Q:1 What are advantages of cloud computing?

Ans:1 The term cloud refers to a network or the internet. Cloud computing is a
technology that allows users to access and use computing resources, such as
servers, storage, databases, networking, software, and more, over the internet.
Instead of owning and maintaining physical hardware and software, users can rent
these resources from cloud service providers. It simply provides lower power
expenses, no capital costs, no redundancy, lower employee costs, increased
collaboration, etc. It makes us more efficient, more secure, and provide greater
flexibility.
Advantages of Cloud Computing :
 Scalability: Cloud computing allows organizations to easily scale their
computing resources up or down as their needs change, without having to
purchase and manage additional hardware.
 Cost Savings: Using cloud computing can be more cost-effective than
maintaining on-premises IT infrastructure, as it eliminates the need for costly
hardware, software, and maintenance expenses.
 Accessibility: Cloud computing enables remote access to applications
and data, allowing users to work from anywhere with an internet connection.
 Reliability: Cloud providers offer high levels of uptime and redundancy,
ensuring that applications and data are available even in the event of hardware
failure.
 Flexibility: Cloud computing offers a wide range of deployment options,
including public, private, and hybrid clouds, which can be tailored to meet the
unique needs of an organization.

 Mobility:Cloud computing allows us to easily access all cloud data via

mobile.

 Data security:Data security is one of the biggest advantages of cloud

computing. Cloud offers many advanced features related to security and
ensures that data is securely stored and handled.

 Low maintenance cost:Cloud computing reduces both hardware and

software maintenance costs for organizations.
Disadvantages of Cloud Computing :
 Security: Cloud computing involves sharing sensitive data with a third-
party provider, which raises concerns about data security and privacy.
 Dependence: Organizations that rely on cloud providers for their
computing infrastructure are vulnerable to service disruptions or data loss in
the event of provider outages or other issues.
 Internet Dependency: Cloud computing requires a reliable and fast
internet connection to access applications and data, which can be a challenge
in some areas.
 Technical Issues: Technical issues with cloud services, such as
compatibility problems or software bugs, can sometimes be difficult to resolve
and can result in downtime or lost productivity.
 Lack of Control: With cloud computing, organizations have limited
control over the infrastructure and services they use, which can make it
difficult to customize or optimize the environment for their specific needs.

Q:2 Different cloud service models?

Ans: 2 There are the following three types of cloud service models -

1. Infrastructure as a Service (IaaS)

2. Platform as a Service (PaaS)
3. Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
IaaS is also known as Hardware as a Service (HaaS). It is a computing
infrastructure managed over the internet. The main advantage of using IaaS is that
it helps users to avoid the cost and complexity of purchasing and managing the
physical servers.

Characteristics of IaaS
There are the following characteristics of IaaS -

 Resources are available as a service

 Services are highly scalable
 Dynamic and flexible
 GUI and API-based access
 Automated administrative tasks

Example: DigitalOcean, Linode, Amazon Web Services (AWS), Microsoft Azure,

Google Compute Engine (GCE), Rackspace, and Cisco Metacloud.

Advantages of IaaS:

1. Cost-Effective: Eliminates capital expense and reduces ongoing cost and IaaS
customers pay on a per-user basis, typically by the hour, week, or month.
2. Website hosting: Running websites using IaaS can be less expensive than
traditional web hosting.
3. Security: The IaaS Cloud Provider may provide better security than your
existing software.
4. Maintenance: There is no need to manage the underlying data center or the
introduction of new releases of the development or underlying software. This is
all handled by the IaaS Cloud Provider.
5.
The various companies providing Infrastructure as a service are Amazon web
services, Bluestack, IBM, Openstack, Rackspace, and Vmware.

Disadvantages of laaS :

1. Limited control over infrastructure: IaaS providers typically manage the

underlying infrastructure and take care of maintenance and updates, but this can
 also mean that users have less control over the environment and may not be
able to make certain customizations.
2. Security concerns: Users are responsible for securing their own data and
applications, which can be a significant undertaking.
3. Limited access: Cloud computing may not be accessible in certain regions and
countries due to legal policies.

Platform as a Service (PaaS)

PaaS cloud computing platform is created for the programmer to develop, test, run,
and manage the applications.

Characteristics of PaaS
There are the following characteristics of PaaS -

 Accessible to various users via the same development application.

 Integrates with web services and databases.
 Builds on virtualization technology, so resources can easily be scaled up or
down as per the organization's need.
 Support multiple languages and frameworks.
 Provides an ability to "Auto-scale".

Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google

App Engine, Apache Stratos, Magento Commerce Cloud, and OpenShift.

Advantages of PaaS:

1. Simple and convenient for users: It provides much of the infrastructure and
other IT services, which users can access anywhere via a web browser.
2. Cost-Effective: It charges for the services provided on a per-use basis thus
eliminating the expenses one may have for on-premises hardware and software.
3. Efficiently managing the lifecycle: It is designed to support the complete web
application lifecycle: building, testing, deploying, managing, and updating.
4. Efficiency: It allows for higher-level programming with reduced complexity
thus, the overall development of the application can be more effective.
The various companies providing Platform as a service are Amazon Web services
Elastic Beanstalk, Salesforce, Windows Azure, Google App Engine, cloud Bees
and IBM smart cloud.

Disadvantages of Paas:

1. Limited control over infrastructure: PaaS providers typically manage the

underlying infrastructure and take care of maintenance and updates, but this can
also mean that users have less control over the environment and may not be
able to make certain customizations.
2. Dependence on the provider: Users are dependent on the PaaS provider for the
availability, scalability, and reliability of the platform, which can be a risk if the
provider experiences outages or other issues.
3. Limited flexibility: PaaS solutions may not be able to accommodate certain
types of workloads or applications, which can limit the value of the solution for
certain organizations.

Software as a Service (SaaS)

SaaS is also known as "on-demand software". It is a software in which the
applications are hosted by a cloud service provider. Users can access these
applications with the help of internet connection and web browser.

Characteristics of SaaS
There are the following characteristics of SaaS -

 Managed from a central location

 Hosted on a remote server
 Accessible over the internet
 Users are not responsible for hardware and software updates. Updates are
applied automatically.
 The services are purchased on the pay-as-per-use basis

Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk, Cisco

WebEx, ZenDesk, Slack, and GoToMeeting.
Advantages of SaaS

1. Cost-Effective: Pay only for what you use.

2. Reduced time: Users can run most SaaS apps directly from their web browser
without needing to download and install any software. This reduces the time
spent in installation and configuration and can reduce the issues that can get in
the way of the software deployment.
3. Accessibility: We can Access app data from anywhere.
4. Automatic updates: Rather than purchasing new software, customers rely on a
SaaS provider to automatically perform the updates.
5. Scalability: It allows the users to access the services and features on-demand.

The various companies providing Software as a service are Cloud9 Analytics,

Salesforce.com, Cloud Switch, Microsoft Office 365, Big Commerce, Eloqua,
dropBox, and Cloud Tran.

Disadvantages of Saas :

1. Limited customization: SaaS solutions are typically not as customizable as on-

premises software, meaning that users may have to work within the constraints
of the SaaS provider’s platform and may not be able to tailor the software to
their specific needs.
2. Dependence on internet connectivity: SaaS solutions are typically cloud-based,
which means that they require a stable internet connection to function properly.
This can be problematic for users in areas with poor connectivity or for those
who need to access the software in offline environments.
3. Security concerns: SaaS providers are responsible for maintaining the security
of the data stored on their servers, but there is still a risk of data breaches or
other security incidents.
4. Limited control over data: SaaS providers may have access to a user’s data,
which can be a concern for organizations that need to maintain strict control
over their data for regulatory or other reasons.
 Difference between IaaS, PaaS, and SaaS
The below table shows the difference between IaaS, PaaS, and SaaS -

IaaS Paas SaaS

It provides a virtual data It provides virtual platforms It provides web software

center to store information and tools to create, test, and and apps to complete
and create platforms for app deploy apps. business tasks.
development, testing, and
deployment.

It provides access to resources It provides runtime It provides software as a

such as virtual machines, environments and deployment service to the end-users.
virtual storage, etc. tools for applications.

It is used by network It is used by developers. It is used by end users.

architects.

IaaS provides only PaaS provides SaaS provides

Infrastructure. Infrastructure+Platform. Infrastructure+Platform
+Software.


Q:3 Popularly used cloud computing services?

Ans:3 Cloud computing refers to the delivery of computing services, such as

storage, servers, databases, networking, software, analytics, and more, over the
cloud or the Internet on a pay-as-you-go basis. Cloud computing enables faster
innovation and economies of scale. There are many uses of cloud computing for
businesses of all sizes, types, and industries.
POPULARLY USED SERVICES OF CLOUD COMPUTING

 Infrastructure as a Service (IaaS)

Infrastructure-as-a-Service (IaaS) delivers on-demand services such as compute,

network, and storage resources to consumers over the internet on a pay-as-you-go
basis. Companies can use existing infrastructure on a pay-per-use model to save
the cost of investing to acquire, manage, and maintain an IT infrastructure.

 Platform as a Service (PaaS)

Platform-as-a-Service (PaaS) offers a comprehensive platform of hardware,

software, and infrastructure to consumers to enable them to develop, run, and
manage applications. This saves consumers from the cost and complexity of
building and maintaining that platform on-premises.

 Cloud Storage

Computer hard drives can store a finite amount of data but cloud storage enables
users to store huge volumes of data in an off-site location that you access through
the public internet or a dedicated private network connection. Cloud storage
providers host, manage, maintain, and secure the servers and related infrastructure
to ensure that you have access to the data whenever required. Cloud storage is a
cost-effective and scalable way to store, access, and retrieve your files from any
web-enabled interface.

 Software Testing and Development

On-premise testing requires building the infrastructure for testing in a local

environment which can be expensive, time-consuming, and limited by budgets and
deadlines. This can pose a competitive disadvantage for businesses. On the other
hand, cloud-based software testing and development can enable users to scale up
resources when needed without investing in the infrastructure.

Cloud-based software testing is faster, easier, and less expensive. It offers cloud
environments and infrastructure to simulate realistic user traffic scenarios. It helps
businesses measure software performance and functionality.
  Big Data Analytics

Big Data analytics refers to the complex process of examining large and diverse
data sets to find information, such as correlations, hidden patterns, market trends,
and more. The main purpose of big data analytics is to extract value from data and
improve decision-making. Big data analytics requires networks, storage, and
servers. This is why many businesses are outsourcing it to the cloud.

Cloud-based big data analytics enable businesses to perform better analysis from
large amounts of structured and unstructured data. Big data analysis using the
cloud is cheaper, flexible, and makes data integration from numerous sources
easier for businesses.

Without a doubt, cloud computing makes big data analytics simple, useful and
inexpensive. For more information, Amazon Web Services (AWS) offer several
analytics services for various use cases.

 Disaster Recovery

Traditional disaster recovery (DR) requires companies to manage a secondary data

center, which can be complex, time-consuming, expensive, and resource-intensive.
On the other hand, cloud-based disaster recovery services help businesses to
quickly recover the organization’s critical systems after a disaster. It provides them
with remote access to their systems in a secure virtual environment.

Cloud disaster recovery does not require a traditional infrastructure. It enables

faster recovery from a network of different physical locations at a much lower cost.

An example of an automated and orchestrated disaster recovery solution

is CloudEndure by AWS.
  Data Backup

Data backup is crucial for businesses of all sizes that operate with large volumes of
information. Manually backing up data is a complex and time-consuming task that
requires companies to maintain a set of drives, manually collect them, and dispatch
them to a backup facility.

Cloud-based backup, on the other hand, allows businesses to automatically

dispatch data to any location across the wire. Cloud backup is a highly efficient
and more secure alternative to traditional backup strategies.

 Social Networking

Perhaps one of the most ignored applications of cloud computing is social

networking. Platforms such as Facebook, Twitter and LinkedIn are examples of the
Software as a Service (SaaS) cloud computing model.

Social media platforms are developed to help you find people you know – or
connect with those you don’t know. They also give you many tools for sharing
information and data such as tweets, photos, instant messages and posts.

Along with cloud storage, social networking is one of the most common use cases
for consumer-driven usage of cloud services.

 9. Business process

If you are using business management applications such as Enterprise Resource

Planning (ERP) or Customer Relationship Management (CRM), you have already
incorporated cloud computing into your management strategy.

Such enterprise-level applications are deployed using software as a Service (SaaS),

which heavily relies on cloud computing models. They ensure convenient
maintenance, security and management of your business’ essential resources.
Additionally, they offer optimum efficiency to service providers and their
consumers.
Q:4 Main difference between Public,Private and hybrid clouds?

Ans:4 Differnce between three of these Clouds are given below:

Factors Public Cloud Private Cloud Hybrid Cloud

Resources are Resources are It is a combination of

shared among shared with a public and private
Resources
multiple single clouds. based on the
customers organization requirement.

Data of a single
Data of multiple Data is stored in the
organization is
organizations is public cloud, and
Tenancy stored in a
stored in the provide security in the
clouds the public
public cloud public cloud.
cloud

It can include a mix of

public cloud pay-as-you-
go pricing, and private
Pay what you Have a variety of cloud fixed pricing. It
Pay Model
used pricing models has other pricing models
such as consumption-
based, subscription-
based, etc.

Operated Third-party Specific Can be a combination of

by service provider organization both

It has scalability and

Scalability It has more It has
flexibility by allowing
and scalability and predictability
organizations to use a
Flexibility flexibility, and consistency
combination of public
 Factors Public Cloud Private Cloud Hybrid Cloud

and private cloud

services.

Can be more expensive,

but it can also be less
expensive , depending
Expensive less expensive More expensive
on the specific needs
and requirements of the
organization.

The general Restricted to a

Can be a combination of
Availability public (over the specific
both.
internet) organization

Q:5 How does Cloud Security work? what are primarily concerns?

Ans:5 Cloud Security is the technology and best practices designed to protect data
and information within a cloud architecture. Cloud security is a critical component
of any IT infrastructure strategy that uses the cloud. Cloud security ensures data
privacy and compliance around data stored in the cloud.

Private clouds, public clouds, and hybrid clouds (combinations of both private and
public cloud platforms have all grown in popularity, as well as the use of multiple
public clouds in a multi-cloud strategy. Because of cloud computing’s distributed
and dynamic nature, there are unique considerations when it comes to securing
data within the cloud.

Need of Security in the Cloud

Cloud security includes controls and process improvements that strengthen the
system, warn of potential attackers, and detect incidents when they do occur. Cloud
security considerations should also include a business continuity plan and data
backup plan in case of a security breach or other catastrophe. There are various
cloud security solutions for the public cloud, private cloud and hybrid cloud
involving a wide range of tools.

In public cloud environments, cloud security takes a shared responsibility model,

which means that the cloud provider is responsible for the security of hardware and
software, while the customer is responsible for the security of their own assets,
including virtual machines, applications, and data.

Working of Cloud Security

Cloud security encompasses a broad range of tools and practices, so there is no
single explanation for how it works. The most important function of cloud security
is to ensure that only authorized users access data stored in the cloud. Enterprises
use several tools and strategies including:

 Micro-segmentation: This security technique divides the data center

into distinct security segments down to the individual workload level.
This allows IT to define flexible security policies and minimizes the
damage attackers can cause.
 Next-generation firewalls: Smarter and more effective than a
traditional firewall, a next-generation firewall uses application-aware
filtering to keep out advanced threats.
 Data encryption: This process encodes data so that a key is needed to
decipher it, preventing sensitive data from falling into the wrong hands.
 Threat intelligence, monitoring, and prevention: These capabilities
scan all traffic to identify and block malware and other threats.

Three Cloud Security best practices

There are core best practices enterprises can deploy to ensure cloud security,
starting with ensuring visibility in the cloud architecture across the organization.
 1. Know who is responsible for each aspect of cloud security, rather than
assuming that the cloud provider will handle everything.
2. Understand how cloud architecture works to help avoid security holes due to
misconfiguration.
3. Disable unused ports and remove unnecessary processes and instances, since
all of these can contribute to vulnerabilities.

Responsibility for cloud security is shared between cloud providers (which offer a
number of security tools and services to customers) and the enterprise to which the
data belongs. There are also many third-party solutions available to provide
additional security and monitoring.

Importance of Cloud Security

Cloud computing resources are distributed and highly interdependent, so a
traditional approach to security (with an emphasis on traditional firewalls and
securing the network perimeter) is no longer sufficient for modern security needs.

Cloud Security challenges and considerations

Cloud environments are increasingly interconnected, making it difficult to
maintain a secure perimeter. While this less walled-off approach has many
advantages, it can also lead to security risks by increasing the potential attack
surface. Ideal cloud security plans enable companies to take advantage of cloud
computing benefits while also minimizing the risks.

Cloud computing creates a number of other unique security issues and challenges.
For example, t is difficult to identify users when addresses and ports are assigned
dynamically, and virtual machines are constantly being spun up. In addition,
multitenant environments in public cloud environments mean that an
organization’s data shares space with the data of other organizations. Thus, it is
important for public cloud providers to keep tenants isolated.
Primary Cloud Computing Security challenges
Three primary challenges in securing clouds include:

1. Data that passes among data centers and clouds over a public network
is vulnerable while en route, especially when there is a lack of clear
responsibility for data security at different points in the journey.
2. Multiple tenants on shared public servers bring additional security
risks. Tenants must be kept isolated to prevent unauthorized sharing of
information.
3. Security controls can differ in multi-cloud environments and hybrid
cloud environments, leaving gaps or leading to configuration confusion.

Benefits of Cloud Security

Cloud security offers a variety of benefits, including:

 Protection against attacks: A primary purpose of cloud security is to

defend enterprises against hackers and distributed denial of service (DDoS)
attacks.
 Data security: Robust cloud security also protects sensitive data with
precautions such as encryption to avoid information falling into the wrong
hands.
 Improved availability: Many cloud security services offer live monitoring
and support, which improves availability in addition to addressing security
concerns.
 Increased reliability: A thoughtful cloud security approach includes built in
redundancy, leading to a more reliable experience.
 Improved Scalability: If an attack strikes, secure cloud architecture allows
for faster disaster recovery of your most vital resources and data.
  Regulatory compliance: It can be tough to ensure that a complex cloud
architecture meets industry regulatory requirements. Cloud providers help
ensure compliance by providing security and support.

Cloud computing provides various advantages.But there are also security risks in
cloud computing.Some most common Security Risks of Cloud Computing are
given below-

 Data Loss

Data loss is the most common cloud security risks of cloud

computing. It is also known as data leakage. Data loss is the process in
which data is being deleted, corrupted, and unreadable by a user,
software, or application. In a cloud computing environment, data loss
occurs when our sensitive data is somebody else's hands, one or more
data elements cannot be utilized by the data owner, hard disk is not
working properly, and software is not updated.

 Hacked Interfaces and Insecure APIs

As we all know, cloud computing is completely depending on

Internet, so it is compulsory to protect interfaces and APIs that are
used by external users. APIs are the easiest way to communicate with
most of the cloud services. In cloud computing, few services are
available in the public domain. These services can be accessed by
third parties, so there may be a chance that these services easily
harmed and hacked by hackers.

 Data Breach

Data Breach is the process in which the confidential data is viewed,

accessed, or stolen by the third party without any authorization, so
organization's data is hacked by the hackers.

 Vendor lock-in
Vendor lock-in is the of the biggest security risks in cloud computing.
Organizations may face problems when transferring their services
from one vendor to another. As different vendors provide
differentplatforms, that can cause difficulty moving one cloud to
another.

 Increased complexity strains IT staff

Migrating, integrating, and operating the cloud services is complex for

the IT staff. IT staff must requirethe extra capability and skills to
manage, integrate, and maintain the data to the cloud.

 Spectre & Meltdown

Spectre & Meltdown allows programs to view and steal data which is
currently processed on computer. It can run on personal computers,
mobile devices, and in the cloud. It can store the password, your
personal information such as images, emails, and business documents
in the memory of other running programs.

 Denial of Service (DoS) attacks

Denial of service (DoS) attacks occur when the system receives too
much traffic to buffer the server. Mostly, DoS attackers target web
servers of large organizations such as banking sectors, media
companies, and government organizations. To recover the lost data,
DoS attackers charge a great deal of time and money to handle the
data.
  Account hijacking
Account hijacking is a serious security risk in cloud computing. It is
the process in which individual user's or organization's cloud account
(bank account, e-mail account, and social media account) is stolen by
hackers. The hackers use the stolen account to perform unauthorized
activities.

Q:6 History of Cloud Computing?

Ans:6 Before emerging the cloud computing, there was Client/Server computing
which is basically a centralized storage in which all the software applications, all
the data and all the controls are resided on the server side.

If a single user wants to access specific data or run a program, he/she need to
connect to the server and then gain appropriate access, and then he/she can do
his/her business.

Then after, distributed computing came into picture, where all the computers are
networked together and share their resources when needed.

On the basis of above computing, there was emerged of cloud computing concepts
that later implemented.

At around in 1961, John MacCharty suggested in a speech at MIT that computing

can be sold like a utility,just like a water or electricity. It was a brilliant idea, but
like all brilliant ideas, it was ahead if its time, as for the next few decades, despite
interest in the model, the technology simply was not ready for it.
But of course, time has passed and the technology caught that idea and after few
years we mentioned that:

In 1999, Salesforce.com started delivering of applications to users using a simple

website. The applications were delivered to enterprises over the Internet, and this
way the dream of computing sold as utility were true.

In 2002, Amazon started Amazon Web Services, providing services like storage,
computation and even human intelligence. However, only starting with the launch
of the Elastic Compute Cloud in 2006 a truly commercial service open to
everybody existed.

In 2009, Google Apps also started to provide cloud computing enterprise

applications.

Of course, all the big players are present in the cloud computing evolution, some
were earlier, some were later. In 2009, Microsoft launched Windows Azure, and
companies like Oracle and HP have all joined the game. This proves that today,
cloud computing has become mainstream.