CS8791 Cloud Computing Question Bank Prepared By Kaviya.P Assistant Professor / Information Technology Kamaraj College of Engineering & Technology (Autonomous)€S8791 CLOUD COMPUTING UNIT 1-INTRODUCTION Introduction to Cloud Computing = Definition of Cloud ~ Evolution of Cloud Computing Underlying Principles of Parallel! and Distributed Computing — Cloud Charseteristies — Elasticity in Cloud — On-demand Provisioning, ART — A. rks) 1, Define cloud computing. (Buyya) A Cloud isa type of parallel and distributed system consisting of a collection of interconnected and virtualized computers. They are dynamically provisioned and s based on service-level presented as one or more unified computing resou agreements established through negotiation between the service provider and consumers, 2. Define cloud computing. (NIST) “The National Institute of Standards and Technology (NIST) defines cloud computing as a “pay-per-use model for enabling available, convenient and an= demand network aceess to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction,” What are the convergences of various advances leading to the advent of cloud computing? vexseropoy oom (eta Cong1 What is Service Oriented Architecture (SOA)? Describe, compose, and orchestrate services, package, and transport messages between services, publish and discaver services, represent quality of service (QoS) parameters, and ensure security in service access. What are the advantages and disadvantages of distributed computing? Advantages Disadvantages: © Extensibility and Incremental Growth © Complexity + Economics + Network Problem © Speed = Security + Inherent distribution of applications and Reliability What are the desirable features of Cloud? © On-Demand Self-service + Por-usage metering and billing (Measured service) © Rapid Elasticity + Resource Pooling © Broad Network Access List down the types of clouds based on deployment models. © Public / Intemet Clouds Private / Enterprise Cloud © Hybrid / Mixed Cloud © Community Differentiate private and public cloud. Private Cloud Publie Cloud j Rs ew drevidersh It is hosted at Serviee Provider site or tis hosted at Service Provider site. cclrnee VR ReRELIO RE PINE KIER Itonly supports connectivity over the private network, Scalability is very high, and reliability is moderate, Scalability is limited, and reliability is very high, Example: Amazon VPC and Azure Private Cloud Example: Amazon Web Services (AWS), Google App Engine9. What are cloud service models? ‘The three main categories of cloud serviee models: Infrastructure as a Service (laaS): The delivery of technology infrastructure (mostly hardware) as an on demand, scalable service. Example: Amazon 2 Platform asa Service (Pan): A complete development and deployment environment in the cloud, with resources that enable the user to develop and run their applications Software as a Service (SaaS): use. Example: Google Does aaS is a licensed software offering on the eloud and pay per 10, Write a short note on community cloud, Community cloud is a cloud infrastructure that allows systems and services to be aceessible by a group of several organizations to share the information. Example: Our government organization within India may share computing infrastructure in the cloud to manage data. 11, List the advantages and disadvantages of cloud computing, Advantages Disadvantages: © No upfront commitment © Downtime * Costefficiency © Secmity © On Demand Self-service . © Vendor Lock-In * Disaster Recovery © Excellent accessibility © Limited Control © Scalability © Legal Issues © Flexibility 12. Define parallel computing. Parallel computing is a type of computing architecture in which several processors simultaneously execute multiple, smaller calculations broken down from an overall larger, complex problem The term paraltel computing refers to a model in which the computation is divided among several processors sharing the same memory.13, Define distributed computing. + The term distributed computing encompasses any architecture or system that allows. the computation to be broken down into topics and executed concurrently on different computing elements, whether these are processors on different nodes, processors on the same computer, of cores within the same processor, © In Distributed Computing the processors communicate with one another through communication lines such as high-speed buses or telephone lines © Each processor has its own local Memory © Examples; ATM, Internet, Intranet ‘Workgroups. 14, Define cluster computing. Cluster Comp ing is a type of parallel or distributed computer system consists of @ collection of inter-connected stand-alone computers working together as a single integrated computing resource ‘Types of Clusters © High Availability or Failover clusters © Load Balancing Chisters © Parallel / Di buted Processing Clusters, 15, Differentiate parallel computing vs. distributed computing Parallel Computing Distributed Computing Many — operations are simultaneoush performed System components are located at different locations Single computer is required Uses multiple computers Multiple processors perform — multiple | Multiple computers perform — imultiple operation operations W may have shared or distributed memory | it has only distributed memory 16, Differentiate grid and cloud computing. Grid Computing Cloud Computing Cloud computing isa centralized executive, | Grid computing is « decentralized executive, Tn cloud computing, resources are used in centralized pattern, In grid computing, resourees are used in collaborative pattern, Cloud computing is a high accessible service Grid computing is a low accessible service This highly sealable as compared to grid computing. Grid computing is low scalable in eomparison to cloud computing.17. Differentiate tightly coupled vs. loosely coupled system. “Tightly coupled System Loosely coupled system ‘All the processors are connected tw a single global memory ‘All processors have a local memory. The communication between PEs in this model takes place through the shared memory The communication between PEs in this model takes place through the interconnection netwark, the inter process communication channel, or irc. Thus Memory confi Memory conflicts don lake place 18, Give examples of Message Passing Interface. Remote Procedure Call (RPC) Distributed Objects ‘+ Distributed agents and Active Objects © Web Service 19, Identify the model for Message based communication. © Point-to-point message model ‘Publish and Subscribe message model © Push Strategy © Pull Strategy © Request-reply message model 20, What is “elasticity” in cloud computing? Elasticity is de cores, memory, VM and container instances) to © Elasticity is the degree to which a system provisioning and deprovi 1g resources in-an aulono: fined as the ability of a system to add and remove resources (such as CPU adapt to the load variation in real time, Elasticity isa dynamie property for cloud computing able to adapt to workload changes by manner, Elasticity = Scalability + Automation + Optimization au. Name the policies used in elasticity “add or remove resources”. Elasticity can be provided either manual or automatic. A manual elastic solution would provide their users with tools t monitor their systemsand add or remave resources but leaves the sealing decision t them,© Automatic mode: All the actions are done automatically, and this could be classified intorcactive and proactive modes. * Elastic solutions can be either reactive or predictive. © Reactive mode: The elasticity actions are triggered based on certain thresholds or rules, the system reaets to the load (workload or resource utilization) and triggers: actions to adapt changes accordingly. + Proactive made: This approach implements forecasting techniques, anticipates the future needs, and triggers actions based on this anticipation 22, Differentiate horizontal sealing and vertical scaling. Horizontal Scaling Vertical Scaling Moving a virtual machine instance to another physical machine with a different overall fond changes its available resources The process of adding/removing instances, which may be located at different locations, It is harder to upgrade and may involve downtime. The process of modifying resourees (CPU, memory, storage oF both) size for an instance at run time. It is not flexible for the cloud systems to cope with the varying workloads I gives more flexibility for the cloud systems to cope with the varying workloads 23. What is post-eopy and pre-copy in tive migration? Post-capy migration: + Post-copy migration suspends the migrating VM, copies minimal processor state to the target hast, resumes the VM and then begins fetching memory pages from the souree Pre-copy migration: + In pre-copy approach, the memory pages are copied while the VM is running on the souree. + Ifsome pages are changed (called dirty pages) during the memory capy process, they will be recopied until the number of recopied pages is greaicr than dirty pages, or the source VM will be stopped. = The remaining dirty pages will be copied to the destination VM,24. Differentiate static resource provisioning vs. dynamic resource provisioning. Static Resource Provisioning Dynamic Resource Provisioning ‘The provider prepares the appropriate resources in advanee of start of service. The provider allocates more resources as customer needed and removes them when they are not. ‘The customer is charged a flat fee or is billed on a monthly basis The customer is billed on a pay-per-use basis 25, List the parameters of resource provisioning. © Response time + Minimize cost © Revenue maximization © Fault tolerant © Reduced SLA Violation * Reduces Power Consumption itate the types of dynamic resource provisioning. * Local On-demand Resource Provisioning, + Remote On-demand Resource Provisioning 2. * Scientific / Technical Applications © Business Applications sumer / Soci = Con I Applications ean © Data storage and back-up © Education * Eniertainment © Management List (he applications of cloud computing.yee Par Explain in detail about evolution of cloud computing. Elaborate the underlying principles of cloud computing. Explain the characteristics/desired features of cloud computing with suitable examples. Illustrate how “elasticity a major advantage in cloud computing Explain on-demand resource provisioning in cloud computing,€S8791 CLOUD COMPUTING UNIT I - CLOUD ENABLING TECHNOLOGIES Service Oriented Architecture ~ REST and Systems of Systems — Web Services ~ Publish Subscribe Model ~ Basics of irtualization ~ Types of Virtualization ~ Implementation Levels of Virtualization — Virtualization Structures ~ Tools and Mechanisms — Virtualization of CPU — Memory ~ 0 Devi 4. twalization Support and Disaster Recovery. PART — A (2 Marks) Define the term Web Service. © Prominent technology for implementing SOA systems and applications. net technologies distributed systems, © They leverage Int Based on well-known and vendorsindependent standards such a8 HTTP, SOAP, and WSDL, List the major roles in SOA, There are two major roles within SOA: # Service Provider: Develop and provides services © Service Consumer: Accessing services over Internet State the components of service discovery. Servi iscoVery consists of three components: © Service Register + Service Requestor * Se What are the properties of SOA? ice Provider © Logical view «© Message orientation «Description orientation = Gromularity Network orientation © Platform-neutral5. What is the impact of SOA in cloud? * A service-oriented approach that allows multiple service entities to communicate and share information thraugh a single system. SOA does this by implementing a method called “loose coupling.” * An SOA is set of multiple services. Applications can be formed by making use of those facilities available across different platforms regardless of the languages or vendors. ‘© Itimproves business workflows while pravidin, AK ess management services © Ease of monitoring and management © Easy data exchange ©. Interoperability © Platform-neuiral approach © Reliability © Reusable codes and services © Service change impact 6, Justify that Web and Web architecture are SOA based. SOA is an architectural style for building software applications that use services available ina network such as the web, © It promotes loose coupling between software components so that they can be reused, ‘* Applications in SOA are built based on services. '* A service is an implementation of a well-defined business fun uility, and such services can then be consumed by clients in different applications or business processes. © SOA allows for the reuse of existing assets where new services can be created from an existing IT infrastructure of systems, 7. Write a short note on REST, REST hypermedia systems. a software architecture style for distributed systems, particularly distributed REST stands for Represeniational State Transfer. REST iself is not a standard, while it uses various. standards such as HTTP, URL, XMUHTMLIGIFAPEG (Resource Representations) and texv’xml, texwhtm!, image/gif, image/jpeg, ete (MIME Types). 8, State the four principles of REST. The REST architectural style is hased on four principles9, Identify the technologies that make up web se # Resoutee Identification through URIs * Uniform, Constrained Interface « SclfDescriptive Message © Stateless Interactions ices. The technologies that make up the core of today’s web services are as follows: 10, What is vi ple Object Access Protocol (SOAP): SOAP provides a standard packaging structure for transmission of XML. documents over various Intemet protocols, such as SMTP, HTTP, and FTP. Web Services Description Language (WSDL): It standardizes the representation of input and output parameters of its operations as well as the service's protocol binding, the way in which the messages will be transferred on the wire, Universal Description, Discovery, and Integration (UDI): UDDI provides a global registry for advertising and . by searching for names, identifiers, alization in cloud computing? (or) Give the role of VM, Virtualization is a computer architecture technology by which multiple virtual machines (VMs) are multiplexed in the same hardware machine. ing by many users and improve computer performance in terms of resource utilization and application flexibility The purpose of a VM jis to enhance resouree shi Hardware resources such as CPU, memory, 1/0 devices, or software resources such as OS, software libraries can be virtualized, IL. Give the basic operation of VM, Multiplexing: VMs can be multiplexed between hardware machi Suspension: VM can be suspended and stored in stable storage, Provision (Resume): A suspended VM can be resumed or provisioned to a new hardware platform. Migration: A VM can be migrated from one hardware platform to another.12, Define Virtual Machine Monitor (VMM). Hardware-level virtualization inserts a layer between real hardware and traditional operating systems, This layer is commonly called the Virtual Machine Monitor (VMM) and it manages the hardware resources of a computing system. Each time programs access the hardware the VMM captures the process Three requirements for s VMM: © VMM should provide an environment identical to the original machine. © Programs run in this environment should show, only minor decreases in speed. © _VMM should be in complete control of the system resources, 13. List the implementation levels of virtualization, . Application level Library Support level Operating System level Hardware Abstraction layer level Instruction Set Architecture level 14, State the merits of virtualization at various levels, Table 3.1 Relative Merits of Virtualization at Various Level. Higher Application Implementation Application. Level of implementation Performance Flexibility Complexity Isolation ISA x yo000 2004 2006 Horcwareievel vituatzation 30000 200 rox 2000 (OS-vel vetualzation 30000 xK 300 x Risntime library support od mK % x% (User sopcation iva x x 20000 20000 15, Write a short note on Xen hypervisor. Hypervisor supports hardware-level virtualization on bare metal devices such as CPU, memory, disk and network interfaces, Hypervisor sits directly between physical hardware and its OS. Xen is a microkemel hypervisor, which separates the policy fram the mechanism, It implements all the mechanisms, leaving the policy to be handled by Domain 0. Xen does not include any device drivers natively.16 What is binary translation in virtualization? © Binary translation is one specific approach to implementing full virtualization that does not require hardware virtualization features © Itinvolves examining the executable code of the vi translating thes is, and then executing the translated code. ual guest for “unsafe” instructions, into "safe" equivak © Alternatives to binary translation are binary patching, and full system emulation 17, State the advantages and disadvantages of virtualization. (or) “Although virtualization is widely accepted today, it does have its limits". Comment on the statement. ‘Advantages: Disadvantages: © Utilization of hardware efficiently * Data can be at risk © Availability increases with Virtualization | * Learning new infrastructure saster recovery is efficient and easy * High initial investment irtualization saves energy * Cloud migration becomes easy 18, List the classes of Virtual Machine (VM) architecture. * Hypervisor Architecture © Paravirtualization + Host-based virtualization 19, Differentiate full virtualization vs para virtualization. Full Virtualization Paravirtualization In Full virtualization, virtual machine permits the execution of the In paravirtualization, virtual machine does not implement full isolation of OS but rather a mmm cy | provides a different APL which is alized ba cn OS is subjected to alteration. Paravirtualization ismore secure than the Full Virtualization, 2. | Full Virtualization is less se Full Virtualization uses binary 3. | translation and direct approach as a technique for operations, While Paravirtualization uses bypercalls at compile time for operations,S.No, Full Virtualization Paravirtualization Full Virtualization is slow Paravirtualization is faster in operation as 4. | paravirtualization in operation. compared to full virtualization, Paravirtualization is less portable and a Full Virtualization is more portable 7 and compatible. Example: Microsoft and Parallels systems Example: VMware and Xen 20, Differentiate critical and non-critieal instructions, Critical Instruction Non-Critical Instruction ‘The instructions that can run only in kernel mode | The instructions that can run only in user mode are called critical instruction. are called non-critical instruction. Example: Content Switching, Clear the memory | Example: Generate any trap instruction 21. List the categories of eritical instructions, Critical instructions are divided into three eategori © Privileged instructions: Execute in a privileged mode and will be trapped if executed outside this mode © Control Sensitive Instructions: Attempt to change the configuration of resourees used + Behaviour-Sensitive Instructions: Load and store operations over the virtual memory ‘22. What are the ways to implement I/O virtualization? ‘There are three ways to implement VO virtualization: + Full device emulation: All the fune is of a device or bus infrastructure, such as device enumeration, identification, interrupts, and DMA, are replicated in software, This software in the VMM and acts as a virtual device. The /O-aveess requests of the guest OS are trapped in the VMM which interacts with the 1/0 devices. © Para-virtualization: Typically used in Xen, It is also known as the split driver model consisting of a frontend driver and a backend driver. © Direct Oz Lets the VM access deviees directly. It can achieve close-to-native performance without high CPU costs.23. Give the significance of virtualization for disaster recovery? © The eloning of VMs offers an effeetive solution * Theidea is to make a clone VM ona remote server for every running VM on a local server, Among all the clone WMs, only one needs to be active. The remote VM should be in a suspended mode, © Acloud control center should be able to activate this clone VM in case of failure of the original VM, taking a snapshot of the VM to enable live migration in a minimal amount of time, PART-B Explain how virtualization is implemented in different layers. (or) Explain various levels of virtualization implementation. Elucidate the virtualization of CPU, Memory, and /O devices. Analyze how virtualization technology supports cloud computing, What is virtualization? Describe para and fy virtualization architectures, Compare and contrast them, Explain in detail about load balaneing in virtualization,88791 CLOUD COMPUTING UNIT I - CLOUD ARCHITECTURE, SERVICES AND STORAGE Layered Cloud Architecture Design — NIST Cloud Computing Reference Architecture — Public, Private and Hybrid Clouds - laaS ~ PaaS ~ SaaS - Architectural Design Challenges ~ Cloud Storage ~ Storaye-as-a-Service ~ Advantages of Cloud Storage ~ Cloud Storage Providers ~ S3. 1. List the actors in cloud computing. ‘The five major participating actors in cloud computing are © Cloud Consumer © Cloud Provider © Cloud Broker © Cloud Auditor © Cloud Carrier 2, State the role of cloud auditor, A cloud auditor is a party that can perform an independent examination of cloud service controls with the intent to express-an opinion thereon, A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, ete. 3. What is the responsibility of cloud broker? Cloud Broker is an entity that manages th serviees, and negotiates relationships between cloud providers and cloud consumers. As use, performance, and delivery of cloud oud computing evolves, the integration of cloud services may be too complex for cloud consumers to manage alone, 4. Mention the characteristic features of cloud. © On-demand self-service © Broad network access + Multistenancy and resource pooling © Rapid elasticity and«scalability © Measured service 5. Differentiate PaaS, SaaS and laaS ‘Cloud Players PaaS S IT administeators / ‘ Monitor SLAs and | onitor SLAs and ‘Monitor SLAs enable service cloud providers deploy software platforms Enabling plaif To deploy and | Enabling platforms: | 1 op and deploy ‘Software developers via configurators store data software and APIS End users or business | To deploy and | To devclop and test Use business software users store data web software Example Amazon EC? — | Google App Engine ee a en ‘Smal, 6. Differentiate private cloud and public cloud. Private Cloud Public Cloud Single Tenancy Ttanly supports connect network. ity over the private ‘Multi-Tenaney It is connected to the publie internet ‘Scalability is limited, and reliability is very Scalability is very high, and reliability is high, moderate. Dedicated Servers Shared Servers Eg: Microsoh. KVM, HP, RedHat | Eg: Amazon Web Service (AWS) and Google SM Ware, ‘App Engine, 7. Why do we need a hybrid cloud? Hybrid cloud is @ solution that combines a private cloud with one of mote publi¢ cloud services, with proprictary software enabling communication between each distinct service. Hybrid cloud allows companies to combine their own data center and/or private cloud sctup with public eloud resources such as Software as a Service, or SaaS, Softwaretouch points are used between the two infrastructures to help move data back and forth between them as needed. 8, Write a shori note on community cloud, © A community cloud mode! is a collaborative effort where infrastructure is shared and Jointly aecessed by several organizations trom a specific group that share specitic computing concerns such as, security, compliance, or jurisdiction considerations © Eg: IBM soft layer cloud 9, Who are the major players of cloud? © Amazon Web Services (AWS) Microsoft Azure Google Cloud IBM Cloud © Onele + Salesforce 10, Identify the architectural design challenges in eloud, Challenge 1: Service Availability and Data Lock-in Problem cl Challenge 3: Unpredictable Performance and Bottlenecks lenge 2: Data Privacy and Security Concerns Challenge 4: Distributed Storage and Widespread Software Bugs Challenge 5: Cloud Scalability, Interoperability, and Standardization Challenge 6; Software Licensing and Reputation Sharing 11, Define cloud storage (Storage as a Service) with examples. © Cloud storage is # cloud computing model that stores data on the Internet through cloud computing provider who manages and operates data storage as a service. * Stored data can be accessed fram anywhere and in anytime over Internet © Eg: Apple (iCloud), Amazon (Amazon Web Services), Dropbox, and Google12, State the advantages and disadvantages of cloud storage. ‘Advani Disadvantages + Usability and acces iternet Connection «Security © Costs + Cost-fficient + Hard drives «Convenient sharing of files Support + Automation + Privacy # Multiple users © Synchronization. 13, Write a short note on Amazon $3. ‘* Amazon Simple Storage Service (Amazon $3) isa scalable, high-speed, web-based cloud storage service. The service is designed for online backup and archiving of data and applications on Amazon Web Services (AWS). © Amazon $3 provides a simple web services interface that can be used to store and retrieve Any amount of data, at any time, from anywhere on the web, © S3 provides the object-oriented storage service for users. + uU: ers can access their objects through Simple Object Access Protocol (SOAP) with either browsers or other elient programs which support SOAP. at is Amazon EBS? * The Elastic Block Store (EBS) provides the volume block interface for si restoring the virtual images of EC2 instances, + The status of EC2 is saved in the EBS system afer the machine is shut down, © Users can use EBS to save persistent data and mount to the running instances of EC2. + EBS allows you to create storage volumes from 1 GB to | TB that can be mounted as instances 15, State the purpose of Amazon SimpleDB. ipleDB provides a simplified data model based on the relational database data- Explain in dk . What is cloud storage? Structured data from users must be organized into domains @ Each domain can be considered a table. © The items are the rows in the table, © A cell in the table is recognized as the value for a specifie attribute (column name) of the corresponding row. © This is like a table in a relational database and possible to assign multiple values to single cell in the table, PART —B Explain in detail about NIST Cloud Computing Reference Architecture, . With architecture, elaborate the various deployment models and reference models of cloud computing, List the cfoud deployment madels and give a detailed note about them. What are the pros and cons of publie, private and hybrid cloud? Compa and contrast the cloud deployment model Describe service and deployment models of a cloud computing environment with illustrations, How do they fit in NIST cloud architecture? Describe the different working models of cloud computing, Give the importance of cloud computing and elaborate the different types of services offered by it. Ilustrate the cloud delivery models in detail, Deseribe Infrastructure-as-a-service (IaaS), Platform-as-a-Service (PaaS) and Software-as~ a-Service (SaaS) with an example. il about architectural design ehallenges in cloud. lucidate Amazon cloud storage in detail.€S8791 CLOUD COMPUTING UNIT IV - RESOURCE MANAGEMENT AND SECURITY IN CLOUD Inter Cloud Resource Management — Resource Provisioning and Resource Provisioning Methods ~ Global Exchange of Cloud Resources ~ Security Overview — Cloud Security Challenges — Sofiware-as-a-Service Security ~ Security Govemance — Virtual Machine Security — 1AM — Security Standards. PAl ks) 1. Define Intercloud. Intercloud is a network of cloud s that are linked with each other, This includes private, public, and hybrid elouds that come together to provide a seamless exchange of data. Combining many different individual clouds into one seamless. mass in terms of on- demand operations. 2. What are the challenges of Intercloud? Identification: A system should be created where each cloud can be identified and accessed by another cloud, like how devices connected to the internet are identified by IP addresses. Communication: A universal language of the cloud should be created so that they are able to verify cach ather's available resources, Payment: When one provider uses the assets of another provider, a question arises on how the second provider will be compensated, so a proper payment process should be developed. 3. What are extended cloud computing services? Hardware as a Service (HaaS) Network as a Service (NaaS) Location as a Service (LaaS) Security asa Serview (SaaS) Data as a Service (Daa) Communication as a Service (CaaS)4. List the information available in VM template, The information available in VM template are: + The number-of cores or processors to be assigned to the VM © Theamount of memory the VM requires + The kernel used to boot the VM's operating system © The disk image containing the VM’s file system * The price per hour of using a VM © The address of the physical machine hosting the VM. The VM's network configuration 5. What is the responsibility of Virtual Infrastructure Engine (VIE)? ‘+ Users submit VMs on physical machines using different kinds of hypervisors, © VIEs (Virtual Infrastructure Engine) can create and stop VMs on a physical cluster 6. How does InterGrid Gateway (IGG) allocates resources? ‘An InterGrid gateway (IGG) allocates resources from one organization's local cluster and interacts with another IGG that ean allocate resourees from a cloud computing provider. Intergrid gateway (IGG) allocates resources from a local cluster three steps: ‘© Requesting the VMs (Resources) * Enacting (Validate) the leases © Deploying (install) the VMs as requested, 7. Find the actors present in Interctoud? © Cloud Broker: An entity that manages the use, performance, and delivery of eloud services, and negotiates relationships beryeen cloud providers and ¢loud consumers. © Cloud Coordinatar: It evaluates the available resources Supported services: © Application sched ng, © Resource allocation © Migration of workloads © Cloud Exchange: It acts as a market maker for bringing together service producers and consumers.8. What is resource provisioning in cloud? Cloud provisioning is the allocation of a eloud provider's resourees and services to customer, The growing catalogue of cloud services that customers can provision includes infrastructure as a service, software as a service and platform as a service, in public or private cloud environments. 1g methods: © Demand-driven method © Eventedriven method © Popularity-Driven Resource Provisioning 9. Differentiate under-provisioning and over-provisioning. Under Provisioning Over Provisioning Allocating fewer resources than required, |The peak load causes heavy resource otherwise the service cannot serve its users | waste with a good service, Leads to broken SLA and penalii 10, List the types of resauree provisioning methods, Demand-Driven: Adds or removes noxes (VM) based on the current utilization level of the allocated resources, Event-Driven: Adds or removes machine instances based on a specific time event, Popularity-Driven: Based on Intemet traffic monitored, 11. List the Gartner’s security issues in eloud, Privileged user access Regulatory compliance Data location Data segregation Recovery Investigative support Long-term viability12, What are the threats occurring while transferring or saving data in cloud? (ar) list, out the key privacy issues in cloud. Handling of data by third party © Cyber attacks + Insider threats © Government intrusion © Legal liability © Lack ofstand: © Lack of support 13. Define Man-in-Middle attack. ‘+ Information shared between two parties could be hacked by the middle (third) party. © Caused due to improper configuration of Secure Soeket Layer (SSL). +A general term for when a perpetrator positions himself in a conversation between a user and an application either to eavesdrop or to impersonate one of the parties, making it appear as if & normal exchange of information is underway, 14, What is Cross-Site Scripting attack? + Cross-Site Seripting (XSS) attacks are a type of injection, Which malicious scripts: are injected into otherwise benign and trusted web © User enters the correct URL of a website, whereas on another site, hacker redireets the user to his/her website and hacks its identification, 15. List the security serviecs offered by cloud. * Availability: Data never loss and Machine never fail © Confidentiality: Authorized to know the information ‘+ Integrity: Data has not been tampered 16. Define data integrity lity, and av: ‘© Data integrity: Refers to the technique for ensuring that the data is genuine, correct and protected from illegal user alteration, Mechanisms Used: Digital Signature, Hashing methods and message verification codes,Confidentiality: Re to limiting data access only to authorized users and stopping access to unauthorized ones, Mechanisms Used: Access control, Biometric, cryption, Privacy Availability: Availability of data resource. Mechanisms Used: Data backup, recovery plan, 17. List the phases of secure SDLC. Investigation Analysis Logical design Physical design Implementation Maintenance 18, What is security governance? A security steering committee is developed whose objective is to focus on providing guidance about security initiatives and alignment with business and IT strategies, A charter: First deliverables from the steering committee: Charter clearly defines the roles and responsibilities of the security team and other groups involved in performing information security functions. 19, How can the data seeurity be forces in cloud? Security need at the data level, so enterprises can be sure that their data is protected wherever it goes Provides compliance with Payment Card Indusiry Data Security Standard (PCIDSS), Ensures data security using: © Authentication: OTP © Encryption and Decryption algorithms © Data integrity: Hashing techniques (Message Digest, SHA)20, Define application security. © Application security is one of the critical success factors for a world-class SaaS. company, © Application security processes, secure coding guidelines, training, and testing scripts and tools are typically a collaborative effort between the security and the de teams. lopment * SaaS providers should secure their web applica ons by following Open Web Application Security Project (OWASP) guidelines for secure application development, by locking down ports and un cary commands, 21. What is Virtual Machine security? + In the cloud environment, physical servers are consolidated (combined) to multiple virtual machine instances, * Following are deployed on virtual machines to ensure security: ©. Firewalls (© Intrusion detection and prevention © Integrity monitoring. © Log inspection 22. What is Identity Access Management (IAM)? + IAM refers to a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources, © IAM Services are: © Authent on © Authorization © Auditing PART—B |, Explain in detail about cloud resource provisioning methods. Explain in detail about cloud security challenges. 3. Elaborate the security services in detail, 4, Explain data security, application security and virtual machine security. 5. Illustrate tdentity Access Management (TAM) architecture. 6, What isthe purpose of LAM? Deseribe its functional architecture with an illustration. 7, How is the identity and access management established in cloud to counter the threats?€S8791 CLOUD COMPUTING UNIT V = CLOUD TECHNOLOGIES AND ADVANCEMENTS Layered Cloud Architecture Design — NIST Claud Computing Reference Architecture ~ Public, Private and Hybrid Clouds ~ laaS — PaaS Service ~ Advantages of Claud Storage — Cloud Storage Praviders ~ $3. aa ~ Architectural Design Challenges ~ Cloud Storage ~ Storage-as-a- PART— A (2 Marks) 1. Give the significance of heartheat message in Hadoop. © A Heartbeat is a signal from Datanode to Namenode to indicate that it is alive. © In HDFS absence of heartbeat indieates that there is some problem and then Namenode, Datanade cannot perform any computation. is © The default heartbeat int seconds, 2. “HDF: © HDFS is highly fant tolerant, S is fault tolerant”. Is it true? Justify your answer. © Itcreates a replica of users' data on different machines in the HDFS cluster, © So whenever ifany machine in the cluster goes down, then data is accessible from other machines in which the same copy of data was created, 3. What is distributed file system? + Afille system that is distributed on multiple file servers or multiple locations © Itallows programs to access or store isolated files as they do with the local ones, allowing programmers to access files from any network or computer, 4, How MapReduce framework executes user jobs? + MapReduce program executes in three stages, © Map stage: The map or mapper's jab is to process the input data, Generally, the input dlata is in the form of file or directory and is stored in the Hadoop file system (HDS). of the Shute The Reduicer’s job is to process the data that comes from the mapper. After processing, # Reduce stage: This stage is the eombinat we and the Reduce stage. it produces a new set of output, which will be stored in the HDFS,5. L Name the different modules in Hadoop framework. ‘© Hadoop is made up of 4 core modules: © Hadeop Distributed File System (HDFS) ©. Yet Another Resource Negotiator (YARN) © Hadeop Common © MapReduce 2 What are the advantages of us + Fault-Tolerant © Performance + Highly Available © Low Network Traffic + High Throughput © Open Source + Cost Effective Write a short note on VirtualBox. © Oracle VM VirtualBox is eross-platform virtualization software © ILallows users to extend their existing eomputer to run multiple operating systems including Microsoft Windows, Mac OS X, Linux, and Oracle Solaris, at the same time, List the technologies used by GAE. * Google File System (G © MapReduce: For application program development and performing computation. ‘or storing large amounts of data. + Chubby: For disiributed application lock services. © BigTable: Offers a storage service Write a short note on BigTable. © It provides a service for storing and retrieving structured and semistructured data, © BigTable appli tions include storage of web pages, per-user data, and geographic locations,# Thedatabase needs to support very high read/write rates and the scale might be millions of operations per second, © Asingle aluc in each row is indexed; this value is known as the row key. 10, List the components of OpenStack, Seven core components of OpenStack are: * Nova (Compute) © Glance (Image Service) © Swift (Object Storage) * Horizon (Dashboard) © Keystone (Identity Service) + Neutron (Networking) © Cinder (Block Storage) IL, What is cloud federation? © A Federation cloud is an Inter-Cloud where a set of cloud providers willingly interconnect their cloud infrastructures to share resources among each other, © The cloud providers in the federation voluntarily callaborate to exchange resources, This type of Inter-Cloud is si clouds, ble for collaboration of government © Types of federation clouds are Peer to Peer and Centralized clouds. 12, State the benefits of cloud federation, Allows elient to optimize enterprise IT service delivery. Allows a client to choose best cloud service providers. © Fk ‘bility cost and availability of services to meet a particular business or technological need within their organization, © Allows applications to ran in the most appropriate infrastructure environments, 13, List the four levels of federation. © Permissive: Occurs when a server accepts a connection from a peer network server Without verifying its identity using DNS lookups or certificate checking.© Verified: Occurs when a server accepts a conneetion from a peer aft the identity of the peer has been verified. * Encrypted: Server accepts a connection from a peer if and only if the peer supports: Transport Layer Security (TLS) as defined for XMPP in Request for Comments (RFC) 3920, The peer must present a digital certificate. © Trusted: A server accepts a connection from a peer only under the stipulation that the peer supports TLS and the peer can present a digital cenificate certification authority (CA) that is trusted by the authenticating server, 14, Differentiate Permissive vs. Verified vs. Encrypted vs. Trusted Federation. Permissive Federation © Permissive federation c urs when a server accepts a connection from a peer network server without y using DNS lookups or certifieate checking. * The lack of verification or authentication may lead to domain spoofing Verified Federation This type of federation oceuts when a server accepts 4 connection from a peerafter the identity of the peer has been verified. = Ituses information obtained via DNS and by means of domain-specifie keys exchanged beforehand, © XMPP real time communication protocol uses XML. Enerypted Federation © Server accepts connection from a peer ifand only if the peer supports Transport Layer Seeurity (TLS) as defined for XMPP in Request for Comments (RFC) 3920, The peer must present a digital certificate, © Server Dial back uses the DNS as the basis for verifying identity. ‘Trusted Federation © A server accepts a connection from a peer only under the stipulation that the peer supports TLS and the peer ean present a digital certificate issued by a root certification authority (CA) that is trusted by the authenticating server. © Theuse of digital certificates results not only ina channel eneryption but also in strong authentication,The use of trusted domain certificates effectively prevents DNS poisoning attacks. 15, Write a short note on future of federation, © The implementation of federated communications is a precursor to building a seamless cloud that can interact with people, devices, information feeds, documents, application interfaces, and other entities. © It enables software developers and service providers to build and deploy such applications without asking permission from a large, centralized communications operator, PART—B 1. With an illustration, emphasize the significance of MapReduce paradigm in Hadoop: framework. List out the assumptions and goals set in HDFS architecture for processing the data based on divide-and-conquer strategy. Discuss MAPREDUCE with suitable diagram, Elaborate HDS concepts with suitabl Justrations, . Give detailed note on Hadoop framework. 2 3 4 5. Ilustrate dataflow in HDES during file read/write operation with suitable diagrams, 6. Explain the Hadoop distributed file system architecture with a diagram, 7, Ilustrate the Hadoap implement tion of MapReduce framework. 8, Analyze how MapReduce framework supports parallel and distributed computing on large datasets with a suitable example. 9, Illustrate Goo; ¢ App Engine (GAE) architecture in detail. 10, Explain the architecture and components of OpenStack, 1, What is cloud federation? Elaborate the different levels of cloud federation.