CS8791 Cloud Computing Question Bank Prepared By Kaviya.P Assistant Professor / Information Technology Kamaraj College of Engineering & Technology (Autonomous)Introduction to Cloud Computing — Defin 88791 CLOUD COMPUTING UNIT I-INTRODUCTION ion of Cloud ~ Evolution of Cloud Computing Underlying Principles of Parallel and Distributed Computing — Cloud Charaeteristies — Elasticity. in Cloud ~ On-demand Prov ing, Define cloud computing. (Buyya) A Cloud is a type of parallel and distributed system consisting of a collection of interconnected and virtualized computers. They are dynamically provisioned and presented as one or more unified computing resources based on service-level Agreements established through negotiation between the service provider and consumers. Define cloud computing. (NIST) “The National Institute of Standards and Technology (NIST) defines cloud computing as a "pay-per-use model for enabling available, convenient and on- demand network access to a shared pool of configurable computing resources (eg... networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” What are the convergences of various advances leading to the advent of cloud computing? Bowel Company popemeetiy4. What is Service Oriented Architecture (SOA)? Describe, compose, and orchestrate services, package, and transport messages between services, publish and discover services, represent quality of service (QoS) parameters, and ensure securit in service access. 5. What are the advantages and disadvantages of distributed computing? Advantages Disadvantages: © Extensibility and Ineremental Growth © Complexity © Economies © Network Problem © Speed * Security © Inherent distribution of applications and Reliability 6. What are the desirable features of Cloud? * On-Demand Self-service © Per-usage metering and billing (Measured service) * Rapid Elasticity © Resource Pooling * Broad Network Access 7. List down the types of clouds based on deployment models. + Public / Intemet Clouds © Private / Enterprise Cloud + Hybrid / Mixed Cloud © Community 8. Differentiate private and public cloud. Private Cloud Public Claud ‘ . eral This hosted at Service Provider site ar it is hosted at Service Provider site. entemprise a sagt te pate desig Ikonly supports connectivity over the private network, Scalability is very high, and reliability is Scalability is limited, and reliability is very moderate, high. Example: Amazon VPC and Azure Private | Example: Amazon Web Services (AWS), Cloud Google App Engine9. What are cloud service models? ‘The three main categories of cloud serviee models: Infrastructure as a Service (IaaS): The delivery of technology infrastructure (mostly hardware) as an on demand, scalable service. Example: Amazon EC2 Platform as a Service (PaaS): A complete development and deployment environment in the cloud, with resources that enable the user to develop and run their applications ¢ (Sai use. Example: Google Docs Software asa Ser 2aS is a licensed software offering on the cloud and pay per 10, Write a short note on community cloud, Community cloud is a cloud infrastructure that allows systems and services to be accessible by a group of several organizations to share the information. Example: Our government organization within India may share comp frastructure in the cloud to manage data. 11. List the advantages and disadvantages of cloud computing. Advantages Disadvantages: No upfront commitment * Downtime Cost efficiency : © Security © On Demand Sel * Vendor Lock-In ervice Disaster Recovery Excellent accessibility © Limited Control © Scalability © Legal Issues + Flexibility 12, Define parallel computing. Parallel computing is a type of computing architecture in which several processors simultaneously execute multiple, smaller ealeulations broken down from an overall larger, complex problem ‘The term parallel computing refers to a model in which the computation is divided among several processors sharing the same memory13. Define distributed computing. + The term distributed computing encompasses any architecture or system that allows. the computation to be broken down into topics and executed concurrently on different computing elements, whether these are processors on different nodes, Processors on the same computer, of cores within the same processor, © In Distributed Computing the processors communicate with one another through communication lines such 2s high-speed buses or telephone + Each processor has its own local Memory © Examples: ATM, Internet, Intranet /Workgroups. 14. Define cluster computing, Cluster Computing is a type of parallel or ributed computer system consists of a collection of inter-connected stand-alone computers working together as a single integrated computing resource, ‘Types of Clusters © High Availability or Failover clusters © Load Balancing Clusters © Parallel / Distributed Processing Clusters. 15, Differentiate parallel computing vs. distributed computing Single computer is required Parallel Computing Distributed Computing Many operations are performed | System components are located at different simultaneously locations Uses multiple computers Multiple processors perform — multiple operation Multiple computers perform — multiple ‘operations Ttmay have shared or distributed memory Tthas only distributed memory 16. Differe te grid and eloud eomputing. Grid Computing Cloud Computing Cloud computing is a centralized executive, Grid computing is a decentralized executive, Tn cloud computing, resources are used in centralized pattern. Th grid computing, resourees are used in collaborative pattem. Cloud computin, a high acee Grid computing is a low accessible serviee ily sealable as compared to grid Grid computing is Tow scalable in comparison to cloud computing.. Differentiate tightly coupled vs. loosely coupled system. ‘Tightly coupled System Loosely coupled system ‘All the processors are connected to a single ‘All processors have a local memory. global memory The communication between PEs in this | The communication between PEs in this model model takes place through the shared | takes place through the intereonnection network, memory the inter process communication channel, or Ipc. thas Memory oni Memory conflicts don't take place = 20, a . Give examples of Message Passing Interface. Remote Procedure Call (RPC) © Distributed Objects ‘© Distributed agents and Active Objects Web Service Identify the model for Message based communication, © Point-to-point message model © Publish andl Subscribe message model © Push Strategy © Pull Strategy © Request-reply message model What is “elasticity” in cloud computin; Elasticity is defined as the ability of a system to add and remove resources (such as CPU cores, memory, VM and container instances) to adapt to the load variation in real time, Elasticity isa dynamie property for cloud computing Elasticity is the degree to which a system provisioning and deprovis Elasticity =S © A manual elastic solution would provide ig resources in-an autono! able to adapt to workload changes by manner. lability + Automation + Optimization Name the policies used in elasticity “add or remove resources”. Elasticity can be provided either manual or automatic. their users with tools to monitor their systemsand add or remove resources but leaves the sealing decision to them.© Automatic mode: All the actions are done automatically, and this could be classified intoreactive and proactive modes. © Elastic solutions can be either reactive or predictive. © Reactive mode: The elasticity actions are triggered based on certain thresholds or rules, the system reacts to the load (workload or resource utilizati n) and triggers actions to adapt changes accordingly. Proactive mode: This approach implements forecasting techniques, anticipa future needs, the nd triggers actions based on this anticipation 22, Differentiate horizontal scaling and vertical scaling. Horizor ‘Scaling Moving a virtual machine instance to another |The process of adding/removing instances, physical machine with a different overall load | which may be located at different locations. changes its available resources The process of mo It is harder to upgrade and may involve ng. tesoumres (CEU, ' memory, storage oF both) size for an instance downtime, xy, Storey ) ad at run time. Tris not flexible forthe cloud systems fo cope | It gives more Hlexibility for the eloud systems with the varying workloads to cope with the varying workloads What is post-eopy and pre-copy in live migration? Post-capy migration: + Post-copy migration suspends the migrating VM, copies minimal processor state to. the larget host, resumes the VM and then begins fetching memory pages from the source Pre-copy migration: «In pre-copy approach, the memory pages are copied while the VM is running on the souree, # Ifsome pages are changed (called dirty pages) during the memory copy process, they will be recopied until the number of recopied pages is greater than dirty pages, or the source VM will be stopped, * The remaining dirty pages will be copied to the destin ion VM.24. Differentiate static resource provisioning vs. dynamic resource provisioning. Static Resource Provisioning Dynamic Resource Provisioning ‘The provider prepares the appropriate resources in advance of start of service. The provider allocates more resources as customer needed and removes them when they are not The customer is charged a flat fee or is billed on a monthly ba: The customer is billed on a pay-peruse basis 25, List the parameters of resource provisioning, Response time © Minimize cost © Revenue maximization © Fault tolerant + Reduced SLA Violation # Reduces Power Consumption 26, State the types of dynamic resource provisioning. * Local On-demand Resource Provisioning * Remote On-demand Resource Provisi 27. List the applications of cloud computing, © Scienti ic / Technical Applications + Business Applications © Consumer / Social Applications * An © Data storage and back-up = Education © Entertainment * Managementye Part=B Explain in detail about evolution of cloud computing. Elaborate the underlying principles of cloud computing. ain the characteristics/desired features of cloud computing with suitable examples. Illustrate how “elasticity” is a major advantage in cloud computing Explain on-demand resoutee provisioning in cloud computing,€S8791 CLOUD COMPUTING UNIT Hf - CLOUD ENABLING TECHNOLOGIES Service Oriented Architecture — REST and Systems of Systems — Web Services — Publish- Subscribe Model - Basics of Virtualization — ‘Types of Virtualization ~ Implementation Levels of Virtualization — Virtualization Structures — Tools and Mechanisms — Virtualization of CPU — Memory — 0 Devices —Virtualization Support and Disaster Recovery. 1, Define the term Web Service. ‘© Prominent technology for implementing SOA systems and applications. © They leverage Internet technologies and standards for building distributed systems, Based an well-kiiown and vendor-independent standards such as HTTP, SOAP, and wsDL. 2. List the major roles in SOA. ‘There are two major roles within SOA: © Service Provider: Develop and provides services * Service Consumer: Accessing services over Internet 3. State the components of service discovery. Service discovery consists of three components: # Service Register # Service Requestor «Service Provider 4, What are the properties of SOA? © Logical view + Message orientation © Description orientation + Granularity «Network orientation © Platform-neutral5. 6 1 What is the impact of SOA in cloud? A service-oriented approach that allows multiple service entities to communicate and share information through a single system, SOA does this by implementing a method called Loose coupling,” An SOA is a set of multiple services. Applications can be formed by making use of those facilities available across different platforms regardless of the languages or vendors. It improves business workflows white providing: © Access management services © Ease of monitoring and management © Easy data exchange © Interoperability © Platform-neviral approach co Reliability © Reusable codes and services © Service change impact Justify that Web and Web architecture are SOA based, SOA is an architectural style for building software applications that use services available in a network such as the web. It promotes loose coupling between software components so that they can be reused, Applications in SOA are built based on services. A service is an implementation of'a well-defined business functionality, and stich services can then be consumed by clients in different applications or business processes, SOA allows for the rouse of existing assets where new services can be crested from an existing IT infrastructure of systems, Write a short note on REST. REST is a software architecture style for distributed systems, particularly distributed hypermedia systems. REST stands for Representational State Transfer. REST itself is not a standard, while it uses various standards such as HTTP, URL, XML/HTML/GIFMPEG (Resource Representations) and texv’xml, texvhtm!, image/gif, image/jpeg, ete (MIME Types). State the four principles of REST. The REST architcotural style based on four principles# Resource ldlentification through URIs + Uniform, Constrained Interface * Sel riptive Message © Stateless Interactions 9, Identify the technologies that make up web services. ‘The technologies that make up the core of today's web services are as follows ple Object Access Pratacol (SOAP): SOAP provides a standard packaging. structure for transmission of XML documents over various Internet protocols, such as SMTP, HTTP, and FTP. Web Services Description Language (WSDL): It standardizes the representation of input and output parameters of its operations as well as the service's protocol binding, the way in which the messages will be transferred on the wire. Universal Deseription, Discovery, and Integration (UDD1); UDDI provides a global registry for advertising and discovery of web services, by searching for names, identifiers, categories, or the specification implemented by the web service, 10, What is virtualization in cloud computing? (or) Give the role of VM. AL. Give the basic apers Virtualization is a computer architecture technology by which multiple virtual machines (VMs) are multiplexed in the same hardware machine, ‘The purpose of 2 VM is to enhance resource sharing by many users and improve ‘computer performance in terms of resource utilization and application Flexibility, ‘or software resources such as Hardware resources such as CPU, memory, 1/0 devic 08, software ries can be virtua of YM Multiplexing: VMs can be multiplexed between hardware machines. Suspension: VM can be suspended and stored in stable storage. Provision (Resume): A suspended VM can be resumed or provisioned to a new hardware platform. Migration: A VM can be migrated from one hardware platform to another.12, Define Virtual Machine Monitor (VMM). Hardware-level virtualization inserts a layer between real hardware and traditional operating systems, This layer is commonly called the Virtual Machine Monitor (VMM) and it manages the hardware resourees of a computing Each time programs access the hardware the VMM captures the process Three requirements for a VMN © VMM should provide an environment identical to the original machine. © Programs run in this environment should show, only minor decreases in speed. © VMM should be in complete control of the system resources, 13. List the implementation levels of virtualization, Application level Library Support level Operating System level Hardware Abstraction layer level Instruction Set Architecture level 14, State the merits of virtualization at various levels. Table 3.1 Relative Merits of Virtualization at Various Levels. Higher Application Implementation Application Level of Implementation Performance Flexibility Complexity Isolation ISA x ad 20% 30% Hercware-iavel vituaization 20000 20% 200006 20004 ‘OS-evel vetuatzation 20000 x 2006 2 Runtime lbary support 200 10 20 cd User application level x XK root 20000 15, Write a short note on Xen hypervisor. ‘© Hypervisor supports hardware-level virtualization on bare metal deviees such as CPU, memory, disk and network interfaces. © Hypervisor sits direetly between physical hardware and its OS. ‘+ Xem is a mictokemel hypervisor, which separates the policy from the mechanism, © Itimplements all the mechanisms, leaving the policy to be handled by Domain 0. + Xen does not include any device drivers natively.16, What is binary translation in virtualization? © Binary translation is one speeific approach to implementing full virtualization that does not require hardware virtualization features, © Itinvolves examining the executable code of the virtual guest for "unsafe" instructions, translating these into “safe equivalents, and then executing the translated code. ‘+ Altematives to binary translation are binary patching, and full system emulation 17.State the advantages and disadvantages of virtualization, (or) “Although virtualization is widely accepted today, it does have its limits”. Comment on the statement, ‘Advantages: Disadvantages: © Utilization of hardware efficiently © Data ean be at risk © Availability increases with Virtualization | ¢ Learning new infrastructure ‘© Disaster recovery is efficient and casy © High initial investment © Virtualization saves energy * Cloud migration becomes easy 18, List the classes of Virtual Machine (VM) architecture, © Hypervisor Architecture + Paravirtualization © Host-based virtualization 19, Differentiate full virtualization ys para virtualization, Full Virtualization Paravirtualization In Full virtualization, virtual machine permits the execution of the In paravirtu implement full isolation of OS but rather ion, virtual machine does not 1. | instructions with running of | ‘ple i b i nnn provides a different API which is utilized _ OS in an entire isolated | hen OS is subjected to alteration. Paravirtualization is more secure than the Ful | Full Virtualization is less secure. Full Virtualization uses binary 3. | translation and direct approach as a technique for operations, While Paravirtualization uses bypercalls at compile time for operations.Full Virtualization Paravirtualization 4 Full Virtualization is slow than | Paravirtuatization is: faster in operation as paravirtualization in operation, compared to full virtualization, é Full Virwatization is more portable | Paravirtuatization is less portable and * | and compatible. compatible. ¢, | Example: Microsoft and Parallels | ample: VMware and Xen systems 20, Differentiate critical and non-critical instructions, | Critical Instruction Non-Critical Instruction ‘The instructions that can run only in keel mode are called critical instruction. ‘The instructions that can run only in user mode are called non-critical instruction. Example: Content Switching, Clear the memory Exanaple: Generate any trap instruction 21, List the categories of critical instructions. Critical instructions are divided into three eategoris Privileged instructio outside this mode coute in a privileged mode and will be trapped if exeeuted Control Sensitive Instructions: Attempt to change the configuration of resourees used Behaviour- Sensitive Instructions: Load and store operations over the virtual memory 22. What are the ways to implement 1/0 virtualization? ‘There are three ways to implement /O virtualization: Full device emulation: All the funetions of a device or bus infrastructure, such as der enumeration, identification, interrupts, and DMA, are replicated in software. This software is in the VMIM and acts as a virtual device, The VO access requests of the guest OS are trapped in the VMM which interacts with the YO devices. Para-virtualization: Typically used in Xen. It is also known as the split driver model consisting of a frontend driver and a backend driver. Direct 1/0: Lets the VM access deviees directly. It can achieve close-to-native performance without high CPU costs.23. Give the significance of virtualization for disaster recovery? © The cloning of VMs offers an effective solution. * Theidea is to make a clone VM on a remote server for every running VM on a local server. Among all the clone VMs, only one needs to he active. The remote VM should be in a suspended mode, in case of failure of * A cloud control center should be able to activate this clone V! the original VM, taking a snapshot of the VM (o enable live migration in a minimal amount of time, PART-B Explain how virtualization is implemented in different layers. (or) Explain various levels of virtualization implementation, EI icidate the virtualization of CPU, Memory, and 1/0 devices. Analyze how virtualization technology supports cloud computing. What is virtualization? Describe para and full virtualization architectures, Compare and contrast them. Explain in detail about load balancing in virtualization.$8791 CLOUD COMPUTING UNIT III = CLOUD ARCHITECTURE, SERVICES AND STORAGE Layered Cloud Architecture Design — NIST Cloud Computing Reference Architecture ~ Public, Private and Hybrid Clouds - laaS — PaaS — SaaS - Architectural Design Challenges — Clout Storage ~ Storage-as ervice — Advantages of Cloud Storage ~ Cloud Storage Providers ~ $3. PART—A 1. List the actors in cloud computing. ‘The five major participating actors in cloud computing are + Cloud Consumer © Cloud Provider = Cloud Broker © Cloud Auditor * Cloud Cartier 2. State the role of cloud auditor. A cloud auditor is a party that can perform an independent examination of cloud service controls with the intent to express an opinion thereon, A cloud auditor can evaluate the services provided by a cloud provider in terms of security controls, privacy impact, performance, etc. 3. What is the responsibility of cloud broker? Cloud Broker is an entity that manages the use, performance, and delivery of cloud services, and negotiates relationships between cloud providers and cloud consumers. As cloud computing evolves, the integration of cloud services may be too complex for cloud consumers to manage alone. 4, Mention the characteristic features of cloud. © On-demand self-service © Broad network access + Mullistenancy and resource pooling © Rapid elasticity and«scalability ©) Measured service 5. Differentiate PanS, SaaS and Cloud Players PaaS ‘Ss IY administrators / . Monitor SAS aed vionitor SLAs and Monitor SLAs | enable service cloud providers deploy software platforms Enabling platforms Softwaredevelopers | TO4P0YEMd | i, configurator: | DeFelonand deploy store data software and APIS End users ar business | To deploy and Teese id tee Use business software users store data web software Example ‘Amazon EC2 | Google App Engine ae —_ Canad, 6. Differentiate private cloud and public cloud, Private Cloud Public Cloud Single Tenancy Multi-Tenaney It only supports connectivity over the private network. is eonneeted to the publie internet ‘Scalability is limited, and reliability is very Sealability is very high, and reliability is high. moderate. Dedicaied Servers Shared Servers Eg: Microsofi. KVM, HP, RedHat | Eg: Amazon Web Service (AWS) and Google & VMWare. App Engine. 7. Why do we need a hybrid cloud? Hybrid cloud is a sol that combines @ private cloud with one or more publie cloud services, with proptictary software enabling communication between each distinct service, Hybrid cloud allows companies to combine their own data center andlor private cloud setup with public cloud resources such as Software as a Service, or SaaS. Softwaretouch points are used between the two infrastructures to help move data back and forth between them as needed. 8. Write a short note on community cloud, © A community cloud model is a collaborative effort where infrastructure is shared and jointly aecessed by several arganizations from a specific group that share specific compuiting concerns such as, security, compliance, or jurisdiction considerations, © Eg: IBM soft tayer cloud 9, Who are the major players of cloud? © Amazon Web Services (AWS) *® Microsoft Azure © Google Cloud © IBM Cloud © Oracle © Salesforce 10, Identify the architectural design challenges in cloud, Challenge 1; Service Availability and Data Lock-in Problem Challenge 2: Data Privacy ahd Security Concerns Challenge 3: Unpredictable Performance and Bottlenecks Challenge 4; Distributed Storage and Widespread Software Bugs Challenge 5: Cloud Scalability, Interoperability, and Standardization Challenge 6: Software Licensing and Reputation Sharing IL, Define cloud storage (Storage as a Service) with examples. © Cloud storage is « cloud computing modet that stores data on the Internet through a cloud computing provider who manages and aperates data storage as a service, © Stored data can be ac sed from anywhere and in anytime over Internet © Eg: Apple (iCloud), Amazon (Amazon Web Services), Dropbox, ind Google12. State the advantages and disadvantages of cloud storage. ‘Advantages Disadvantages + Usability and accessit + Intemet Connection © Security © Costs # Cost-afficient © Hard drives © Convenient sharing of files Support Automation + Privacy © Multiple users 13. Write a short note on Amazon $3. + Amazon Simple Storage Service (Amazon $3) is a scalable, high-speed, web-based cloud storage service. The service is designed for online backup and archiving of data and applications on Amazon Web Services (AWS). ‘+ Amazon S3 provides a simple web services interfuce that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. ‘+ 83 provides the object-oriented storage service for users, © Users can access their objects through Simple Object Access Pratocol (SOAP) with either browsers or other elient programs which support SOAP. 14, What is Amazon EBS? © The Elastic Block Store (EBS) provides the volume block interface for saving and restoring the virtual images of [C2 instances, * The status of EC2 is saved in the EBS system afier the machine is shut down. + Users can use EBS to save persistent data and mount to the running instances of EC2. 8 allows you to create storage Volumes from 1 GB to | TB that ean be mounted as EC2 instances. 15, State the purpose of Amazon SimpleDB, jed data — model based on the relational database data pleDB provides a sig model.© Structured data from users must be organized into domains. 0 Each domain ean be considered a table. © The items are the rows in the table, © A cell in the table is recognized as the value for a specific attribute (column name) of the corresponding row. + This is like a table in a relational database and possible to assign multiple values to a single cell in the table. PART-B |. Explain in detail about NIST Cloud Computing Reference Architecture, 2. With architecture, elaborate the various deployment models and reference madels of cloud computing: List the cloud deployment models and give a detailed note about them, What are the pros and cons of public, private and hybrid cloud? Compare and contrast the cloud deployment models, ae Deseribe service and deployment models of a cloud computing environment with illustrations, How da they fit ih NIST cloud architecture? Describe the different working models of cloud computing. 8, Give the importance of cloud compiiting and elaborate the different types of services offered by it, 9, lustrate the cloud delivery models in detail 10, Describe Infrastructure-as-a-serviee (Iaa8), Platform-as-a-Serv a-Service (SaaS) witl (PaaS) and Software-as~ example. 11. Explain in detail about architectural design challenges in cloud. 12. What is cloud storage? Elucidaie Amazon el rage in detail.€S8791 CLOUD COMPUTING UNIT IV - RESOURCE MANAGEMENT AND SECURITY IN CLOUD Inter Cloud Resource Management — Resource Provisioning and Resource Provisioning Methods ~ Global Exchange of Cloud Resources ~ Security Overview ~ Cloud Security Challenges — Software-as-a-Service Security — Security Govemance — Virtual Machine Security — IAM — Security Standards. PAR’ ks) 1. Define Intereloud. 2. What aro the challenges of Inte Intercloud is a network of cloud s that are linked with each other. This includes private, public, and hybrid clouds that come together to provide a seamless exchange of data Combining many different individual clouds into one seamless mass in terms of on- demand operations. joud? Identification: A system should be created where each cloud can be identified and accessed! by anather cloud, like how devices connected to the internet are identified by: IP addresses. Communication: A universal language of the eloud should be created se that they are able to verify each other's available resoure mayment: When one provider uses the assets of another provider, a question arises on how the second provider will be compensated, so a proper payment process should be developed. 3. What are extended cloud computing services? Hardware as a Service (HaxS) Network as a Service (NaaS) Location as a Service (LaaS) Seburity as a Service (SaaS) Data as a Service (Daa) Communieation as a Service (CaaS)4. List the information available in VM template. The information available in VM template are: + The number of cores oF processors to be assigned to the VM © The amount of memory the VM requires ‘© The kemel used to boot the VM’s operating system ©The disk image containing the VM's file system © The price per hour of using a VM © The address of the physical machine hosting the VM © The VM's network configuration 5. What is the responsibility of Virtual Infrastructure Engine (VIE? © Users submit VMs on physieal machines using different kinds of hypervisors. + VIEs (Virtual Infrastructure Engine) can create and stop VMs on a physical cluster 6, How does InterGrid Gateway (IGG) allocates resources? ‘An InierGrid gateway (IGG) allocates resources from one organization's local cluster and interacts with another IGG that can allocate resources from a cloud computing provider. Intergrid gateway (IGG) allocates resources from a local cluster three steps: ‘+ Requesting the VMs (Resources) © Enacting (Validate) the leases + Deploying (install) the VMs as requested 7. Find the actors present in Intercloud? © Cloud Broker: An entity that manages the use, performance, and delivery of eloud services, and negotiates relationships between cloud providers and cloud consumers. © Cloud Coordinator: It evaluates the available resources + Supported services: © Application scheduli © Resource allocation © Migration of workloads © Cloud Exchange: It acts as a market maker for bringing together service producers and consumers.8. What is resource provisioning in cloud? © Cloud provisioning is the allocation of a cloud provider's resourees and services to acustomer, © The growing catalogue of cloud services that customers can provision includes infrastructure as a servi oftware as a service and platform as a service, in public or private cloud environments, jing methods: © Demand-driven method © Resource-provis © Eventdriven method © Popularity-Driven Resource Provisioning 9. Differentiate under-provisioning and over-provisioning, Under Provisioning Over Provisioning Allocating fewer resources than required, | The peak load causes heavy resource otherwise the service cannot serve its users | waste with a good service. Leads to broken SLA and penaltic ‘Leads to resource underutilization, 10, List the types of resource provisioning methods. © Demand-Driven: Adds or removes nodes (VM) based on the current utilization level of the allocated resources, © Event-Driven: Adds or removes machine tances based on a specific time event, © Popularity-Driven: Based on Intemet traffic monitored. AL, List the Gartner's security ssucs in cloud, «Privileged user access = Regulatory compliance © Data location © Data segregation + Recovery ive support ‘+ Long-term viability12, What are the threats occurring while transferring or saying data in cloud (ar) list out the key privacy issues in cloud. Handling of data by third party © Cyberattacks ‘© Insider threats © Government intrusion © Legal liability © Lack of standandization Lack of support 13. Define Man-in-Middle attack. © Information shared between two parties could be hacked by the middle (third) party. * Caused due to improper configuration of Secure Socket Layer (SSL). ‘© A general term for when a perpetrator positions himself in a conversation between a user and an application cither to cavesdrop or Lo impersonate one of the partics, making, it appear as if a normal exchange of information is underway. 14, What is Cross-Site Seripting attack? © Cross-Site Scripting (NSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. + User enters the correct URL of a website, whereas on another site, hacker redirects the: user to his/her website and hacks its identification. 15. List the security services offered by cloud. © Availability: Data never ioss and Machine never fail © Confidentiality: Authorized to know the information ‘© Integrity: Data has not been tampered 16, Define data integrity, confidentiality, and availability. * Data integrity: Refers to the technique for ensuring th he data is genuine, correct and protected from illegal user alteration, Mechanisms Used: Digital Signature, Hashing methods and message verification codes,Confidentiality: Refers to limiting data access only to authorized users and stopping. access 10 unauthorized ones, Mechanisms Used: Access control, Biometric, Encryption, Privaey, Ethi Availability: Availability of date resource. Mechanisms Used: Data backup, recovery plan. 17. List the phases of secure SDLC. Investigation Analysis Logical design Physical design Implementation Maintenance 18, What is security governance? A security sicering commitice is developed whose objective is to focus on providing guidance about security initiatives and alignment with business and IT’ strategies. A charter: First deliverables from the steering committee. Charter clearly defines the roles and responsibilities of the security team and other groups involved in performing information security functions. 19. How can the data seeurity be forces in cloud? Security need at the data level, so enterprises can be sure that their data is protected wherever it goes. Provides compliance with Payment Card Industry Data Security Standard (PCIDSS). Ensures data security using: © Authentication: OTP © Eneryption and Decryption algorithms © Data integrity: Hashing techniques (Message Digest, SHA)20, Define application security. © Application security is one of the critical success factors for a world-class SaaS company. ‘© Application security processes, secure coding guidelines, training, and testing scripts and tools are typically a collaborative effort between the security and the development teams. © SaaS providers should secure their web appli tions by following Open Web Application Security Project (OWASP) guidelines for secure application development, by locking down ports and unnecessary comnsands, 21, What is Virtual Machine security? © In the cloud environment, physical servers are consolidated (combined) to multiple Virtual machine instances, ‘© Following are deployed on virtual machines to ensure security: © Firewalls © Intrusion detection and prevention © Integrity monitoring © Log inspection 22, What is Identity Access Management (IAM)? © IAM refers to a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. * IAM Services are: © Authentication © Authorization © Auditing PART-B 1, Explain in detail about cloud resource provis ing methods. 2. Explain in detail about cloud security challenges. Elaborate the security services in detail, Explain data security, application security and virtual machi security. Illustrate Identity Access Management (IAM) architecture. What is the purpose of IAM? Describe its functional architecture with an illustration. ee How is the identity and access management established in cloud to counter the threats?€S8791 CLOUD COMPUTING UNIT V = CLOUD TECHNOLOGIES AND ADVANCEMENTS Layered Cloud Architecture Design - NIST Cloud Computing Reference Architecture ~ Public, Private and Hybrid Clouds - Ina — PaaS — SaaS — Architectural Design Challenges — Cloud Storage — Storage-as-2- Service ~ Advantages of Cloud Storage Cloud Storage Providers — $3, 2 ein “TIDES js fault tolerant” © HDFS is highly fault tolerant. = Itcreates replica of users* data on different machines in the HDFS cluster, © So wheneverifi PART — A (2 Marks) Give the significance of heartheat message in Hadoap. + A Heartbeat is a signal from Datanode to Namenode to indicate that it is alive. DFS, absence of heartbeat indicates that there is some problem and then Namenode, Datanode eannat perform any computation. © The default heartbeat interval is 3 seconds, Is it crue? Justify your answer, 1y machine in the cluster goes down, then data is accessible fromother machines in which the same copy of data was created. 3. What is distributed file system? © A file system that is distributed on multiple file servers or multiple locations, + It allows programs to access or store isolated files as they do with the local oes, allowing programmers to access files from any neiwork oreomputer. 4, How MapReduce framework executes user jobs? © Mapfteduce program executes in three stages. © Map stage; The map or mapper’s jab is to process the input data, Generally, the input data is in the form of file or directory and is stored in the Hadoop file system (HDFS). # Reduce stage: This siage is the combination of the Shull stage and the Reduce stage. ‘The Reducer’s job is to process the data that comes from the mapper. After processi it produces a new set of output, which will be stored in the HDFS.5. % Name the different madules in Hadoop framework. © Hadoop is made up of 4 core modules: (© Hadoop Distributed File System (HDFS) 0 Yet Another Resource Negotiator (YARN) © Hadoop Common © MapReduee What are the advantages of using Hadaop? © Fault-Tolerant * Performance © Highly Available © Low Network Traffic © High Throughput * Open Source © Cost Effeetive Write a short note on VirtualBox. © Oracle VM VirtualBox is cross-platform virtualization software + ILallows users to extend their existing computer to run multiple operatinig systems. including Microsoft Windows, Mac OS X, Linux, and Oracle Solaris, at the same List the technologies used by GAB. © Google Fite System (GF: ‘© MapReduce: For application program development and performing computation, ): For storing large amounts of data © Chubby: For distributed application lock services. © BigTable: Offers a storage service, Write a short note on BigTal © It provides a service for storing and ret sured data, wing structured and sermistrus * BigTable applications include storage of web pages, pei er data, and geographic locations,The databa: of operations per second. needs to support very high read/write rates and the scale might be millions A single value in each row is indexed; this value is known as the row key. 10, List the components of OpenStack. Seven core components of OpenStack Nova (Compute) Glance (Image Service) Swift (Object Storage) Horizon (Dashboard) Keystone (Identity Service) Neutron (Networking) Cinder (Block Storage) 1, What is cloud federation? A Federation cloud is an Inter-Cloud where a set of cloud providers w interconnect their cloud infrastructures to share resources among each other. The cloud providers in the federation voluntarily collaborate to exchange resources, This type of Inter-Cloud is suitable for collaboration of governmental clouds, ‘Types of federation clouds are Peer to Peer and Centralized clouds. 12, State the benefits of cloud federation, Allows client to optimize enterprise IT service delivery, Allows a client to choose best cloud service providers. Fl technological need within their organization. ‘bility cost and availability of services to meet a particular business Allows applications to run in the most appropriate infrastructure environments. 13, List the four levels of federation, Permissive: Occurs when a server accepts a connection from a peer network server Without verifying its identity using DNS lookups or certificate checking.© Verified: Occurs when a server accepts-a connestion from a peer after the identity of the peer has been verified, © _Enerypted: Server accepts a connection from a peer if and only if the peer supports. Transport Layer Security (TLS) as defined for XMPP in Request for Comments (RFC) 3920. The peer must present a digital certificate. + Trusted: A server accepts a connection from a peer only under the stipulation that the peer supports TLS and the peer can present digital certificate issued by a root certification authority (CA) that is trusted by the authenticating server. 14, Differentiate Permissive ys. Verified ys. Encrypted vs. Trusted Federation. Permissive Federation © Permissive federation oceurs when a server accepts a connection from a peer network server without verifying its identi y using DNS lookups of certificate checking. * The lack of verification or authentication may lead to demain spoofing, Verified Federation © This type of federation oceurs when a server accepts a connection from a peer after the identity of the peer has been verified. © Ituses information obtained via DNS and by means of domain-specific keys exchanged beforehand, + XMPP real time communication protocol uses XML. Enerypted Federation © Server accepts a connection from a pecr ifand only if the peer supports Transport Layer Security (TLS) as defined for XMPP in Request for Comments (RFC) 3920. © The pecr must present a digital certificate, ‘© Server Dial back uses the DNS as the basis for verifying identity. ‘Trusted Federation © A server accepts a connection from a peer only under the stipulation that the peer supports TLS and the peer can present a digital certificate issued by a root certification authority (CA) that is trusted by the authenticating server. © Theuse of digital certificates results not only ina channel encryption but also in strong authentication,© The use of trusted domain certificates effectively prevents DNS poisoning attack 15, Write a short note on future of federation, © The implementation of federated communications is a precursor ta building a seamless cloud that can interact with people, devices, information feeds, documents, application interfaces, and other entities. # It enables software developers and service providers ta build and deploy such applications without asking permission from a large, centralized communications operator, PART-B 1, With an illustration, emphasize the significance of MapReduce paradigm in Hadoop framework. List aut the assumptions and goals set in HDFS architecture for processing the aa based on divide-and-conquer strategy. Discuss MAPREDUCE with suitable diagram, Elaborate HDFS concepts with suitable illustrations, Give detailed note on Hadoop framework. 3 llustrate dataflow in HDES during file read/write operation with suitable diagrams. Explain the Hadoop distributed file system architecture with a dingram, 7, Illustrate the Hadoop implementation of MapReduce framework ae 8, Analyze how MapReduce framework supports parallel and distributed computing an large datasets with a suitable example. 9, Ilustrate Googte App Engine (GAE) architecture in detail, 10, Explain the architecture and components of OpenStack. 11. What is cloud federation? Elaborate the different levels of cloud federation