V.S.B.

ENGINEERING COLLEGE, KARUR

(An Autonomous Institution)
Department of Computer Science and Business
Systems
Academic Year 2023-2024 (ODD Semester)
CCS 335 CLOUD COMPUTING

UNIT 1
CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Q.1 Define cloud computing.

Ans. : NIST definition of cloud: Cloud computing is a pay-per-use model for enabling
available, convenient, on-demand network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage, applications, services) that can be rapidly
provisioned and released with minimal management effort or service-provider interaction

Q.2 What is the use of elasticity in cloud ?

Ans. : The elastic nature of cloud services has provided enterprises with incredible
flexibility in consuming resources for computing, storage, infrastructure and more. With
access to a rapidly growing ecosphere of cloud products on-demand, enterprises have been
able to achieve the agility, scalability and cost savings required to increase competitiveness
and fuel digital transformation.

Q.3 Define on-demand provisioning.

OR Depict the importance of on-demand provisioning in e-commerce applications.
Ans.: On-Demand Computing (ODC) is a delivery model in which computing
resources are made available to the user as needed. The resources may be maintained within
the user's enterprise or made available by a cloud service provider.

Q.4 Why do we need a hybrid cloud? Justify.

Ans.: Hybrid cloud solutions enable us to migrate and manage workloads between
these various cloud environments, allowing to create more versatile setups based on specific
business needs. Many organizations choose to adopt hybrid cloud platforms to reduce costs,
minimize risk and extend their existing capabilities to support digital transformation efforts.

Q.5 Give the advantages of storage as a service.

Ans. :
o Scalability: STaas provides a high level of scalability.
o High - level backup and recovery
 o Optimizes storage to be cost-effective

Q.6 What is a hybrid cloud ?

Ans.: Hybrid cloud integrates public cloud services, private cloud services and on-
premises infrastructure and provides orchestration, management and application portability
across all three.

Q.7 List the main characteristics of cloud computing.

Ans. : Cloud computing's characteristics include on demand service, broad self
network access and being very elastic and scalable.

Q.8 Illustrate the virtual appliances in cloud computing.

Ans.: Virtual appliance is a pre installed and pre configured software solution on one
or more virtual machines that is optimized for a specific function. A virtual appliance does
not require locally installed hardware and can be remotely accessed by users. Its purpose is to
simplify the delivery and operation of an application, so only the OS components required to
support the application's functions are included.

Q.9 Differentiate public cloud and private cloud.

Ans. :

Public Cloud Private Cloud

Cloud Computing infrastructure is shared Cloud Computing infrastructure is shared
with the public by service providers over the with private organizations by service
internet. It supports multiple customers i.e, providers over the internet. It supports one
enterprises. enterprise.
Multi-Tenancy i.e, Data of many enterprises Single Tenancy i.e, Data of a single
are stored in a shared environment but are enterprise is stored.
isolated. Data is shared as per rule,
permission, and security.
Cloud service provider provides all the Specific services and hardware as per the
possible services and hardware as the user- need of the enterprise are available in a
base is the world. Different people and private cloud.
organizations may need different services and
hardware. Services provided must be
versatile.
It is hosted at the Service Provider site. It is hosted at the Service Provider site or
enterprise.
It is connected to the public internet. It only supports connectivity over the private
network.
Scalability is very high, and reliability is Scalability is limited, and reliability is very
moderate. high.
Cloud service provider manages the cloud Managed and used by a single enterprise.
and customers use them.
 It is cheaper than the private cloud. It is costlier than the public cloud.
Security matters and dependent on the It gives a high class of security.
service provider.
Performance is low to medium. Performance is high.
It has shared servers. It has dedicated servers.
Example: Amazon web service (AWS) and Example: Microsoft KVM, HP, Red Hat &
Google AppEngine etc. VMWare etc.

Q.10 Summarize the benefits and drawbacks of using "Platform as a Service".

Ans. : Benefits:
1. Reduced capital expenditure.
2. Reduced skill requirements.
3. Ability to add new uses quickly.
Drawbacks of PaaS :
1. Security and compliance risks: PaaS software is generally offered in a public cloud
where it is shared by multiple users, which creates a higher risk of security vulnerabilities.
2. Vendor lock-in: PaaS solutions for each business requirement might differ and the
chosen vendor may not be able to provide convenient options for frameworks, customization,
or migration.
3. Loss of operational control: Developers may have to trade off the abstraction for
more granular control over application components.

Q.11 List cloud enabling technology.

Ans. Enabling technologies are as follows:
1. Broadband networks and internet architecture
2. Data center technology
3. Virtualization technology
4. Web technology
5. Multitenant technology

Q.12 What is cloud service ?

Ans. :
• Cloud service is any service made available to users on demand via the Internet from
a cloud computing provider's servers as opposed to being provided from a company's own on
premises servers.
• Cloud services are designed to provide easy, scalable access to applications,
resources and services, and are fully managed by a cloud services provider.
Q.13 What Is a dynamic Infrastructure platform ?
Ans. A dynamic infrastructure platform is a system that provides computing
resources, particularly servers, storage and networking, in a way that they can be
programmatically allocated and managed.

Q.14 What is cloud adoption ?

Ans. : Cloud adoption is a strategic move by organizations of reducing cost,
mitigating risk and achieving scalability of data base capabilities. Cloud adoption may be up
to various degrees in an organization, depending on the depth of adoption. In fact the depth of
adoption yields insight into the maturity of best practices, enterprise-ready cloud services
availability.

Q.15 What is cloud reference model ? What are the applications of this models ?
Ans. The cloud computing reference model is an abstract model that characterizes and
standardizes the functions of a cloud computing environment by partitioning it into
abstraction layers and cross layer functions. The three cross layer functions are business
continuity, security and service management.

Q.16 List and explain cloud deployment models.

Ans.: Cloud deployment models are refers to the location and management of the
cloud's infrastructure. Deployment models are defined by the ownership and control of
architectural design and the degree of available customization. Cloud deployment models are
private, public and community clouds.

Q.17 List and explain cloud deployment models.

Ans. : Cloud deployment models are refers to the location and management of the
cloud's infrastructure. Deployment models are defined by the ownership and control of
architectural design and the degree of available customization. Cloud deployment models are
private, public and community clouds

Q.18 What is public cloud ?

Ans.: Public cloud is built over the Internet and can be accessed by any user who has
paid for the service. Public clouds are owned by service providers and are accessible through
a subscription

Q.19 What is private clouds ?

Ans.: A private cloud is built within the domain of an intranet owned by a single
organization. Therefore, it is client owned and managed and its access is limited to the
owning clients and their partners.
Q.20 What is community cloud ?
Ans. The cloud infrastructure is shared by several organizations and supports a
specific community that has shared concerns (e.g. mission, security requirements, policy, or
compliance considerations). It may be managed by the organizations or a third party and may
exist on premises or off premises

Q.21 What do you understand by SaaS ?

Ans. : Software-as-a-Service (SaaS) is a software delivery model that provides
access to applications through the Internet as a Web-based service. It provides a means to free
users from complex hardware and software management by offloading such tasks to third
parties, which build applications accessible to multiple users through a Web browser

Q.22 What do you mean by term scalability in terms of cloud?

Ans.: The ability to scale on demand constitutes one of the most attractive features of
cloud computing. Scalability refers to the idea of a system in which every application or piece
of infrastructure can be expanded to handle increased load.

Q.23 How Cloud computing provides scalability and fault tolerance ?

Ans. : Fault tolerance is the process of finding faults and failures in a system. If a fault
occurs or there is a hardware failure or software failure then also the system should work
properly

Q.24 What is cloud ecosystem ?

Ans. :
 Cloud computing ecosystem are business process, application services, platform
services and Infrastructure services.
 A cloud ecosystem is a complex system of interdependent components that all work
together to enable cloud services.
 In cloud computing, the ecosystem consists of hardware and software as well as cloud
customers, cloud engineers, consultants, integrators and partners.

Q.25 What is meant by laas in cloud computing ?

Ans. : IaaS is a cloud service model where the physical resources or hardware like
storage, compute and network are provisioned and maintained by a cloud provider.
Organizations can access these resources virtually via the internet for as long as they want.
Q.26 What is the use of laas in cloud computing ?
Ans. : IaaS provides the basic infrastructure like storage, network and compute
resources and other additional offerings like load balancing, clustering and security to
organizations in a virtualized manner over the internet. This way, organizations can focus on
building their applications, without worrying about maintaining the infrastructure or installing
the hardware and software, reducing costs and speeding up the application development.

Q.27 What is meant by Service Oriented Architecture?

Ans:Service-oriented architecture (SOA) is a method of software development that

uses software components called services to create business applications. Each service
provides a business capability, and services can also communicate with each other across
platforms and languages. Developers use SOA to reuse services in different systems or
combine several independent services to perform complex tasks.

For example, multiple business processes in an organization require the user

authentication functionality. Instead of rewriting the authentication code for all business
processes, you can create a single authentication service and reuse it for all applications.

Q.28. What is the role of Cloud Auditor?

Ans:A cloud audit is a test of a cloud environment, typically conducted by an

Independent third-party. During an audit, the auditor gathers evidence via physical inspection,
inquiry, observation, re-performance, or analytics.
Cloud security audits commonly focus on an organization’s security controls – these
are the operational, procedural, or technical protections an organization uses to safeguard the
integrity and confidentiality of its information systems. In the cloud, an auditor may evaluate
which security controls exist, whether they are implemented correctly, whether they are
working as expected, and how effective they are at mitigating threats.

Q.29 Define Private cloud?

Ans:A private cloud is a cloud computing environment dedicated to a single
organization. Any cloud infrastructure has underlying compute resources like CPU and
storage that you provision on demand through a self-service portal. In a private cloud, all
resources are isolated and in the control of one organization. So, the private cloud is also
called the internal or corporate cloud.

Q.30 Define Public cloud?

 Ans:Public Cloud is an IT model where on-demand computing services and
infrastructure are managed by a third-party provider and shared with multiple organizations
using the public Internet. Public cloud service providers may offer cloud-based services such
as infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service
(Saas) to users for either a monthly or pay-per-use fee, eliminating the need for users to host
these services on site in their own data center.

CCS 335 CLOUD COMPUTING

 UNIT II

VIRTUALIZATION BASICS
Q.1 What is virtualization ?
Ans. : Virtualization is an abstraction layer that decouples the physical hardware from
the operating system to deliver greater IT resource utilization and flexibility. It allows
multiple virtual machines, with heterogeneous operating systems to run in isolation, side-by-
side on the same physical machine. Virtualization means running multiple machines on a
single hardware. The "Real" hardware invisible to operating system. OS only sees an
abstracted out picture. Only Virtual Machine Monitor (VMM) talks to hardware.

Q.2 What are the benefits of virtualization in the context of cloud computing ?
Ans. :
1. It is possible to achieve a more efficient use of resources.
2. Portability and self-containment also contribute to reducing the costs of
maintenance.
3. A virtual execution environment can be configured as a sandbox, thus preventing
any harmful operation.

Q.3 List disadvantages of virtualization.

Ans. :
1. Performance degradation.
2. Virtualization can some time lead to an inefficient use of the host.
3. Virtualization opens the door to a new and unexpected form of phishing.

Q.4 What is operating system level virtualization ?

Ans.: Operating-system-level virtualization is a server-virtualization method where
the kernel of an operating system allows for multiple isolated user-space instances, instead of
just one. Such instances, which are sometimes called containers and software containers.

Q.5 What are hardware virtualization techniques ?

Ans. This technology allows simulating the hardware interface expected by an
operating system. Hardware virtualization allows the coexistence of different software stacks
on top of the same hardware. These stacks are contained inside virtual machine instances,
which operate in complete isolation from each other.

Q.6 What is application server virtualization ?

 Ans. Application server virtualization abstracts a collection of application servers that
provide the same services as a single virtual application server by using load-balancing
strategies and providing a high-availability infrastructure for the services hosted in the
application server.

Q.7 Why operating system level virtualization is required?

Ans. :
• Operating system level virtualization provides feasible solution for hardware level
virtualization issue. It inserts a virtualization layer inside an operating system to partition a
machine's physical resources.
• It enables multiple isolated VMs within a single operating system kernel. This kind
of VM is often called a virtual execution environment (VE), Virtual Private System (VPS) or
simply container.
• From the user's point of view, virtual execution environment look like real servers.
• This means a virtual execution environment has its own set of processes, file system,
user accounts, network interfaces with IP addresses, routing tables, firewall rules etc.

Q.8 Define emulation.

Ans. : Emulation is the process of implementing the interface and functionality of one
system (or subsystem) on a system (or subsystem) having different interface and
functionality.

Q.9 List advantages of OS virtualization.

1. OS virtualization provide least overhead among all types of virtualization solution.
2. They offer highest performance and highest density of virtual environment.
3. Low resource requirements.
4. High Scalability

Q.10 Define I/O virtualization.

Ans. : I/O virtualization involves managing of the routing of I/O requests between
virtual devices and shared physical hardware. There are three ways to implement this are full
device emulation, para-VZ and direct I/O.

Q.11 what is Type 2 hypervisor?

Ans. Type 2 hypervisor is software that runs within an operating system environment.
A "guest" operating system thus runs at the third level above the hardware.

Q.12 What is Virtualization?

 Ans:Virtualization is a process that allows for more efficient utilization of physical
computer hardware and is the foundation of cloud computing.

Virtualization uses software to create an abstraction layer over computer hardware

that allows the hardware elements of a single computer—processors, memory, storage and
more—to be divided into multiple virtual computers, commonly called virtual machines
(VMs). Each VM runs its own operating system (OS) and behaves like an independent
computer, even though it is running on just a portion of the actual underlying computer
hardware.

Q.13 What are the benefits of virtualization in the context of cloud computing?

Ans:
[Link] cost of IT infrastructure
2. Users can access applications and servers remotely
3. Increase scalability
4. Reduction of system failure risk
5. Flexible data transfers

Q.14 List the disadvantages of virtualization.

Ans:
1. Exorbitant costs of implementation
2. Restraints
3. Problems with availability
4. Time-intensive
5. Threats to security
6. Problems with scalability
7. A Number of links must interact
Q.15 Define OS level, hardware- assisted and application server virtualization.

Ans:OS virtualization virtualizes hardware at the OS level to create multiple isolated

virtualized instances to run on a single system. Additionally, this process is done without the
use of a hypervisor. This is possible because OS virtualization will have the guest OS use the
same running OS as the host system.

Q.16 Why OS level virtualization is required?

Ans:OS-level virtualization is a technology that partitions the operating system to

create multiple isolated Virtual Machines (VM). An OS-level VM is a virtual execution
environment that can be forked instantly from the base operating environment. OS-level
virtualization has been widely used to improve security, manageability and availability of
today’s complex software environment, with small runtime and resource overhead, and with
minimal changes to the existing computing infrastructure.

Q.17 Define emulation.

 Ans:Emulation refers to the process of imitating or replicating the behavior of one
computer system or device on another, typically to allow the second system, known as the
host, to run software or use peripherals that were originally designed for the emulated system,
known as the guest. The goal of emulation is to create a compatible environment that mimics
the hardware and software characteristics of the original system, enabling the execution of its
applications or games.

Emulators are software programs or virtual machines that facilitate this emulation
process. They interpret the instructions and architecture of the emulated system, translating
them into a form that the host system can understand and execute. Emulation is commonly
used for various purposes, such as running legacy software on modern systems, testing
software across different platforms, or preserving and playing retro video games on
contemporary hardware.

Q.18 List the advantages of OS virtualization.

Ans:

Reduced upfront hardware and continuing operating costs.

Minimized or eliminated downtime.
Increased IT productivity and responsiveness.
Greater business continuity and disaster recovery response.
Simplified data center management.
Faster provisioning of applications and resources.

Q.19 What is mean by I/O virtualization?

Ans:I/O virtualization (IOV), or input/output virtualization, is technology that uses

software to abstract upper-layer protocols from physical connections or physical transports.
This technique takes a single physical component and presents it to devices as multiple
components. Because it separates logical from physical resources, IOV is considered an
enabling data center technology that aggregates IT infrastructure as a shared pool, including
computing, networking and storage.

Q.20 Discuss the types in virtualization hypervisor.

Ans:In virtualization, a hypervisor, also known as a Virtual Machine Monitor

(VMM), is a key component that enables the creation and management of virtual machines
(VMs). There are two main types of hypervisors: Type 1 (bare-metal) hypervisors and Type 2
(hosted) hypervisors.

type 1 hypervisor is generally more secure and stable because it does not run on top
of another operating system. Conversely, administrators use
type 2 hypervisors because they are more user-friendly. Type 2 hypervisors are
easier to install, configure, and use than bare-metal hypervisors.
 Q.21 Identify the role and benefits of virtualization in Cloud computing.

Ans:Virtualization plays a crucial role in the context of cloud computing, providing a

foundation for the efficient and flexible delivery of computing resources. Here are the key
roles and benefits of virtualization in cloud computing:

Resource Multiplication
Isolation and Security
Flexibility and Scalability
Resource Pooling and Management
Migration and Disaster Recovery
Cost Savings

Q.22 Outline the requirements of VMM.

Ans:A Virtual Machine Monitor (VMM), also known as a hypervisor, is a critical

component in virtualization technology. It facilitates the creation and management of virtual
machines (VMs) on a physical host system. The requirements of a VMM include:

Hardware Virtualization Support

Resource Management
Isolation and Security
Virtual Machine Creation and Configuration
Device Emulation
Live Migration and Mobility
Performance Monitoring and Optimization
Compatibility and Interoperability
Management Interfaces
Security Patching and Updates

Q.23 Differentiate full virtualization and para- virtualization.

Ans:

[Link]. Full Virtualization Paravirtualization

In Full virtualization, virtual machines In paravirtualization, a virtual machine does not
permit the execution of the instructions implement full isolation of OS but rather
1.
with the running of unmodified OS in provides a different API which is utilized when
an entirely isolated way. OS is subjected to alteration.
While the Paravirtualization is more secure than
2. Full Virtualization is less secure.
the Full Virtualization.
 Full Virtualization uses binary
While Paravirtualization uses hypercalls at
3. translation and a direct approach as a
compile time for operations.
technique for operations.
Full Virtualization is slow than Paravirtualization is faster in operation as
4.
paravirtualization in operation. compared to full virtualization.
Full Virtualization is more portable and Paravirtualization is less portable and
5.
compatible. compatible.
Examples of full virtualization are Examples of paravirtualization are Microsoft
6.
Microsoft and Parallels systems. Hyper-V, Citrix Xen, etc.
It supports all guest operating systems The guest operating system has to be modified
7.
without modification. and only a few operating systems support it.
The guest operating system will issue Using the drivers, the guest operating system
8.
hardware calls. will directly communicate with the hypervisor.
It is less streamlined compared to para-
9. It is more streamlined.
virtualization.
It provides less isolation compared to full
10. It provides the best isolation.
virtualization.

Q.24 Define Hypervisor and Xen Server?

Ans:
Hypervisor:
A hypervisor, also known as a Virtual Machine Monitor (VMM), is a software or
firmware layer that enables the virtualization of computer hardware. It allows multiple
operating systems (OS) to run on a single physical machine by creating and managing virtual
machines (VMs). The primary role of a hypervisor is to allocate and manage the physical
resources of the host system, such as CPU, memory, and storage, among the virtualized
environments. There are two main types of hypervisors: Type 1 (bare-metal) hypervisors,
which run directly on the hardware, and Type 2 (hosted) hypervisors, which run on top of an
existing operating system.

Xen Server:
XenServer is an open-source virtualization platform based on the Xen hypervisor. It is
developed by the Xen Project, an open-source community managed by the Linux Foundation.
XenServer provides a complete virtualization solution that allows users to create and manage
virtual machines on a host system. It supports both paravirtualization and hardware-assisted
virtualization, offering flexibility and performance optimization. XenServer includes features
such as live migration, resource pooling, and a centralized management console. While the
open-source version of XenServer is available, there is also a commercially supported version
provided by Citrix, known as Citrix Hypervisor, which includes additional features and
support services.

Q.25 What is mean by host based virtualization?

 Ans:A host-based virtualization requires additional software running on the host as a
privileged task or process. In some cases, volume management is built in to the operating
system, and in other instances it is offered as a separate product. A physical device driver
handles the volumes (LUN) presented to the host system. However, a software layer, the
logical volume manager, residing above the disk device driver intercepts the I/O requests and
provides the metadata lookup and I/O mapping.

Q.26 Define KVM?

Ans:Kernel-based Virtual Machine (KVM) is a software feature that you can install
on physical Linux machines to create virtual machines. A virtual machine is a software
application that acts as an independent computer within another physical computer. It shares
resources like CPU cycles, network bandwidth, and memory with the physical machine.
KVM is a Linux operating system component that provides native support for virtual
machines on Linux.

KVM important

High performance
Security
Stability
Cost efficiency
Flexibility

Q.27 Define CPU virtualization?

Ans:A single CPU can run numerous operating systems (OS) via CPU virtualization
in cloud computing. This is possible by creating virtual machines (VMs) that share the
physical resources of the CPU. Each Virtual Machine can’t see or interact with each other’s
data or processes.
CPU virtualization is very important in cloud computing. It enables cloud providers to
offer services like –
Virtual private servers (VPSs)
Cloud storage (EBS)
Cloud computing platforms (AWS, Azure and Google Cloud)

Q.28 Define memory virtualization?

Ans:Memory virtualization is like having a super smart organizer for your

computer brain (Running Memory -RAM). Imagine your computer brain is like a big
bookshelf, and all the apps and programs you installed or are running are like books.

Memory virtualization is the librarian who arranges these books so your computer
can easily find and use them quickly. It also ensures that each application gets a fair share
of the memory to run smoothly and prevents mess, which ultimately makes your computer
brain (RAM) more organized (tidy) and efficient.
Q.29 Define file system migration?

Ans:

1. If a file system is unmounted and remains so for a predetermined time, the system can
migrate it to a lower priority storage medium. The system automatically recalls a migrated
file system from migration storage if a mount command is issued for the file system.
2. If you plan to migrate HFS data sets, consider migrating them only to level 1 (DASD)
storage. Recalling a data set that was migrated to tape could adversely affect performance
because of the time required to physically mount the tape volume.
3. If the tape is in an automated library, then recalling it should be much faster than if the
system has to request an operator to mount it.

Q.30 What is the difference between physical cluster and virtual cluster?

Ans:A physical cluster and a virtual cluster refer to different approaches to organizing
and managing computing resources, and they have distinct characteristics. Here are the key
differences between a physical cluster and a virtual cluster:
Nature of Resources:
Physical Cluster: In a physical cluster, computing resources such as servers, storage, and
networking components are actual physical devices. Each node in the cluster is a distinct,
tangible piece of hardware.
Virtual Cluster: In a virtual cluster, computing resources are abstracted and created as
virtual instances. These virtual instances run on top of physical hardware but are not tied to
specific physical devices. They are created, managed, and manipulated through virtualization
technologies.

CCS 335 CLOUD COMPUTING

 UNIT III

VIRTUALIZATION INFRASTRUCTURE AND DOCKER

Q.1 What is storage virtualization in cloud computing?

Ans.: Storage virtualization in cloud computing is sharing physical storage into multiple
storage devices that appear as a single virtual device.

Q.2 What is networking virtualization ?

Ans.: Network virtualization refers to the technology that enables partitioning or aggregating
a collection of network resources and presenting them to various users in a way that each user
experiences an isolated and unique view of the physical network. Network virtualization creates
virtual networks whereby each application sees its own logical network independent of the physical
network.

Q.3 What is virtual desktop infrastructure ?

Ans.: Virtual desktop infrastructure is a term that refers to using a virtualized desktop that is
hosted on a virtual machine that lives on a server.

Q.4 What are the three key components of virtual desktop infrastructure ?

Ans. Three key components of virtual desktop infrastructure are host, connection broker and
end points.

Q.5 What is cloud analytics ?

Ans.: Cloud analytics is a type of cloud service model where data analysis and related
services are performed on a public or private cloud. Cloud analytics can refer to any data analytics or
business intelligence process that is carried out in collaboration with a cloud service provider.

Q.6 What is file level storage virtualization ?

Ans.: File level storage virtualization provides storage volumes to operating systems and
applications in the form of files and directories. Access to storage is through network protocols, such
as common Internet file system and network file systems. storage resources and capacity is may be
underutilized because files are bound to a specific file server. It is necessary move the file from one
server to another server.

Q.7 what is networking Virtualization.

 Ans.:Network Virtualization (NV) refers to abstracting network resources that were
traditionally delivered in hardware to software. NV can combine multiple physical networks to one
virtual, software-based network, or it can divide one physical network into separate, independent
virtual networks.

Network virtualization software allows network administrators to move virtual machines

across different domains without reconfiguring the network. The software creates a network overlay
that can run separate virtual network layers on top of the same physical network fabric.

Q.8 What is cloud analysis.

Ans.: Cloud analytics is a type of cloud service model where data analysis and related
services are performed on a public or private cloud. Cloud analytics can refer to any data analytics or
business intelligence process that is carried out in collaboration with a cloud service provider.

Q.9 What is storage virtualization in cloud computing?

Ans: Storage virtualization in cloud computing is the core element of storage servers. It
fosters the management and analysis of storage within a virtual environment. This includes helping
the storage administrator perform backups, archiving, and data recovery quickly and more
efficiently. To do this, the technology technically masks the actual intricacy of Storage Area
Networks (SANs).

Types of Storage Virtualization

Hardware-assisted virtualization
Hypervisor virtualization
Full virtualization
Kernel-level virtualization
Para-virtualization

Q.10 Define 5 types of virtualization.

Ans:Virtualization is a technology that allows multiple operating systems or applications to

run on a single physical machine, abstracting the underlying hardware and providing various benefits
such as resource optimization, flexibility, and improved manageability. Here are five types of
virtualization:

[Link] Virtualization
[Link] Virtualization
[Link] Virtualization
[Link] Virtualization
[Link] Virtualization
Q.11 List the steps involved in VM live migration.

Ans:0: Pre-migration or preparation. The target host (host A) is preselected for migration,
and the VM is made active on the client side. ...
1: Reservation. ...
2: Iterative (Repetitive) Pre-copy. ...
3: Stop-and-copy. ...
4: Commitment. ...
5: Activation.

Q.12 Differentiate containers from virtual machines.

Ans:Containers and virtual machines (VMs) are both technologies used for virtualization, but
they differ in their architectures, resource utilization, and use cases. Here are key distinctions
between containers and virtual machines:
Architecture
Resource Utilization
Isolation
Portability
Performance
Use Cases

Q.13 Define docker containers.

Ans:Docker containers are lightweight, portable, and executable software packages that
include everything needed to run a piece of software, including the code, runtime, libraries, and
system tools. Docker is a platform and toolset that simplifies the creation, deployment, and
management of containers. Containers provide a consistent and reproducible environment, allowing
developers to package applications and their dependencies into a single unit, ensuring that the
software runs consistently across various environments.

Key characteristics of Docker containers include:

Isolation
Portability
Lightweight
Efficiency
Versioning and Reproducibility
Microservices and DevOps
Docker Engine

Q.14 What is a docker image?

Ans:A Docker image is a lightweight, standalone, and executable package that includes
everything needed to run a piece of software, including the code, runtime, libraries, and system tools.
Docker images serve as the basis for Docker containers, which are instances of these images running
as isolated processes on a host system. Images provide a consistent and reproducible environment for
deploying and running applications across different environments.

Here are key characteristics and components of a Docker image:

Layered File System

Definition and Configuration
Registry and Repositories
Base Images
Immutable and Versioned
Reproducibility
Layer Caching

Q.15 How docker images are created?

Ans:Docker images are created through a process known as Docker image building. The
primary tool for building Docker images is the docker build command, and the process involves
creating a Dockerfile, specifying the necessary instructions and configurations, and then executing
the build command

Q.16 Is Docker being provides better scalability than virtual machines? Justify.

Ans:Docker containers are often considered to provide better scalability than traditional
virtual machines (VMs) in certain scenarios. Here are some reasons why Docker containers are
perceived as more scalable:

Resource Efficiency:
Faster Startup Times:
Isolation and Density:
Container Orchestration:
Microservices Architecture:

Q.17 Give the components of Docker.

Ans:Docker is a containerization platform that comprises several components working

together to enable the creation, deployment, and management of containerized applications. The
main components of Docker include:

Docker Daemon (dockerd)

Docker CLI (docker)
Docker Images
Docker Containers
Docker Compose
Docker Registry
Docker Swarm
 Docker Networking
Docker Volumes

Q.18 List the design goals for generic cloud?

Ans:Designing a generic cloud infrastructure involves addressing various requirements and

goals to ensure the system's efficiency, scalability, and reliability. The design goals for a generic
cloud typically include:

Scalability
Flexibility and Agility
Resource Optimization
Reliability and High Availability
Security
Automation and Orchestration
Interoperability and Standards Compliance
Cost Management
User Self-Service and Portals
Green Computing

Q.19 List the cloud enabling technologies?

Ans:Cloud enabling technologies are the foundational components that empower the
development, deployment, and management of cloud services. These technologies provide the
essential building blocks for creating and optimizing cloud infrastructure and applications. Here is a
list of key cloud enabling technologies:

Virtualization
Containers
Orchestration
Automation Tools
Cloud Management Platforms
Microservices Architecture
Serverless Computing
Edge Computing
Software-Defined Networking (SDN)
APIs (Application Programming Interfaces)
Blockchain

Q.20 Explain the QoS factors in cloud?

Ans:n cloud computing, Quality of Service (QoS) is a measure of the performance of a

service, such as a network or a cloud service. It's a way to assess the performance of a service and
ensure that it meets the required standards.
  QoS metrics can include things like availability, reliability, and response time.
 It's used to ensure that services are delivered at an acceptable level of performance.
How does Quality of Service (QoS) work?
Quality of Service works by setting performance targets for a service and then measuring the
service's performance against these targets.
 These targets can include things like uptime, response time, and error rates.
 QoS can be used to prioritize certain types of traffic, allocate resources, and ensure reliable
delivery of services.

Q.21 Define hardware virtualization?

Ans:Hardware Virtualization, also known as server virtualization, is a process that allows for the
creation of a virtual version of a physical server, known as a virtual machine. This is a fundamental
technology that makes cloud computing possible, as it allows multiple virtual machines to run on a single
physical machine, each with its own operating system and applications.

 Hardware virtualization allows for better utilization of resources, as multiple virtual machines
can share the resources of a single physical server.
 It provides flexibility and scalability, as new virtual machines can be created quickly and
easily, and resources can be allocated and reallocated as needed.

Q.22 Explain the storage virtualization?

Ans:Storage virtualization is a major component for storage servers, in the form of functional
RAID levels and controllers. Operating systems and applications with device can access the disks
directly by themselves for writing. The controllers configure the local storage in RAID groups and
present the storage to the operating system depending upon the configuration. However, the storage
is abstracted and the controller is determining how to write the data or retrieve the requested data for
the operating system.

Q.23 Define VM cloning?

Ans:Virtual Machine (VM) cloning refers to the process of creating an identical and
independent copy of an existing virtual machine. This copy, known as the "clone," is a replicate of
the original VM, and it shares the same configuration, operating system, installed applications, and
data as the source VM at the time of cloning. VM cloning is a common practice in virtualized
environments and provides several benefits, including:

Rapid Deployment
Consistency
Testing and Development
Backup and Recovery
 Scaling
Template Creation

Q.24 Explain runtime support service?

Ans:The term "runtime support service" typically refers to a set of tools, libraries, and
services that provide essential runtime support for executing and managing software applications.
The runtime environment is the environment in which a program or application runs during its
execution. Runtime support services play a crucial role in ensuring the proper functioning,
performance, and interaction of software during its runtime. The specific components and features of
a runtime support service may vary depending on the context, programming language, and
application requirements. Here are some key aspects of runtime support services:

Dynamic Link Libraries (DLLs) or Shared Libraries

Memory Management
Exception Handling
Concurrency and Multithreading Support
Virtual Machine and Interpreters
Runtime Libraries
Dynamic Typing and Reflection
Security Services
Profiler and Debugger Support
Environment Setup and Configuration

Q.25 Define software stack?

Ans:A stack of software is a collection of independent components which collaborate to

make application implementation easier. An OS, architectural layer, protocol, runtime environment,
database or a call functionality is included in a hierarchy. Lower levels in hierarchy frequently
interface with hardware, whereas upper levels in the hierarchy perform specific user activities and
services. Components interact with the application directly via a sequence of sophisticated
instructions that traverse the stack.

An application is made up of a collection of functions that operate together in a defined

architecture to provide certain services to the user. The most basic application architecture is made
up of three layers:
The presentation layer
The logic layer
The data layer
Q.26 Define dynamic resource deployment?

Ans:It denotes the ability for remote clients to request the upload and deployment of new
services into, or the undeployment of existing services from, existing grid containers. It is a special
case of dynamic maintenance.

Q.27 Define the provisioning of compute resources?

Ans:Provisioning is the process of creating and setting up IT infrastructure, and includes the
steps required to manage user and system access to various resources. Provisioning is an early stage
in the deployment of servers, applications, network components, storage, edge devices, and more.

Q.28 Explain the concept dynamic deployment of virtual clusters?

Ans:Dynamic deployment of virtual clusters refers to the ability to create, scale, and manage
clusters of virtual machines or containers in a flexible and automated manner based on the dynamic
demands of applications and workloads. This concept is often associated with cloud computing and
virtualization technologies, where resources are abstracted from physical hardware and can be
provisioned and de-provisioned on-demand.

key aspects and features associated with dynamic deployment of virtual clusters:

On-Demand Provisioning
Resource Scaling
Resource Optimization
Automation and Orchestration
Elasticity
Fault Tolerance and High Availability
Infrastructure as Code (IaC)
Monitoring and Management

Q.29 Explain the virtualization for data center automation?

Ans:Data centers have grown rapidly in recent years, and all major IT companies are pouring
their resources into building new data centers. In addition, Google, Yahoo!, Amazon, Microsoft, HP,
Apple, and IBM are all in the game. All these companies have invested billions of dollars in data-
center construction and automation. Data-center automation means that huge volumes of hardware,
software, and database resources in these data centers can be allocated dynamically to millions of
Internet users simultaneously, with guaranteed QoS and cost-effectiveness.

Q.30 Explain the trust management in virtual clusters?

Ans:A VMM changes the computer architecture. It provides a layer of software between the
operating systems and system hardware to create one or more VMs on a single physical platform. A
VM entirely encapsulates the state of the guest operating system running inside it. Encapsulated
machine state can be copied and shared over the network and removed like a normal file, which
proposes a challenge to VM security. In general, a VMM can provide secure isolation and a VM
accesses hard-ware resources through the control of the VMM, so the VMM is the base of the
security of a virtual system. Normally, one VM is taken as a management VM to have some
privileges such as creating, suspending, resuming, or deleting a VM.
 CCS 335 CLOUD COMPUTING

UNIT IV

CLOUD DEPLOYMENT ENVIRONMENT

Q.1 What is Amazon Web Services ?

Ans.: Amazon Web Services (AWS) is a collection of remote computing services (web
services) that together make up a cloud computing platform, offered over the Internet by
[Link]. Amazon Web Services (AWS) is a cloud computing platform from Amazon that
provides customers with a wide array of cloud services.

Q.2 What is AWS ecosystem ?

Ans.: AWS ecosystem is made up of three subsystems:

1. AWS computing services provided by Amazon.
2. Computing services provided by third parties that operate on AWS.
3. Complete applications offered by third parties that run on AWS.

Q.3 What do you understand by third party cloud services ?

Ans.: Composing service that belongs to different vendors or integrating them into existing
software systems. The service-oriented model, which is the basis of cloud computing, facilitates such
an approach and provides the opportunity for developing a new class of services that can be called
third-party cloud services.

Q.4 What is eucalyptus ?

Ans. :

• Eucalyptus stands for Elastic Utility Computing Architecture for Linking Your Programs to
Useful Systems.
• It is an open-source software framework that provides the platform for private cloud
computing implementation on computer clusters.
• Eucalyptus implements Infrastructure as a Service (IaaS) methodology for solutions in
private and hybrid clouds.
• Eucalyptus provides a platform for a single interface so that users can calculate the
resources available in private clouds and the resources available externally in public cloud services.

Q.5 List the features of eucalyptus.

Ans.: Features include:

1. Supports both Linux and Windows Virtual Machines (VMs).

2. Application program interface (API)compatible with Amazon EC2.
3. Compatible with Amazon Web Services (AWS) and Simple Storage Service (S3).
 4. Works with multiple hypervisors including VMware, Xen and KVM.
5. Can be installed and deployed from source code or DEB and RPM.

Q.6 How Virtualization employed in azure.

Ans.:An Azure virtual machine gives you the flexibility of virtualization without having to
buy and maintain the physical hardware that runs it. However, you still need to maintain the virtual
machine by performing tasks, such as configuring, patching, and installing the software that runs on
it.

Q.7 What is AWS ecosystem.

Ans.: Amazon Web Services is a cloud computing service that makes it easy to build scalable
and reliable applications, websites, and services. It makes it easy for businesses to develop, deploy
and extend their software, as well as store data.

Q.8 What is Amazon Web Services?

Ans:Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted
cloud computing platform offered by Amazon. It provides a massive range of on-demand services
over the internet, spanning:

Compute
Storage
Databases
Networking
Analytics
Security
Management Tools
Enterprise Applications

Q.9 What is AWS ecosystem?

Ans:The AWS ecosystem encompasses a vast network of elements beyond just the individual
services offered by AWS itself. It's a dynamic and interconnected space made up of several key
components:

1. AWS Services
2. AWS Marketplace
3. Independent Software Vendors (ISVs)
4. Technology Partners
5. Consulting Partners
6. Developer Community
7. Open Source Projects
Q.10 What do you understand by third party cloud services?

Ans:Third-party cloud services refer to cloud computing resources and services offered by
companies other than major hyperscalers like Amazon Web Services (AWS), Microsoft Azure, and
Google Cloud Platform (GCP). These companies provide a diverse range of cloud offerings, often
specializing in specific areas or catering to niche markets.

key characteristics

Focus on specific areas

Vertical solutions
Platform-as-a-Service (PaaS)
Software-as-a-Service (SaaS)
Flexibility and agility
Competitive pricing
Security and compliance
Limited reach

Q.11 List the issues in parallel and distributed paradigms?

Ans:Both parallel and distributed paradigms offer compelling advantages for large-scale
computing, but they are not without their challenges. Here's a breakdown of some key issues in both
paradigms:

Parallel Programming Issues:

1. Shared Memory Complexity

2. Debugging Difficulties
3. Limited Scalability
4. Algorithmic Suitability.

Distributed Programming Issues:

1. Increased Communication Overhead:

2. Fault Tolerance Complexity:
3. Network Latency and Bandwidth:
4. Security Concerns:
5. Software and Hardware Heterogeneity:

Q.12 Define SQLAzure?

 Ans:SQL Azure, now known as Azure SQL Database, is a fully managed relational database
service provided by Microsoft Azure. It offers a cloud-based platform for hosting and managing SQL
Server databases, eliminating the need to set up and maintain physical infrastructure.

Key Features:

Managed Service
Scalability
High Availability
Security
Compatibility
Multiple Deployment Options

Q.13 What is an azure queue?

Ans:In Azure, a queue refers to an Azure Queue Storage service, which provides a reliable
and scalable way to store and retrieve messages asynchronously. Think of it as a temporary holding
area for messages exchanged between different parts of your application or even different
applications.

Breakdown of what Azure queues offer:

Functionality:
Store and retrieve messages
Decoupling applications
Handling workload spikes
Reliable message delivery

Q.14 How virtualization employed in azure?

Ans:Virtualization plays a crucial role in Microsoft Azure, enabling its vast array of cloud
computing services. Here's a breakdown of how Azure employs virtualization across different levels:

1. Server Virtualization:
2. Network Virtualization:
3. Storage Virtualization:
4. Desktop Virtualization:

Q.15 List the major feature of Google App Engine. Which kind of problems can be solved
using GAE.
Ans:

Major Features of Google App Engine (GAE):

Automatic Scaling
Pay-per-use Pricing
Global and Highly Available
Secure and Reliable
Multiple Languages and Frameworks
Simple Deployment
Built-in Services
Serverless Options
Extensive Documentation and Support

Q.17 What is cloud analytics?

Ans:Cloud analytics refers to the process of storing, analyzing, and extracting actionable
insights from data using cloud computing technologies. Essentially, it leverages the scalability,
flexibility, and powerful processing capabilities of cloud platforms to unlock the potential of your
data.

key features:

Data Storage
Data Processing

Benefits of Cloud Analytics:

Scalability and flexibility

Cost-effectiveness
Accessibility
Faster insights
Collaboration
Security

Q.18 Define MapReduce?

Ans:MapReduce is a programming model and framework for processing large datasets in a
distributed and parallel fashion. It's designed to handle massive computations across clusters of
computers, making it highly scalable and efficient.

How it works:

Map Phase:
Shuffle Phase:
 Reduce Phase:

Q.19 Define iterative MapReduce?

Ans:Iterative MapReduce refers to a technique where multiple MapReduce jobs are chained
together in a sequence, with the output of one job becoming the input for the next job. This approach
allows for more complex data processing tasks that require multiple stages of analysis or refinement.

How it works:

Initial MapReduce Job

Intermediate Results
Subsequent MapReduce Jobs
Each Iteration

Q.20 Define HDFS?

Ans:HDFS (Hadoop Distributed File System) is a distributed file system designed to run on
commodity hardware. It excels at storing and managing large datasets across clusters of computers,
making it a vital component of the Apache Hadoop ecosystem for big data processing.

key features:

Architecture:
Scalability and Performance:

Q.21 List the characteristics of HDFS?

Ans:
[Link]: HDFS can be easily scaled horizontally by adding more nodes to the cluster.
This makes it ideal for storing and processing large datasets.
2. Fault Tolerance: HDFS replicates data across multiple nodes in the cluster. This ensures
that data is still available even if some nodes fail.
3. High Throughput: HDFS is designed for high-throughput data access. This means that it
can read and write data to disk very quickly.
4. Cost-Effectiveness: HDFS is designed to run on commodity hardware. This makes it a
cost-effective solution for storing and processing large datasets.
5. Large Files: HDFS is optimized for storing and processing large files. This makes it a
good choice for applications that deal with large datasets, such as log analysis, scientific computing,
and social media analysis.
6. Not Suitable for Small Files: HDFS is not well-suited for storing and processing small
files. This is because the overhead of storing and managing small files can be significant.
 7. Limited Support for Random Access: HDFS is designed for read-once, write-once use
cases. This means that it is not well-suited for applications that require random access to data.
8. Evolving Landscape: HDFS is a mature technology, but it is not the only option for
storing and processing large datasets. Newer tools and frameworks, such as Spark, offer alternative
paradigms that may be better suited for some applications.

Q.22 Explain the HDFS operations?

Common HDFS operations:

1. File Creation
2. File Reading
3. File Writing
4. File Deletion
5. Replication
6. Block Management
7. Data Integrity
8. Namespace Management
9. Security
10. High Availability
11. Federation

Q.23 Define block replication?

Ans:Block replication is a fundamental concept in distributed file systems like HDFS

(Hadoop Distributed File System) that ensures data redundancy and fault tolerance. It involves
creating multiple copies of each data block and storing them on different nodes within the cluster.

Q.24 Define heart beat in Hadoop? What are the advantages of heart beat?

Ans:The context of Hadoop, particularly Hadoop Distributed File System (HDFS), a

heartbeat refers to a signal sent by DataNodes (worker nodes) to the NameNode (master node) at
regular intervals. This signal acts as a "pulse check" to verify the liveness and health of the
DataNodes within the cluster.

Key characteristics :

Frequency:
Content.
Purpose
Monitor DataNode health:
Update block locations: .
Trigger DataNode actions: .
Q.25 Define GFS?

Ans:GFS (Google File System) is a distributed file system designed by Google to handle
massive datasets across large clusters of commodity hardware. It was developed to address the
unique challenges of storing and processing huge amounts of data within Google's search
infrastructure.

Key features of GFS:

Scalability:
Fault tolerance: .
High throughput:
Append-only writes.
Single master
Large blocks:

Q.26 Define BigTable?

Ans:BigTable is a fully managed, wide-column, and key-value NoSQL database service

offered by Google Cloud Platform. It is designed for scalability and high performance, handling large
amounts of data with low latency and high throughput.

Key features of BigTable:

Scalability
Flexibility
High Performance
Durability and Reliability
Cost-Effectiveness

Q.27 What is mean by NOSQL?

Ans:NoSQL, which stands for "not only SQL" or "non-relational", refers to a group of
database management systems that deviate from the traditional relational model used in widespread
RDBMS (relational database management systems) like MySQL or Oracle. While RDBMS excel at
structured data and complex queries, NoSQL databases offer different data storage and retrieval
mechanisms tailored for specific needs.

Key characteristics of NoSQL:

Data Models:

Flexibility
 Schema-less or Schema-flexible

Scalability and Performance:

Horizontal scaling
High Availability and Fault Tolerance

Q.28 Explain the Google’s distributed lock service?

Ans:When it comes to Google's distributed lock services, the most prominent one is Chubby,
initially introduced in 2006. However, it's important to acknowledge that Google may have other
internal distributed lock services for specific purposes.

Need to know about Chubby:

Purpose: Chubby provides coarse-grained locking and reliable storage for small files in a
loosely-coupled distributed system. It's not focused on high performance or frequent locking
scenarios.
Architecture: Chubby operates as a replicated service running on a set of servers across
different data centers. This ensures high availability and fault tolerance.
Functionality:
Locking: Chubby allows clients to acquire and release locks on files, ensuring only one client
can modify a specific resource at a time.
File Storage: Chubby offers limited but reliable storage for small files, often used for
configuration information or event notifications.
Event Notification: Clients can register for notifications when data or locks change, enabling
coordination between distributed processes.

Q.29 Define simple storage service (S3)?

Ans: Amazon Simple Storage Service (S3) is a cloud storage service offered by Amazon
Web Services (AWS) that provides object storage through a web service interface. It serves as a
reliable and scalable platform for storing and managing data of any type and size, from a few bytes to
petabytes.

Key features of S3:

Scalability
Durability and Reliability
Security
Cost-effectiveness
Flexibility
Simplicity
Q.30 Define Elastic Block Store (EBS)?

Ans:Amazon Elastic Block Store (EBS) is a block storage service offered by Amazon Web
Services (AWS) that provides persistent block-level storage for use with Amazon Elastic Compute
Cloud (EC2) instances. Essentially, it acts as a virtual hard drive for your cloud-based servers,
allowing you to store data independently of the running instance itself.

Key features of EBS:

Persistent Storage
Scalability
High Performance
Durability and Reliability
Flexibility
Security
 CCS 335 CLOUD COMPUTING

UNIT V

CLOUD SECURITY
Q.1 Define cloud security.
Ans. : Cloud computing security consists of a set of policies, controls, procedures and
technologies that work together to protect cloud-based systems, data and infrastructure. These
security measures are configured to protect data, support regulatory compliance and protect
customer's privacy as well as setting authentication rules for individual users and devices.

Q.2 Discuss the different cloud security services.

Ans.: Cloud security services are authentication, authorization, auditing and accountability.

Q.3 How security policies are implemented on cloud computing ?

Ans. : Cloud security is a shared responsibility of the cloud provider and customer.
• Step 1: Perform data classification (Statement of sensitivity);
• Step 2: Perform threat risk assessment on the solution;
• Step 3: Address threats/risks identified by implementing the proper controls;
• Step 4: Continuously monitor and periodically audit systems and services.

Q.4 What is multitenancy issue in cloud computing ?

Ans.: A multi-tenant cloud is a cloud computing architecture that allows customers to share
computing resources in a public or private cloud. Each tenant's data is isolated and remains invisible
to other tenants.

Q.5 Discuss the problem associated with cloud computing.

Ans. :
• Problem associated with cloud computing are security, integration and interoperability,
governance and regulatory compliance.
• Some governments or enterprises may need to enforce strict limits on the spatial and
temporal existence of data. For example, a government might want to keep the data of its
citizens within the country and for an exact duration.

Q.6 What do you understand by virtualization security management ?

Ans.: Virtualization security is the collective measures, procedures and processes that ensure
the protection of a virtualization infrastructure / environment. It addresses the security issues faced
by the components of a virtualization environment and methods through which it can be mitigated or
prevented.

Q.7 What is the difference between identity management and access management ?
Ans.: Identity management confirms that user are user and stores information about us. An
identity management database holds information about user identity. Access management uses the
information about our identity to determine which software suites we are allowed access to and what
we are allowed to do when we access them. For example, access management will ensure that every
manager with direct reports has access to an app for time sheet approval, but not so much access that
they can approve their own time sheets.

Q.8 What is AWS identity and access management ?

Ans.: Amazon Web Services (AWS) identity and access management is simply the IAM
system that is built into AWS. By using AWS IAM, we can create AWS users and groups and grant
or deny them access to AWS services and resources. AWS IAM is available free of charge.

Q.9 Define cloud security.

Ans.: Cloud computing security or, more simply, cloud security, refers to a broad set of
policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications,
services, and the associated infrastructure of cloud computing. It is a sub-domain of computer
security, network security, and, more broadly, information security.

Q.10 What is multitenancy issue in cloud computing.

Ans.: In cloud computing, multitenancy means that multiple customers of a cloud vendor are
using the same computing resources. Despite the fact that they share resources, cloud customers are
not aware of each other, and their data is kept totally separate.

Q.11 Define cloud security.

Ans:Cloud security, also known as cloud computing security, encompasses a broad range of
practices, technologies, and policies designed to protect data, applications, and infrastructure
deployed in a cloud environment. It aims to safeguard against unauthorized access, data breaches,
malware, and other security threats, while ensuring the ongoing availability, confidentiality, and
integrity of your cloud-based resources.
Key characteristics
Shared responsibility
Multiple layers
Dynamic and evolving

Q.12 What is multitenancy issue in cloud computing?

Ans:Multitenancy, a core concept in cloud computing, allows multiple customers to share the
same physical infrastructure. While it offers significant benefits like cost efficiency and scalability, it
also poses several potential challenges and issues:
Security Concerns:
Data Isolation.
Side-Channel Attacks
Shared Resources:

Q.13 Discuss the different cloud security services.

Ans:Cloud security services offer a diverse range of tools and solutions to protect data,
applications, and infrastructure deployed in the cloud. Depending on your specific needs and security
posture, you can choose from various services to address different aspects of cloud security. some
key categories are
Identity and Access Management (IAM)
Data Security
 Network Security
Application Security
Threat Detection and Response
Compliance and Governance

Q.14 How security policies are implemented on cloud computing?

Ans:Implementing security policies in cloud computing involves various strategies and tools,
encompassing both the cloud service provider (CSP) and the cloud user's responsibilities. Here's a
breakdown of the key aspects:
Shared Responsibility Model:
CSP Responsibility.
User Responsibility:

Q.15 Discuss the problem associated with cloud computing.

Ans:While cloud computing offers numerous benefits, it also comes with its own set of
challenges and problems. Here's a breakdown of some key issues to consider:

 Security Concerns:
 Performance and Reliability:
 Cost and Financial Considerations:
 Operational Challenges:
 Additional Issues:
 Navigating the Challenges:

Q.16 What do you understand by virtualization security management?

Ans:Virtualization security management refers to the practices, tools, and strategies used to
secure workloads and resources running in virtualized environments. It's an essential piece of the
puzzle for organizations leveraging virtualization technologies like hypervisors and containers to
increase efficiency and flexibility.

Q.17 What is the difference between identity management and access management?

Identity Management:
Focuses on: Managing user accounts, attributes, and their lifecycle within a system.
Answers the question: Who are the users accessing your system?
Access Management:
Focuses on: Managing what users can access and what actions they can perform within a
system.
Answers the question: What can users do and where can they do it?
Similarities:
Both are vital for secure systems and data protection.
Both involve user accounts and permissions.
Both may utilize similar technologies like authentication protocols and authorization
mechanisms.
Differences:
 `Scope: Identity management deals with the existence and attributes of users, while access
management deals with controlling their actions and resource access.
Focus: Identity management focuses on user data and lifecycle, while access management
focuses on resource access and permissions.
Complexity: Identity management is generally considered less complex than access
management, which often involves granular control over various resources and actions.

Q.18 Define AWS identity and access management.

Ans:AWS Identity and Access Management (IAM) is a powerful web service offered by
Amazon Web Services (AWS) that allows you to securely manage access to your AWS resources. It
essentially functions as a key controller for who can use and do what within your AWS environment.
key characteristics:
Core functionality:
Benefits of using IAM:

Q.19 Define data security and storage

Data security and storage are intricately connected concepts, both vital for protecting and
managing your valuable information. Let's delve into each separately:
Data Security:
 Focus: Safeguarding data throughout its lifecycle, from creation to deletion, against unauthorized
access, modification, or destruction.
 Key aspects:
Confidentiality:
Integrity
Availability:

Data Storage:
 Focus: Securely storing data on physical or virtual media, ensuring its durability, accessibility, and
resilience against hardware failures, disasters, or cyberattacks.
 Key aspects:
Data center security
Redundancy and disaster recovery
Storage encryption

Q.20 What are the security challenges in cloud computing?

Ans:While cloud computing offers tremendous benefits like scalability, flexibility, and cost-
effectiveness, it also presents a unique set of security challenges that organizations need to carefully
consider. Here are some key concerns:

 Shared Responsibility:
 Data Security:
 Identity and Access Management (IAM):
 Network Security:
 Operational Challenges:
  Additional Considerations:
 Mitigating the Challenges:

Q.21 List the security issues in cloud?

Ans:Data breaches: Cloud environments offer a large attack surface, making them attractive
targets for attackers. Data breaches can occur when attackers gain unauthorized access to sensitive
information, such as customer data or financial records.

 Data breach in Cloud Computing

 Misconfigurations in Cloud Computing
 Insecure APIs in Cloud Computing
 Insider threats in Cloud Computing
 Denial of service (DoS) attacks in Cloud Computing
 Shared responsibility in Cloud Computing
Q.22 Define security governance?
Ans: Security governance refers to the framework of processes, policies, and controls
organizations implement to manage and oversee their information security efforts. It's like the
compass guiding your organization's journey towards a secure IT environment.
Goals:

 Protect critical information assets from unauthorized access, modification, or destruction.

 Ensure compliance with relevant data privacy and security regulations.
 Minimize risks of cyberattacks and security incidents.
 Optimize security investments and resource allocation.

Q.23 Explain the security awareness in cloud?

Ans: Security awareness in the context of cloud computing refers to the ongoing process of
educating and engaging employees, stakeholders, and users about secure practices in a cloud
environment. It aims to promote responsible cloud usage and minimize the risk of cyber attacks and
data breaches.

Q.24 Define third party risk management?

Ans:Third-party risk management (TPRM) is a comprehensive and ongoing process of
identifying, assessing, and mitigating risks associated with outsourcing tasks or services to third-
party vendors, suppliers, partners, and contractors. Essentially, it's like running a background check
on the companies you entrust with your valuable data and operations.

Q.25 What are the layers in security architecture design?

Ans: In security architecture design, the "layers" refer to a tiered approach to securing your
IT infrastructure and data. Each layer acts as a line of defense, adding depth and resilience to your
overall security posture. Here are some common layers you might encounter, though the specific
names and order can vary:
  Perimeter Security
 Network Security
 Endpoint Security
 Application Security
 Data Security
 Cloud Security
 Incident Response

Q.26 Define VM security?

Ans: VM security, or virtual machine security, refers to the practices, tools, and strategies
used to secure workloads and resources running in virtualized environments. It's essentially a shield
protecting the "guests" inside your virtualized world.

Q.27 Explain change management?

Ans: Change management is the systematic approach to guiding individuals and
organizations through transitions or transformations. It's like building a bridge to help people
navigate from the current state to the desired future state, ensuring a smooth and successful
transformation.

Q.28 Define data privacy?

Ans: Data privacy, sometimes called information privacy, is a vital concept that focuses on
protecting personal information and ensuring individuals have control over how their data is
collected, used, and shared. It's essentially about respecting and safeguarding one's right to privacy in
the digital age.

Q.29 Define security images?

Ans: Security images" can have different meanings depending on the context. To clarify
which definition you're interested in, could you please provide some additional context or
information about what you're looking for? For example, are you thinking of:
Captcha images: These are distorted images with text or numbers used to distinguish
humans from bots during online activity.
Security cameras: These are physical cameras used for surveillance and security purposes.
Images used in authentication: Some systems might use images as part of a multi-factor
authentication process, where users need to identify specific objects or elements within an image.
Visual representations of security concepts: Sometimes, security information might be
presented as diagrams, illustrations, or other visual aids to facilitate understanding.

Q.30 What is mean by vulnerability assessment?

Ans:In cybersecurity, a vulnerability assessment is a systematic process of identifying,
classifying, and prioritizing weaknesses in an information system or application that could be
exploited by attackers to gain unauthorized access, modify data, or disrupt operations.
 Imagine it like an inspection of your IT infrastructure, searching for cracks in the walls or
weak locks on the doors. It's crucial for proactively finding and addressing vulnerabilities before they
can be exploited.

Q.31 What is mean by password assurance testing?

Ans:In the realm of cybersecurity, password assurance testing refers to a set of techniques
and processes used to evaluate the strength and security of your organization's password policies and
practices. It's like putting your organization's password security under a microscope, examining its
defenses against potential brute-force attacks, dictionary attacks, and other password cracking
methods.

Here's a breakdown of its key aspects: