application.
Technical In which you required knowledge of subject to
It required technical knowledge.  
understanding. understand basic setup.
It is popular between developer and It popular between developer who focus on the
Popularity.  
researchers. development of apps and scripts.
Cloud services. Amazon web services, sun, vcloud express. Facebook, and google search engine.  
Enterprise
AWS virtual private cloud. Microsoft azure.  
services.
Outsourced
Salesforced. Force.com, Gigaspaces.
cloud services.
OR
(B)  What is the minimal requirement to implement an IAAS Cloud? [6]
Ans. IaaS clouds provide the infrastructure (physical or virtual servers, networking, and storage) in a manner very similar to
what was and is done in a typical data center deployment with traditional applications. The user has complete control over
all aspects of the infrastructure (subject to the capabilities of the provider), including network speed, number and speed of
CPUs, amount of RAM, type of storage, etc. The user can fully configure the operating system, applications, etc., and can
tune it as desired. In short, it is much like deploying a physical or virtual server on premises today, except it may not be on
premises and you don't pay for it all up front. You pay for it as you use it.
 
The minimal requirement to implement are basically three things: 
 OS to support hypervisor or a hypervisor. 

- Preferably open-source software like Linux and Xen hypervisor 

Networking topology and implementation. 

- Public Network or Private network with Level 3 Switch 

Selection of cloud model as per requirement or business. 

Que.3
(A) List the different cloud application available in market? Briefly explain the scenarios/situation of” when to not use [8]
clouds”
Ans.  
Art Applications
Business Applications
Data Storage and Backup Applications
Education Applications
Entertainment Applications
Management Applications
 Social Applications
 
 
when to avoid clouds are
 
Critical data. Though cloud security has come a long way, many experts believe you're still better off keeping critical data
close to your place of operations. ...
Outages. ...
Cloud sprawl. ...
Complex architecture. ...
Costs. ...
Inability to monitor cloud performance. ...
Legacy architecture. ...
Remote location.
Critical data. Though cloud security has come a long way, many experts believe you're still better off keeping critical data
close to your place of operations. ...
Outages. ...
Cloud sprawl. ...
Complex architecture. ...
Costs. ...
Inability to monitor cloud performance. ...
Legacy architecture. ...
Remote location.

(B) Discuss Threats in cloud computing [4]

Ans. . Lack of Strategy and Architecture for Cloud Security 
Many companies become operational long before the security strategies and systems are in place to protect the
infrastructure, in their haste to migrate to the cloud. 
2. Misconfiguration of Cloud Services 
Misconfiguration of cloud services is a growing cloud computing threat you must pay attention to. It is usually caused by
keeping the default security and access management settings. If this happens, important data can be publicly exposed,
manipulated or deleted. 
3. Visibility Loss 
Cloud services can be accessed through multiple devices, departments and geographic places. This kind of complexity
might cause you to lose sight of who is using your cloud services and what they are accessing, uploading or downloading. 
4. Compliance Violation 
In most cases, compliance regulations require your company to know where your data is, who has access to it, how it is
processed and protected. Even your cloud provider can be asked to hold certain compliance credentials. Thus, a careless
transfer of your data to the cloud or moving to the wrong provider can bring potentially serious legal and financial
repercussions. 
5. Contractual Breaches 
Any contractual partnerships you have or will develop will include some restrictions on how any shared data is used, how it
is stored and who has authorized access to it. Unknowingly moving restricted data into a cloud service whose providers
include the right to share any data uploaded into their infrastructure could create a breach of contract, which could lead to
legal actions. 
6. Insecure Application User Interface (API) 
Operating systems in a cloud infrastructure is sometimes done through an API that helps to implement control. API’s are
sets of programming codes that enable data transmission between one software product and another and contains the terms
of this data exchange.  Application Programming Interfaces (API) have two components: technical specification describing
the data exchange options, in the form of a request for processing and data delivery protocols, and the software interface
written to the specification that represents it. 
 
 7. Insider Threats 
Your employees, contractors and business partners can, without having any malicious intent, become some of your biggest
security risks due to a lack of training and negligence, as we have already shown. Moving to the cloud introduces a new
layer of insider threat, from the cloud service provider’s employees.  Since it is clear, although there are so many threats
and vulnerabilities, that cloud computing could be really helpful to any company if used correctly and that it is here to stay,
let us now mention some of the safety measures you can take. 
OR
(A) Explain in detail Community Cloud [8]
Ans. The community Cloud allows system and services to be accessible by group of organizations. It
shares the infrastructure between several organizations from a specific community. It may be
Managed internally or by the third-party.
Benefits: There are many benefits of deploying cloud as community cloud model. The following diagram shows some of
those benefits: · Cost Effective Community cloud offers same advantage as that of private cloud at low cost. · Sharing
Between Organizations Community cloud provides an infrastructure to share cloud resources and capabilities among
several organizations. · Security Community cloud is comparatively more secure than the public cloud.
Issues:
· Since all data is housed at one location, one must be careful in storing data in community cloud because it might be
accessible by others. · It is also challenging to allocate responsibilities of governance, security and cost.

(B) Write Few examples for SaaS and challenges in SAAS [4]
Ans. Google Apps
Dropbox
Salesforce
Cisco WebEx
Concur
GoToMeeting
 
CHALLENGES 
 
Lack of control
Feature limitations
Performance and downtime
Minimal Customization
Issues with integrating with existing apps
May result in compromised security

---Best of Luck---