Professional Documents
Culture Documents
CSIT Department
Model Answer Sheet of Test II
Summer 2023- 24
Course & Year code: IH4I Sem : IV
Class: SY CSIT Div: -
Subject Name: Cloud System & service Sub. Code:22497
Faculty Name:Mrs V.S.Mali Marks: 20
A Edge computing ia the network Paradigm Which arrange the network near the
User.
Or 2M
Edge computing is a distributed information technology (IT) architecture in 8
Correct
which client data is processed at the periphery of the network, as close to the answer
originating source as possible. 2M
Benefits :
Reduced delay and Improved Performance
Improved Security and Data Privacy
High Resiliency
Q.1 Increased Scalability
(B) Operational Cost Savings
Q.2
(A) a. Draw and explain Cloud Database Architecture
2M
for
Client level application- explana
tion of
client application interact with the cloud database through API OR Each
database driver. This applications can be web application, mobile app of Compon
ent and
other services accessing for the db for data storage & manipulation.
2M for
Diagra
End user m
End users are used in product development for accessing database to store
data
Administrative level-
It is used to store & manage databases that are stored on server & to
provide data access for authorized users.
b
Explain Cloud Identity & access management IAM Policies in Details
There are several types of IAM policies in AWS that you can use to
control access to AWS resources. Here are some of the most common
types of IAM policies:
2. Resource-Based Policies
These policies are attached directly to AWS resources such as S3
buckets, SQS queues, or SNS topics. They define which principals
(users, roles, accounts) can access the resource and what actions they
can perform.
4. Permission Boundaries
Permission boundaries are an advanced feature in IAM that allow you
to control the maximum permissions that a user or role can have. This
is useful in scenarios where you want to limit the permissions that can
be attached to a user or role.
5. Managed Policies
AWS provides a set of managed policies that define common sets of
permissions. These policies can be attached to multiple users, groups,
or roles. Examples include Administrator Access, PowerUserAccess,
and ReadOnlyAccess.
6. Inline Policies
Inline policies are policies that are embedded directly into a user,
group, or role. These policies are defined and managed within the
identity they are attached to and are useful for providing specific
permissions to a single entity.
7. Session Policies
Session policies are temporary policies that are passed when an IAM
user assumes a role. These policies can further restrict the permissions
that the user has while assuming the role.
2. Incremental Backup:
Incremental backups only capture changes made to the data since the last
backup, reducing the amount of data transferred and stored compared to
full backups.
• Pros
1. Efficient use of storage space since files are not duplicated in their
entirety
2. Lightning-fast backups
3. Can be run as often as desired, with each increment being an
individual recovery point
• Cons
1. Time-consuming restoration since data must be pieced together
from multiple backups
2. Successful recovery is only possible if all the backup files are
damage-proof
3. File search is cumbersome – you need to scout more than one
backup set to restore a specific file
3. Differential Backup:
Differential backups capture all changes made since the last full backup.
Unlike incremental backups, they do not rely on previous backup sets to
restore data.
• Pros
1. Takes less space than full backups
2. Faster restoration than incremental backups
3. Much faster backups than full backups
• Cons
1. Potential for failed recovery if any of the backup sets are incomplete
2. Compared to incremental backups, the backup takes longer and
requires more storage space
3. Compared to full backups, restoration is slow and complex
4.Snapshot Backup
- *Explanation:* Snapshot backups capture the state of a system or
dataset at a specific point in time. They create a read-only copy of the
data, allowing users to revert to that state if needed.
- *Advantages:* Snapshot backups are instantaneous and provide a
consistent view of data at the time of backup. They are commonly used for
virtual machines and databases.
5. Cloud-to-Cloud Backup:
- *Explanation:* Cloud-to-cloud backup involves backing up data from
one cloud service to another cloud provider's infrastructure. This is often
used to protect data stored in Software-as-a-Service (SaaS) applications
like Microsoft 365 or Google Workspace.
- *Advantages:* Cloud-to-cloud backup ensures data redundancy and
protection against data loss due to cloud service outages, accidental
deletions, or malicious activities.
1.Data Breaches:
Unauthorized access to sensitive data stored in cloud databases, file
storage services, or applications can lead to data breaches. Attackers may
exploit misconfigurations, weak authentication mechanisms, or insecure
APIs to gain access to confidential information.
5. Insider Threats:
Malicious or negligent insiders with privileged access to cloud
resources may intentionally or accidentally misuse their privileges to
steal data, sabotage systems, or compromise network security. Insider
threats can result from disgruntled employees, contractors, or partners
with access to sensitive information.
Explain
Each
6. Account Compromise: threats
Attackers may compromise user accounts or credentials through in
phishing attacks, password guessing, or credential stuffing, gaining details
unauthorized access to cloud services and data. Once inside, attackers 4M
can escalate privileges, exfiltrate data, or launch further attacks within
the cloud environment.
Differen
tiate
each
points
4M
b Explain main Cloud API Models.
• Infrastructure level:
Infrastructure-level APIs, also called infrastructure-as-a-service
(IaaS) APIs, help provision and manage cloud-hosted infrastructure.
IaaS APIs may be used to streamline the management of virtual
servers, cloud storage, cloud security, and other infrastructure-level
software and services.
• Service level:
Service-level APIs, or platform-as-a-service (PaaS) APIs, connect this
infrastructure to third-party platforms for developing applications.
PaaS APIs allow developers to access development tools, operating Explain
systems, software, and databases so they can build their own Each
applications. API
• Application level: Models
4M
Application-level APIs, or software-as-a-service (SaaS) APIs, connect
infrastructure to cloud-based applications that are managed by third-party
providers. SaaS APIs enable users to access fully-built cloud applications
(e.g. Gmail) from a client.
Incharge HOD