0% found this document useful (0 votes)
230 views70 pages

Cloud Computing (100question's Answers)

Uploaded by

Shivam Gurjar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
230 views70 pages

Cloud Computing (100question's Answers)

Uploaded by

Shivam Gurjar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 70

UNIT- 1

CLOUD COMPUTING IMPORTANT LAST 10 YEARS QUESTION SET WITH


SOLUTION

1. What is a Cloud?

⚫ A cloud refers to a network of remote servers hosted on the internet


that store, manage, and process data rather than a local server or
personal computer.
⚫ It allows users to access data and applications online without the need
for dedicated hardware.

Q2. Define Cloud Computing.

⚫ Cloud computing is the delivery of computing services (like storage,


processing power, databases, networking, software) over the internet
("the cloud").
⚫ This model enables users to access resources on-demand, scale easily,
and pay only for what they use, avoiding the need to own and maintain
physical servers.

Q3. Explain the benefits of cloud computing.

• Cost Efficiency: No need to invest in expensive hardware or maintain


infrastructure.
• Scalability: Resources can be scaled up or down depending on
demand.
• Flexibility: Access applications and data from anywhere with an
internet connection.
• Disaster Recovery: Data is stored in multiple locations, reducing the
risk of data loss.
• Collaboration: Multiple users can work together on the same project
in real time.

Q4. Name the three basic clouds in cloud computing.

1. Public Cloud: Cloud resources are owned and operated by a third-


party provider and shared across multiple customers.
2. Private Cloud: Cloud infrastructure is used exclusively by a single
organization.
3. Hybrid Cloud: A combination of both public and private clouds,
offering greater flexibility and optimization of existing infrastructure.

Q5. What is Grid Computing?

Grid computing involves the pooling of distributed computing resources


to work on a shared task. It connects computers over a network to enable
processing power for large-scale problems, typically focusing on tasks like
scientific research, simulations, and data analysis.

Q6. What is Utility Computing?

Utility computing refers to a model where computing resources are


provided as a metered service, similar to traditional utilities like electricity
or water. Users pay based on their usage, which can scale dynamically as
demand changes.

Q7. Write about History of Cloud Computing

⚫ Cloud computing traces its roots to the 1960s when John McCarthy
suggested that computing might one day be organized as a utility.
⚫ The term “cloud computing” came into use in the early 2000s.
⚫ Amazon Web Services (AWS) launched in 2006 as one of the first
significant cloud platforms, providing scalable computing services over
the internet.
⚫ Other companies, like Google, Microsoft, and IBM, followed, and the
cloud industry rapidly expanded, evolving with innovations such as
SaaS, PaaS, and IaaS.

Q8. Write in detail about the Importance of Cloud Computing in the


current era.

Cloud computing has revolutionized how businesses and individuals


access and utilize technology. It has become essential for:

• Business Agility: Enables faster innovation and response to market


needs.
• Cost Reduction: Reduces the need for expensive hardware, servers,
and infrastructure.
• Remote Work: Facilitates collaboration and data access from
anywhere.
• Disaster Recovery & Security: Data is stored in multiple locations,
providing robust security and business continuity.
• Global Reach: Businesses can easily serve global customers without
local infrastructure.

Q9. Explain in detail about the characteristics of Cloud Computing.

• On-Demand Self-Service: Users can provision computing resources


as needed, automatically, without human intervention.
• Broad Network Access: Cloud services are available over the
network and accessible via various devices (PCs, smartphones).
• Resource Pooling: Cloud providers pool resources to serve multiple
customers using a multi-tenant model.
• Rapid Elasticity: Resources can be quickly scaled up or down to meet
demand.
• Measured Service: Resource usage is monitored, and users are billed
based on consumption.

Q10. Pros and Cons of Cloud Computing (or) Advantages and


Disadvantages of Cloud Computing.

Advantages:

• Cost-effective: Pay-per-use model minimizes upfront costs.


• Scalability: Resources scale as per business needs.
• Accessibility: Work from anywhere on any device with internet
access.
• Security: Cloud providers offer high levels of security.
• Automatic Updates: Regular updates and maintenance are handled
by the provider.

Disadvantages:

• Downtime: Service outages can affect business operations.


• Security Concerns: Storing sensitive data on the cloud raises security
and privacy concerns.
• Limited Control: Cloud users have limited control over infrastructure
and services.
• Data Transfer Costs: Transferring large amounts of data may incur
costs.
Q11.What are Key Characteristics of Cloud? (To Answer this question:
Write about Virtualization and SOA).

• Virtualization: Allows for the creation of multiple virtual instances of


servers on a single physical machine. This maximizes resource
utilization and reduces costs.
• SOA (Service-Oriented Architecture): A design principle where
applications are broken into smaller services, each responsible for a
specific task. SOA allows for modular and scalable cloud services.

Q12. What are the Key Stages in migrating to the cloud? (Answer:
Write about 3 stages -> Plan, Execute and Monitor)

• Plan: Assess current infrastructure, select the right cloud service,


and define the migration strategy.
• Execute: Implement the cloud solution, migrate data, and transition
applications.
• Monitor: Continuously monitor cloud performance, address any
issues, and optimize for cost and performance.

Q13. Types of Cloud Computing? (Private cloud, Public cloud, Hybrid


Cloud, Community Cloud)

• Private Cloud: Cloud infrastructure used exclusively by one


organization. It offers control and security, but higher costs.
• Public Cloud: Cloud resources are owned and operated by a third-
party provider and shared among multiple users. Examples include
AWS, Google Cloud, and Microsoft Azure.
• Hybrid Cloud: A combination of private and public clouds, offering
greater flexibility in managing workloads between both
environments.
• Community Cloud: Shared cloud infrastructure used by a specific
community or organization with common interests or requirements.
Q14. Write about Cloud Computing Infrastructure.

Cloud computing infrastructure includes:

• Computing Resources: Servers, storage, and network capabilities.


• Virtualization: Technology that abstracts physical resources to
provide flexible and scalable computing environments.
• Data Centers: Physical facilities that house servers, network
equipment, and storage resources.
• Cloud Management Tools: Software that helps manage, monitor,
and scale cloud resources.
Q.15 what are security services in the cloud?
Security services in the cloud are a set of tools, practices, and features offered by cloud
service providers (CSPs) to help protect data, applications, and infrastructure hosted in
the cloud from various security threats. These services are designed to ensure
confidentiality, integrity, and availability of data, as well as to help meet compliance and
regulatory requirements.
IAM allows organizations to control and manage user identities and their access to cloud
resources. It ensures that only authorized users can access specific services or data.

Encryption ensures that data is secure both in transit and at rest by converting it into
unreadable text that can only be decrypted with the correct key.
Cloud providers offer services for data encryption at different layers (file, database,
network, etc.).
Q.16 what is utility computing?
Utility computing is a model of computing where computing resources—such as
processing power, storage, and networking—are provided and billed in a manner similar
to traditional public utilities (like electricity or water). In utility computing, users pay only
for the resources they consume, rather than maintaining and managing their own
infrastructure. This on-demand, pay-as-you-go model is one of the foundational
principles behind cloud computing.
Q.17 what is virtual desktop infrastructure
Virtual Desktop Infrastructure (VDI) is a technology that enables the creation,
management, and delivery of virtualized desktop environments to users, typically hosted
in a data center or cloud. VDI allows users to access desktop environments remotely
from any device, with the desktop operating system (OS), applications, and data residing
on centralized virtual machines (VMs), rather than on physical endpoints like laptops or
desktops.
Q.18 What is encryption?
Encryption is a process used to protect data by converting it into a form that is unreadable
to anyone who does not have the correct decryption key or password. The primary purpose
of encryption is to safeguard sensitive information from unauthorized access, ensuring
confidentiality and integrity, both in transit and at rest.

In simpler terms, encryption scrambles data in a way that only authorized users (or
systems) with the correct decryption key can access the original, readable version of the
data.

Q.19 what is load balancing?


Load balancing is a technique used in computing and networking to distribute incoming
traffic (requests, data, or workloads) across multiple servers or resources to ensure no
single server becomes overwhelmed. This helps to improve the performance, reliability,
and availability of applications, websites, and services by efficiently utilizing available
resources and preventing bottlenecks.
Q20. Cloud Service Models
SaaS (Software as a Service): Software applications provided overthe internet, such as
Google Workspace, Microsoft 365.
• PaaS (Platform as a Service): Provides platforms for developers to
build, deploy, and manage applications without managing the
underlying infrastructure (e.g., Google App Engine).
• IaaS (Infrastructure as a Service): Provides virtualized computing
resources like virtual machines, networks, and storage (e.g., AWS
EC2).
• BaaS (Backend as a Service): Provides cloud-based backend services
for mobile applications.
• MaaS (Monitoring as a Service): Provides monitoring services for
cloud resources and applications.
UNIT- 2

CLOUD COMPUTING IMPORTANT LAST 10 YEARS QUESTION


SET WITH SOLUTION

Q1. What is Cloud Federation? Cloud Federation refers to the practice


of multiple cloud service providers or cloud environments (public,
private, or hybrid) coming together to share resources, information, and
services. This allows for seamless interoperability, enabling
organizations to use cloud resources across different cloud platforms.
Federation is often used for load balancing, failover, and geographic
distribution, making the overall cloud ecosystem more resilient and
scalable.
Q2. Who is a Cloud Broker or Cloud Agent?
A Cloud Broker or Cloud Agent is an intermediary entity that facilitates
the procurement, management, and integration of cloud services. The
role of a cloud broker is to provide organizations with the right
combination of cloud services, ensuring that the services selected meet
specific business needs. Cloud brokers can offer value-added services
such as service level management, cost optimization, and compliance
management across multiple cloud platforms.

Q3. What is Virtual Machine?

⚫ A virtual machine (VM) is a software-based emulation of a


physical computer.
⚫ It operates like a separate computer within a host system,
allowing users to run multiple operating systems and
applications on a single physical machine.
⚫ VMs have their own CPU, memory, storage, and network
interfaces, enabling isolation of processes and environments.
⚫ VMs are created by a hypervisor that sits on top of a physical
server.
Q4. Cloud Life Cycle Model (or Cloud Development Life Cycle)

⚫ The Cloud Development Life Cycle (CDLC) is a systematic


approach to building and deploying cloud-based
applications and services.
⚫ It consists of several stages, typically:Planning &
Requirement Analysis: Understanding the needs, objectives,
and specifications for the cloud application.
⚫ Design: Architecting the application and selecting the right
cloud model (public, private, or hybrid).
⚫ Development: Writing code, developing and testing
software components in the cloud environment.
⚫ Deployment: Deploying the application onto cloud
infrastructure.
⚫ Operations & Maintenance: Monitoring performance,
managing resources, scaling the application, and updating
software.
⚫ Decommissioning: Retiring or decommissioning the
application after its life cycle is complete.

Q5. Reference Model for Cloud Computing.

Reference Model for Cloud Computing: The Reference Model


for Cloud Computing provides a conceptual framework for
understanding the key components and functions of cloud
computing. The commonly accepted model is the NIST
(National Institute of Standards and Technology) Cloud
Computing Reference Model, which includes:

• · Cloud Consumer: The end-user or organization that


consumes cloud services.
• Cloud Provider: The entity providing cloud services.
• Cloud Broker: An intermediary that facilitates service
selection, integration, and optimization.
• Cloud Auditor: A third-party who assesses and verifies the
cloud infrastructure, services, and security.
• Cloud Carrier: The intermediary that provides network
services for cloud consumers and providers.

Q6. Explain about Cloud Governance.

Cloud Governance: Cloud Governance refers to the policies,


procedures, and tools that ensure cloud services and
operations align with organizational goals, compliance
requirements, and best practices. Key aspects of cloud
governance include:

• Security & Compliance: Ensuring that data and


applications are secure and meet regulatory requirements.
• Cost Management: Managing the financial aspects of
cloud usage, including budget controls, usage tracking,
and cost optimization.
• Resource Allocation & Management: Ensuring optimal
resource provisioning, scalability, and efficiency.
• Risk Management: Identifying, assessing, and mitigating
risks related to data privacy, availability, and cloud
security.

Q7. What is Server Virtualization?

Server Virtualization is the process of creating multiple virtual


machines (VMs) on a single physical server. This is achieved
using a hypervisor, which divides the physical resources (CPU,
RAM, storage) of the server into isolated environments. Each
virtual machine can run its own operating system and
applications, allowing for better resource utilization and easier
management. Virtualized servers also provide high availability,
scalability, and easier disaster recovery.
Q8. What is OS Virtualization?

OS Virtualization, also known as containerization, is a


technology that allows multiple isolated user-space instances
to run on a single operating system (OS). Unlike server
virtualization, which creates full virtual machines, OS
virtualization shares the host OS kernel but provides isolated
environments for applications, typically known as containers
(e.g., Docker). This approach is lightweight and efficient,
enabling faster deployment and scaling compared to traditional
VM-based virtualization.
Q9. What is Storage Virtualization?
Storage Virtualization is the abstraction of physical storage
resources to present a unified storage interface to users or
applications. It involves pooling physical storage devices (disks,
SAN, NAS, etc.) and creating logical storage units that are
independent of the physical hardware. Storage virtualization
improves efficiency by simplifying storage management,
enabling better utilization, and allowing for easier scalability
and data migration.
Q10. What is Network Virtualization?

Network Virtualization is the process of combining hardware


and software network resources and functionalities into a
single, software-based administrative entity. It abstracts the
physical network into multiple virtual networks that operate
independently. This enables efficient management,
segmentation, and automation of network resources. It
improves scalability, flexibility, and security, as virtual networks
can be tailored for specific workloads or applications.
Q11. Explain about Cloud Architecture?
Cloud Architecture refers to the various components, services, and patterns that
together create a cloud computing environment. The typical components of cloud
architecture include:

Cloud Service Models:

o IaaS (Infrastructure as a Service): Provides


virtualized computing resources over the internet,
including virtual machines, storage, and networking.
o PaaS (Platform as a Service): Offers a platform
allowing customers to develop, run, and manage
applications without dealing with infrastructure
complexities.
o SaaS (Software as a Service): Delivers software
applications over the internet on a subscription
basis.

Cloud Deployment Models:


o Public Cloud: Services are provided over the
internet and shared with other organizations.
o Private Cloud: Cloud services are dedicated to a
single organization.
o Hybrid Cloud: A combination of public and private
clouds, providing greater flexibility.

Cloud Components:

o Virtual Machines: On-demand virtualized computing


resources.
o Databases: Scalable, reliable storage services for
applications.
o Networking: Virtual networks, load balancers, and
security configurations.
o Storage: Object storage, block storage, and file
storage systems.

Cloud Security: Includes encryption, identity management,


access control, and compliance mechanisms.

Cloud Management Layer: Tools for monitoring, scaling,


provisioning, and managing cloud resources.

Cloud architecture is designed for scalability, fault tolerance,


high availability, and efficient resource utilization.
Q12. What is Virtualization? Explain in detail about the types
ofVirtualization with diagram.
Virtualization is the creation of a virtual version of something,
such as a virtual machine, operating system, storage device, or
network. Virtualization enables efficient resource utilization,
improved scalability, and isolation of workloads. It decouples
physical hardware from virtual environments, allowing multiple
virtual systems to run on a single physical machine.
Types of Virtualization:
Server Virtualization: Divides a physical server into multiple
virtual servers (VMs) using a hypervisor.
Example: VMware ESXi, Microsoft Hyper-V, Xen.
Operating System (OS) Virtualization: Allows multiple isolated
environments (containers) to run on a single OS kernel.
Example: Docker, Kubernetes.

Storage Virtualization: Combines multiple storage devices into a


single virtual storage pool.
Example: IBM SAN Volume Controller, NetApp Storage
Virtualization.

Network Virtualization: Splits a physical network into multiple


virtual networks.
Example: VMware NSX, Cisco ACI.

Application Virtualization: Allows applications to run on different


systems without being installed on them.
Example: Microsoft App-V, Citrix XenApp.

Q13 What is VM network routing?


VM network routing refers to the process of directing network traffic between
virtual machines (VMs), virtual networks, and external networks in a virtualized
environment. In a typical virtualized infrastructure, multiple VMs can exist on a
single physical host, and they often need to communicate with each other, with
the host, or with external networks like the internet or other segments of the
data center network. Routing ensures that traffic is properly directed to its
destination within this complex virtual environment.

Q14 Give some examples of Web 2.0 applications.


Web 2.0 refers to the second generation of the World Wide Web, where
websites and applications moved from static pages to more dynamic,
interactive, and user-centric experiences. Web 2.0 applications emphasize
collaboration, sharing, social interaction, and user-generated content. Below
are some well-known examples of Web 2.0 applications that demonstrate these
characteristics:
1. Social Media Platforms:

• Facebook: A social networking site that allows users to create profiles,


share content (photos, videos, status updates), interact with friends, and
engage in discussions. It's a prime example of a Web 2.0 application
focused on social interaction and user-generated content.
• Twitter: A microblogging platform where users can share short posts
(tweets) and follow other users for updates, news, and discussions. It
emphasizes real-time communication and content sharing.
• Instagram: A photo and video-sharing platform that enables users to share
visual content, follow others, like and comment on posts, and engage with
a global community.
• TikTok: A short-form video sharing platform that allows users to create,
share, and engage with user-generated videos, often centered around
trends, music, and creative content.

2. Content Sharing Platforms:

• YouTube: A video-sharing platform where users can upload, view, and


interact with videos by liking, commenting, and sharing. YouTube also
allows content creators to monetize their videos, demonstrating the
participatory nature of Web 2.0.
• Flickr: A photo-sharing platform that lets users upload and share images,
organize them into albums, and engage with other photographers through
comments and group collaborations.
• Video: Similar to YouTube, Vimeo is a video-sharing platform known for
higher-quality video content and its focus on artistic and professional
video creators.

Q15 Explain Grid Computing.


Grid computing is a distributed computing model that enables the pooling and
sharing of computational resources (such as processing power, storage, and
data) across a network to work together on complex tasks. It leverages the
unused or underutilized resources of multiple computers (often spread across
different locations) to form a "virtual supercomputer" that can tackle large-scale
problems or perform computations that would be impossible or inefficient for a
single machine to handle.
Q16 What are the major challenges faced in cloud?
Cloud computing has revolutionized the way organizations and
individuals access and manage computing resources, offering benefits
like flexibility, scalability, and cost efficiency. However, despite these
advantages, cloud computing faces several significant challenges.
Here are some of the major challenges faced in cloud computing:
Security and Privacy:

• Data Security: Storing data in the cloud raises concerns about data
breaches, unauthorized access, and data loss. Cloud service providers must
implement robust security measures to protect sensitive data from
cyberattacks.
• Data Privacy: Since cloud resources are often shared among multiple
customers, data privacy is a concern, especially when dealing with
personally identifiable information (PII) or confidential corporate data.
• Compliance: Organizations are required to comply with various
regulatory frameworks (e.g., GDPR, HIPAA) when storing data in the
cloud. Ensuring that the cloud provider meets these compliance standards
can be a challenge.
• Shared Responsibility Model: In a cloud environment, the responsibility
for security is shared between the cloud provider and the customer.
Misunderstanding of this model can lead to gaps in security.

Q17 Illustrate the cloud adoption discussing its several policies.


Cloud adoption refers to the process of transitioning an organization's
computing infrastructure, applications, and data to the cloud, or incorporating
cloud-based services into its existing IT strategy. Cloud adoption can be a
complex process, and organizations must develop policies to guide and govern
this transition. These policies ensure the cloud adoption process is smooth,
secure, cost-effective, and compliant with relevant laws and regulations.

In this context, cloud adoption policies refer to a set of guidelines, best


practices, and strategies that an organization implements to manage the shift to
cloud computing, addressing areas such as governance, security, cost
management, and compliance.

Q18 What is a Hypervisor?


A hypervisor is a software, firmware, or hardware-based platform that creates
and manages virtual machines (VMs). It is the key technology behind
virtualization, enabling multiple operating systems (OSes) to run simultaneously
on a single physical machine. The hypervisor abstracts the hardware resources
of the host machine, allocating portions of the physical system's CPU, memory,
storage, and network to each virtual machine (VM).
Q19 How Cloud Computing provides scalability and fault tolerance?
Cloud computing provides scalability and fault tolerance through the design
and architecture of its infrastructure, offering a flexible, resilient, and reliable
environment for applications. These two critical features ensure that cloud-based
systems can handle growing demand and remain operational even in the face of
hardware or software failures. Here’s how cloud computing achieves scalability
and fault tolerance:
Scalability in Cloud Computing:

Scalability refers to the ability of a system to handle increasing loads or demands


by adjusting resources in an efficient and cost-effective manner. Cloud
computing provides two types of scalability:

a. Vertical Scalability (Scale-Up):

• Definition: Vertical scaling involves adding more resources (CPU,


memory, storage) to an existing instance (e.g., virtual machine or server)
to increase its capacity.
• How Cloud Achieves It:
o Dynamic Resource Allocation: Cloud platforms, like Amazon
EC2, Google Compute Engine, and Azure Virtual Machines,
allow users to change the size of a VM based on the demand. For
example, you can scale up by adding more CPUs or increasing
memory to a VM with minimal downtime.
o Auto-scaling Features: Some cloud services offer auto-scaling
features where resources are automatically added or removed
depending on the load. For instance, if a web application is
experiencing a spike in traffic, the cloud provider will dynamically
allocate more CPU or memory to handle the demand, and later
reduce resources when traffic normalizes.
o Example: A database instance might be upgraded from a smaller
instance type to a larger one to accommodate more database queries
during peak usage.

Q20 What is the importance of a virtual machine?


A Virtual Machine (VM) is a software-based emulation of a physical computer
that runs an operating system and applications just like a physical computer
would. Virtualization technology enables the creation of multiple VMs on a
single physical host machine, each with its own operating system (OS),
resources, and applications. The importance of virtual machines in modern
computing, particularly in cloud environments, data centers, and enterprise IT, is
immense. Here are some key reasons why VMs are crucial:
1. Resource Efficiency and Cost Savings:

• Consolidation of Resources: Virtualization allows multiple VMs to run


on a single physical machine, enabling more efficient use of hardware
resources. For example, a single server can host several VMs with
different operating systems, leading to better CPU, memory, and storage
utilization.
• Cost Savings: By running multiple VMs on a single physical machine,
organizations can reduce the need for additional hardware, which leads to
significant savings in hardware acquisition, energy consumption, and
physical space. This also reduces the costs related to maintenance and
cooling.
• Example: A data center that runs multiple VMs on a few physical servers
can save substantial money by minimizing the need for purchasing and
maintaining physical servers.

2. Isolation and Security:

• Isolation of Environments: Each VM is isolated from others, meaning


that if one VM encounters issues (e.g., crashes or is compromised by a
security breach), the other VMs remain unaffected. This isolation is key to
preventing one faulty or malicious VM from impacting others.
• Security Benefits: Because VMs are isolated from each other, sensitive
data or applications running on one VM can be protected from threats
originating from another VM. This is particularly useful for testing new
software or running legacy applications in a sandboxed environment.

3. Flexibility and Portability:

• Multiple Operating Systems: Virtual machines allow users to run


multiple operating systems on a single physical machine, such as running
Windows and Linux on the same physical server. This is particularly
beneficial for developers, testers, and IT administrators who need to work
with different OS environments.
• Portability: VMs are portable; you can easily move them from one
physical host to another, whether it’s for load balancing, disaster recovery,
or maintaining system availability. Moving a VM from one server to
another is much faster and simpler compared to physically migrating
hardware.
UNIT-3
Q.1 List the five characteristics of cloud computing.
Characteristics of Cloud Computing
There are many characteristics of Cloud computing here are few of them:
1. On-demand self-services: The Cloud computing services does not require any human
administrators, user themselves are able to provision, monitor and manage computing
resources as needed.
2. Broad network access: The Computing services are generally provided over standard
networks and heterogeneous devices.
3. Rapid elasticity: The Computing services should have IT resources that are able to scale
out and in quickly and on a need basis. Whenever the user require services it is provided to
him and it is scale out as soon as its requirement gets over.
4. Resource pooling: The IT resource (e.g., networks, servers, storage, applications, and
services) present are shared across multiple applications and occupant in an uncommitted
manner. Multiple clients are provided service from a same physical resource.
5. Measured service: The resource utilization is tracked for each application and occupant, it
will provide both the user and the resource provider with an account of what has been used.
This is done for various reasons like monitoring billing and effective use of resource.

Q. 2 what is Layered Cloud Architecture Design

It is possible to organize all the concrete realizations of cloud computing into a layered view
covering the entire, from hardware appliances to software systems. All of the physical
manifestations of cloud computing can be arranged into a layered picture that encompasses
anything from software systems to hardware appliances. Utilizing cloud resources can provide the
“computer horsepower” needed to deliver services. This layer is frequently done utilizing a data
center with dozens or even millions of stacked nodes. Because it can be constructed from a range
of resources, including clusters and even networked PCs, cloud infrastructure can be
heterogeneous in character. The infrastructure can also include database systems and other storage
services. The core middleware, whose goals are to create an optimal runtime environment for
applications and to best utilize resources, manages the physical infrastructure. Virtualization
technologies are employed at the bottom of the stack to ensure runtime environment modification,
application isolation, sandboxing, and service quality. At this level, hardware virtualization is most
frequently utilized. The distributed infrastructure is exposed as a collection of virtual computers
via hypervisors, which control the pool of available resources. By adopting virtual machine
technology, it is feasible to precisely divide up hardware resources like CPU and memory as well
as virtualize particular devices to accommodate user and application needs.

Q. 3 Illustrate NIST Cloud computing reference architecture in details.

NIST Cloud Computing reference architecture defines five major performers:

• Cloud Provider
• Cloud Carrier
• Cloud Broker
• Cloud Auditor
• Cloud Consumer

Each performer is an object (a person or an organization) that contributes to a transaction or

Method and/or performs tasks in Cloud computing. There are five major actors defined in the
NIST cloud computing reference architecture, which are described below:
Cloud Provider:

A group or object that delivers cloud services to cloud consumers or end-users. It offers various
components of cloud computing. Cloud computing consumers purchase a growing variety of cloud
services from cloud service providers. There are various categories of cloud-based services
mentioned below:

• IaaS Providers: In this model, the cloud service providers offer infrastructure components
that would exist in an on-premises data center. These components consist of servers,
networking, and storage as well as the virtualization layer.
• SaaS Providers: In Software as a Service (SaaS), vendors provide a wide sequence of
business technologies, such as Human resources management (HRM) software, customer
relationship management (CRM) software, all of which the SaaS vendor hosts and provides
services through the internet.
• PaaS Providers: In Platform as a Service (PaaS), vendors offer cloud infrastructure an
services that can access to perform many functions. In PaaS, services and products are
mostly utilized in software development. PaaS providers offer more services than IaaS
providers. PaaS providers provide operating system and middleware along with application
stack, to the underlying infrastructure

Cloud Auditor: An entity that can conduct independent assessment of cloud services, security,
performance, and information system operations of the cloud implementations. The services that
are provided by Cloud Service Providers (CSP) can be evaluated by service auditors in terms of
privacy impact, security control, and performance, etc. Cloud Auditor can make an assessment of
the security controls in the information system to determine the extent to which the controls are
implemented correctly, operating as planned and constructing the desired outcome with respect to
meeting the security necessities for the system. There are three major roles of Cloud Auditor which
are mentioned below:
• Security Audit.
• Privacy Impact Audit.
• Performance Audit.
Q. 4 what is meant by on-demand provisioning? State its purpose in cloud
Resource Provisioning means the selection, deployment, and run-time management of software
(e.g., database server management systems, load balancers) and hardware resources (e.g., CPU,
storage, and network) for ensuring guaranteed performance for applications. By provisioning the
resources, the QoS parameters like availability, throughput, security, response time, reliability,
performance etc must be achieved without violating SLA.
Q. 5 what do you mean by cloud storage? Describe its types.
Cloud Storage as a Service (STaaS) provides on-demand storage resources over the internet. It abstracts the
complexities of storage infrastructure, offering a scalable and costeffective solution for storing and managing data.
Advantages of Cloud Storage:
Scalability:
Cloud storage can easily scale up or down based on demand, allowing organizations to
Pay for only the storage they use.
Cost Efficiency:
Organizations can avoid the upfront costs of purchasing and maintaining physical
Hardware, paying only for the storage resources consumed.
Accessibility:
Data stored in the cloud can be accessed from anywhere with an internet connection,
Facilitating remote access and collaboration.
Redundancy and Reliability:
Cloud storage providers often implement redundant storage mechanisms, ensuring data
Durability and high availability.
Data Security:
Cloud storage services implement robust security measures, including encryption and
access controls, to protect stored data.
Automatic Updates and Maintenance:
Cloud storage providers handle infrastructure updates and maintenance, relieving users
from these operational tasks.
Key Features of Amazon S3:
Object Storage: Amazon S3 allows users to store and retrieve any amount of data as objects,
each consisting of data, a key, and metadata.
Scalability: S3 provides virtually unlimited storage capacity, and it scales automatically to handle
growing amounts of data.
Data Durability and Availability: S3 achieves high durability by storing data across multiple
locations and availability zones, ensuring high availability and reliability.
Security Features: S3 supports data encryption in transit and at rest, access control policies, and
integration with AWS Identity and Access Management (IAM) for fine-grained access control.

Q. 6 what is Community Cloud.


It allows systems and services to be accessible by a group of organizations. It is a distributed
system that is created by integrating the services of different clouds to address the specific needs
of a community, industry, or business. The infrastructure of the community could be shared
between the organization which has shared concerns or tasks. Itis generally managed by a third
party or by the combination of one or more organizations in the community.
Advantages of the Community Cloud Model
• Cost Effective: It is cost-effective because the cloud is shared by multiple organizations or
communities.
• Security: Community cloud provides better security. Shared resources: It allows you to
share resources, infrastructure, etc. with multiple organizations.
• Collaboration and data sharing: It is suitable for both collaboration and data sharing.
Disadvantages of the Community Cloud Model
• Limited Scalability: Community cloud is relatively less scalable as many organizations
• Share the same resources according to their collaborative interests.
• Rigid in customization: As the data and resources are shared among different organizations
according to their mutual interests if an organization wants some changes according to their
needs they cannot do so because it will have an impact on other organizations.
Q. 7 where is cloud computing mostly used?
Organizations of every type, size, and industry are using the cloud for a wide variety of use cases,
such as data backup, disaster recovery, email, virtual desktops, software development and
testing, big data analytics, and customer-facing web applications. For example, healthcare
companies are using the cloud to develop more personalized treatments for patients. Financial
services companies are using the cloud to power real-time fraud detection and prevention. And
video game makers are using the cloud to deliver online games to millions of players around the
world.

Q. 8 Describe the Benefits of Cloud Computing Architecture.


• Makes overall cloud computing system simpler.
• 2. Improves data processing requirements.
• 3. Helps in providing high security.
• 4. Makes it more modularized.
• Results in better disaster recovery.
• Gives good user accessibility.
• Reduces IT operating costs.
• Provides high level reliability.

• Scalability.

Q.9 Explain Infrastructure Layer


• It is a layer of virtualization where physical resources are divided into a collection of virtual
resources using virtualization technologies like Xen, KVM, and VMware.
• This layer serves as the Central Hub of the Cloud Environment, where resources are
constantly added utilizing a variety of virtualization techniques.
• A base upon which to create the platform layer. Constructed using the virtualized
network, storage, and computing resources. Give users the flexibility they want.
• Automated resource provisioning is made possible by virtualization, which also improves
infrastructure management.
• The infrastructure layer sometimes referred to as the virtualization layer, partitions the
physical resources using virtualization technologies like Xen, KVM, Hyper-V, and VMware
to create a pool of compute and storage resources.
Q.10 Describe Datacenter Layer
I. In a cloud environment, this layer is responsible for Managing Physical Resources such as
servers, switches, routers, power supplies, and cooling systems.
II. Providing end users with services requires all resources to be available and managed in
data centers.
III. Physical servers connect through high-speed devices such as routers and switches to the
data center.
IV. In software application designs, the division of business logic from the persistent data it
manipulates is well-established. This is due to the fact that the same data cannot be
incorporated into a single application because it can be used in numerous ways to support
numerous use cases. The requirement for this data to become a service has arisen with
the introduction of micro services.
V. A single database used by many micro services creates a very close coupling. As a result,
it is hard to deploy new or emerging services separately if such services need database
modifications that may have an impact on other services. A data layer containing many
databases, each serving a single micro service or perhaps a few closely related micro
services, is needed to break complex service interdependencies.

Q.11 what is public cloud


The public cloud makes it possible for anybody to access systems and services. The public cloud
may be less secure as it is open to everyone. The public cloud is one in which cloud infrastructure
services are provided over the internet to the general people or major industry groups. The
infrastructure in this cloud model is owned by the entity that delivers the cloud services, not by
the consumer. It is a type of cloud hosting that allows customers and users to easily access
systems and services. This form of cloud computing is an excellent example of cloud hosting, in
which service providers supply services to a variety of customers. In this arrangement, storage
backup and retrieval services are given for free, as a subscription, or on a per-user basis. For
example, Google App Engine etc.
Advantages of the Public Cloud Model
• Minimal Investment: Because it is a pay-per-use service, there is no substantial upfront
fee, making it excellent for enterprises that require immediate access to resources.
• No setup cost: The entire infrastructure is fully subsidized by the cloud service providers,
thus there is no need to set up any hardware.
• Infrastructure Management is not required: Using the public cloud does not necessitate
infrastructure management.
• No maintenance: The maintenance work is done by the service provider (not users).
• Dynamic Scalability: To fulfill your company’s needs, on-demand resources are
accessible

Q.12 what is private cloud


The private cloud deployment model is the exact opposite of the public cloud deployment model.
It’s a one-on-one environment for a single user (customer). There is no need to share your
hardware with anyone else. The distinction between private and public clouds is in how you
handle all of the hardware. It is also called the “internal cloud” & it refers to the ability to access
systems and services within a given border or organization. The cloud platform is implemented
in a cloud-based secure environment that is protected by powerful firewalls and under the
supervision of an organization’s IT department. The private cloud gives greater flexibility of
control over cloud resources.
Advantages of the Private Cloud Model
• Better Control: You are the sole owner of the property. You gain complete command
• over service integration, IT operations, policies, and user behavior.
• Data Security and Privacy: It’s suitable for storing corporate information to which only
• authorized staff have access. By segmenting resources within the same infrastructure,
• improved access and security can be achieved.
• Supports Legacy Systems: This approach is designed to work with legacy systems that
• are unable to access the public cloud.
• Customization: Unlike a public cloud deployment, a private cloud allows a company to
• tailor its solution to meet its specific needs.
Q.13 Describe Hybrid Cloud.
By bridging the public and private worlds with a layer of proprietary software, hybrid cloud
computing gives the best of both worlds. With a hybrid solution, you may host the app in a safe
environment while taking advantage of the public cloud’s cost savings. Organizations can move
data and applications between different clouds using a combination of two or more cloud
deployment methods, depending on their needs.

Advantages of the Hybrid Cloud Model


• Flexibility and control: Businesses with more flexibility can design personalized solutions
that meet their particular needs.
• Cost: Because public clouds provide scalability, you’ll only be responsible for paying for
the extra capacity if you require it.

• Security: Because data is properly separated, the chances of data theft by attackers are
considerably reduced
Q.14 Explain the PLATFORM AS A SERVICE (PAAS)
Platform as a Service (PaaS) is a type of cloud computing that helps developers to build
applications and services over the Internet by providing them with a platform. PaaS helps in
maintaining control over their business applications.

Advantages of PaaS

• PaaS is simple and very much convenient for the user as it can be accessed via a web
browser.
• PaaS has the capabilities to efficiently manage the lifecycle.

Disadvantages of PaaS

• PaaS has limited control over infrastructure as they have less control over the
environment and are not able to make some customizations.
• PaaS has a high dependence on the provider.

Q.15 what do you mean by Cloud Broker:

An organization or a unit that manages the performance, use, and delivery of cloud services by
enhancing specific capability and offers value-added services to cloud consumers. It combines
and integrates various services into one or more new services. They provide service arbitrage
which allows flexibility and opportunistic choices. There are major three services offered by a
cloud broker:

• Service Intermediation.
• Service Aggregation.
• Service Arbitrage.

Q.16 Describe Cloud Consumer:


A cloud consumer is the end-user who browses or utilizes the services provided by Cloud Service
Providers (CSP), sets up service contracts with the cloud provider. The cloud consumer pays per
use of the service provisioned. Measured services utilized by the consumer. In this, a set of
organizations having mutual regulatory constraints performs a security and risk assessment for
each use case of Cloud migrations and deployments. Cloud consumers use Service-Level
Agreement (SLAs) to specify the technical performance requirements to be fulfilled by a cloud
provider. SLAs can cover terms concerning the quality of service, security, and remedies for
performance failures. A cloud provider may also list in the SLAs a set of limitations or boundaries,
and obligations that cloud consumers must accept. In a mature market environment, a cloud
consumer can freely pick a cloud provider with better pricing and more favorable terms. Typically,
a cloud provider’s public pricing policy and SLAs are non-negotiable, although a cloud consumer
who assumes to have substantial usage might be able to negotiate for better contracts.

Q.17 what do you mean by SOFTWARE AS A SERVICE (SAAS)


Software as a Service (SaaS) is a type of cloud computing model that is the work of delivering
services and applications over the Internet. The SaaS applications are called Web- Based Software
or Hosted Software. SaaS has around 60 percent of cloud solutions and due to this, it is mostly
preferred by companies.

Advantages of SaaS

• SaaS can access app data from anywhere on the Internet.


• SaaS provides easy access to features and services.
Disadvantages of SaaS

• SaaS solutions have limited customization, which means they have some restrictions
within the platform.
• SaaS has little control over the data of the user.
• SaaS are generally cloud-based, they require a stable internet connection for proper working

Q.18 Explain the Challenges of Cloud Provisioning.


Complex management: Cloud providers have to use various different tools and techniques to
actively monitor the usage of resources Policy enforcement: Organizations have to ensure that
users are not able to access the resources they shouldn’t. Cost: Due to automated provisioning
costs may go very high if attention isn’t paid to placing proper checks in place. Alerts about
reaching the cost threshold are required.

Tools for Cloud Provisioning:

• Google Cloud Deployment Manager


• IBM Cloud Orchestrator
• AWS CloudFormation
• Microsoft Azure Resource Manager

Q.19 what is Security in Cloud Computing?


Cloud computing which is one of the most demanding technology of the current time, starting
from small to large organizations have started using cloud computing services. Where there are
different types of cloud deployment models are available and cloud services are provided as per
requirement like that internally and externally security is maintained to keep the cloud system
safe. Cloud computing security or cloud security is an important concern which refers to the act
of protecting cloud environments, data, information and applications against unauthorized
access, DDOS attacks, malwares, hackers and other similar attacks. Community Cloud: These
allow to a limited set of organizations or employees to access a shared cloud computing service
environment.

Q.20 Describe the Security Issues in Cloud Computing.


There is no doubt that Cloud Computing provides various Advantages but there are also some
Security issues in cloud computing. Below are some following Security Issues in Cloud Computing
as follows.

1. Data Loss –

Data Loss is one of the issues faced in Cloud Computing. This is also known as Data Leakage. As
we know that our sensitive data is in the hands of somebody else, and we don’t have full control
over our database. So, if the security of cloud service is to break by hackers then it may be
possible that hackers will get access to our sensitive data or personal files.

2. Interference of Hackers and Insecure API’s –


As we know, if we are talking about the cloud and its services it means we are talking about the
Internet. Also, we know that the easiest way to communicate with Cloud is using API. So it is
important to protect the Interface’s and API’s which are used by an external user. But also in
cloud computing, few services are available in the public domain which are the vulnerable part
of Cloud Computing because it may be possible that these services are accessed by some third
parties. So, it may be possible that with the help of these services hackers can easily hack or harm
our data.

3. User Account Hijacking –

Account Hijacking is the most serious security issue in Cloud Computing. If somehow the Account
of User or an Organization is hijacked by a hacker then the hacker has full authority to perform

Unauthorized Activities.

4. Changing Service Provider –


Vendor lock-In is also an important Security issue in Cloud Computing. Many organizations will
face different problems while shifting from one vendor to another. For example, An Organization
wants to shift from AWS Cloud to Google Cloud Services then they face various problems like
shifting of all data, also both cloud services have different techniques and functions, so they also
face problems regarding that. Also, it may be possible that the charges of AWS are different from
Google Cloud, etc.
UNIT – IV
Resource Management and Security in Cloud

1. What is Resource Management in Cloud Computing?

Answer:
Resource management in cloud computing involves efficiently allocating, monitoring, and
optimizing cloud resources (like computing power, storage, and network bandwidth) to ensure
that applications run smoothly and cost-effectively. It includes provisioning, scaling, and
deallocating resources based on demand.

2. Why is Cloud Security Important?

Answer:
Cloud security is essential to protect data, applications, and services hosted in the cloud from
cyber threats, data breaches, and unauthorized access. It ensures confidentiality, integrity, and
availability of sensitive information, preventing loss and reputational damage.

3. What are Common Cloud Security Threats?

Answer:
Common cloud security threats include data breaches, loss of data control, insecure APIs, denial-
of-service attacks, and misconfigurations. These vulnerabilities can lead to unauthorized access,
data loss, and disruption of services.

4. What is the Shared Responsibility Model in Cloud Security?

Answer:
The Shared Responsibility Model defines the security responsibilities of both the cloud provider
and the customer. The provider secures the infrastructure, while the customer is responsible for
securing their data, applications, and access controls within the cloud environment.

5. What is Identity and Access Management (IAM) in Cloud?

Answer:
IAM in the cloud is a framework used to control and manage user access to cloud resources. It
UNIT – IV
Resource Management and Security in Cloud
ensures that only authorized users have appropriate access levels to applications and data,
improving security and reducing the risk of unauthorized access.

6. What is Auto-Scaling in Cloud Computing?

Answer:
Auto-scaling in cloud computing automatically adjusts the number of active resources (such as
servers or VMs) based on current demand. This ensures optimal resource usage, reduces costs,
and prevents system overloads during peak usage times.

7. How can Cloud Resource Usage be Optimized?

Answer:
Cloud resource usage can be optimized by using auto-scaling, load balancing, resource allocation
strategies, and monitoring tools to track performance. Additionally, choosing cost-effective
service tiers and rightsizing resources based on actual usage helps reduce wastage.

8. What is Encryption in Cloud Security?

Answer:
Encryption in cloud security is the process of converting data into an unreadable format to
prevent unauthorized access. It is applied to data both in transit (while being transferred) and at
rest (while stored) to protect sensitive information.

9. What Role Does Monitoring Play in Cloud Security?

Answer:
Monitoring in cloud security involves continuously observing cloud resources and activities for
anomalies, unauthorized access, or performance issues. It helps detect potential threats early,
ensuring timely responses to mitigate risks.
UNIT – IV
Resource Management and Security in Cloud
10. What is a Cloud Access Security Broker (CASB)?

Answer:
A CASB is a security tool that acts as an intermediary between users and cloud services,
enforcing security policies. It helps organizations monitor and control cloud service usage,
ensuring data security, compliance, and preventing unauthorized access.

11. What do you mean by third party cloud services? Give


suitable examples
Third-party cloud services refer to cloud computing services provided by an external vendor or
organization that is not the primary business entity using the service. These services allow
companies or individuals to outsource their IT infrastructure, platform, or software needs to
specialized providers.

Instead of managing hardware or software in-house, users rely on these third-party providers to
deliver scalable, on-demand resources over the internet.

Examples of Third-Party Cloud Services:

1. Infrastructure as a Service (IaaS):

• Provides virtualized computing resources like servers, storage, and networks.


• Examples:
o Amazon Web Services (AWS): Offers services like EC2 (virtual servers) and S3
(object storage).
o Microsoft Azure: Provides virtual machines, blob storage, and networking.
o Google Cloud Platform (GCP): Offers Compute Engine, Cloud Storage, and
more.

2. Platform as a Service (PaaS):

• Offers a platform for developers to build, test, and deploy applications without managing
the underlying infrastructure.
• Examples:
o Heroku: A platform for building, running, and scaling apps.
o Google App Engine: A managed platform for app development.
o Microsoft Azure App Service: For web and mobile app development.

3. Software as a Service (SaaS):

• Provides ready-to-use software applications over the internet.


UNIT – IV
Resource Management and Security in Cloud
• Examples:
o Google Workspace (formerly G Suite): Includes Gmail, Google Drive, and
Docs.
o Microsoft 365: Offers Word, Excel, PowerPoint, and Teams.
o Dropbox: For cloud storage and file sharing.
o Salesforce: A customer relationship management (CRM) platform.

4. Storage Services:

• Focused specifically on cloud-based storage solutions.


• Examples:
o Dropbox
o OneDrive
o Google Drive

5. Backup and Disaster Recovery Services:

• Focus on protecting data and ensuring continuity during failures.


• Examples:
o Carbonite: Provides automatic cloud backup.
o Veeam Cloud Connect: For data replication and recovery.

6. Specialized Cloud Services:

• Examples:
o Cloudflare: For web performance and security.
o Twilio: Cloud-based communications (SMS, voice, video).
o Snowflake: Cloud-based data warehousing and analytics.

These third-party services reduce the need for businesses to manage their own infrastructure and
enable them to focus on core activities.

12. Why is cloud management important?


Cloud management refers to the oversight and control of cloud resources, services, and
infrastructure. It is essential for ensuring efficient, secure, and cost-effective use of cloud
technologies. Here's why cloud management is critical:

1. Cost Control and Optimization

• Avoid Over-Spending: Without management, unused or over-provisioned resources can


lead to waste.
UNIT – IV
Resource Management and Security in Cloud
• Budget Forecasting: Cloud management tools track usage patterns, helping predict and
control expenses.

2. Enhanced Security

• Data Protection: Helps enforce security measures like encryption, access control, and
monitoring.
• Compliance: Ensures adherence to industry regulations such as GDPR, HIPAA, or PCI
DSS.

3. Performance Optimization

• Resource Utilization: Ensures efficient use of cloud resources by monitoring workloads


and performance.
• Dynamic Scaling: Facilitates automatic scaling to maintain performance during peak
usage.

4. Simplified Operations

• Automation: Streamlines repetitive tasks like backups, updates, and deployments.


• Centralized Control: Provides unified dashboards for better oversight of multi-cloud
environments.

5. Disaster Recovery and Backup

• Ensures data recovery processes are in place to minimize downtime during failures.

6. Scalability and Flexibility

• Allows businesses to adapt quickly to changing demands without compromising service


quality.

13. What is Utility Computing?


Utility computing is a model where computing resources (e.g., storage, processing power,
software) are provided to users on a pay-as-you-go basis, much like utility services such as
electricity or water.

Key Features of Utility Computing:

1. On-Demand Availability
o Users can access resources whenever needed without prior commitments.
2. Pay-Per-Use Model
UNIT – IV
Resource Management and Security in Cloud
o Charges are based on actual consumption, making it cost-efficient.
3. Scalability
o Resources can scale up or down dynamically based on user needs.
4. Infrastructure Abstraction
o Users do not need to own or manage physical infrastructure; they access
virtualized resources.

Examples of Utility Computing:

• Cloud Storage Services:


o Amazon S3: Charges based on the amount of data stored and retrieved.
o Google Drive: Offers scalable storage for personal and business use.
• Compute Services:
o AWS EC2: Provides virtual servers billed by the hour or second.
o Microsoft Azure Virtual Machines: Charges based on instance type and
runtime.
• Applications as a Service:
o Google Workspace: Users pay for the number of accounts or features they use.

Benefits of Utility Computing:

• Cost Savings: Eliminates the need for large upfront investments in IT infrastructure.
• Flexibility: Allows businesses to adjust resources as demand fluctuates.
• Focus on Core Business: Frees up organizations to focus on innovation rather than
managing IT infrastructure.

By leveraging cloud management and utility computing, organizations can optimize their
cloud usage, minimize costs, and improve operational efficiency.

14-.What are Cloud Security Standards?


Cloud security standards are frameworks, guidelines, and best practices established to ensure
the security, privacy, and compliance of data, applications, and services in cloud environments.
These standards aim to protect sensitive information, manage risks, and provide confidence in
cloud solutions.

Common Cloud Security Standards and Frameworks:

1. ISO/IEC 27001 and ISO/IEC 27017


o ISO/IEC 27001: A globally recognized standard for information security
management systems (ISMS).
UNIT – IV
Resource Management and Security in Cloud
o ISO/IEC 27017: Provides specific guidelines for cloud security controls,
complementing ISO 27001.
2. CSA (Cloud Security Alliance) STAR Certification
o STAR (Security, Trust, Assurance, and Risk) is a certification program based on
the CSA Cloud Controls Matrix (CCM).
o It provides transparency and assurance about a cloud provider's security measures.
3. NIST Cybersecurity Framework
o Published by the National Institute of Standards and Technology (NIST).
o Offers guidelines for identifying, protecting, detecting, responding to, and
recovering from cybersecurity threats in cloud environments.
4. SOC 2 (Service Organization Control 2)
o A framework for managing customer data securely, focusing on principles like
security, availability, and confidentiality.
5. PCI DSS (Payment Card Industry Data Security Standard)
o Applies to cloud environments that handle payment card data, ensuring secure
processing and storage.
6. GDPR (General Data Protection Regulation)
o A European Union regulation that governs data protection and privacy for
individuals within the EU, impacting cloud providers globally.
7. FedRAMP (Federal Risk and Authorization Management Program)
o A U.S. government framework ensuring that cloud products and services meet
stringent security requirements for federal agencies.
8. HIPAA (Health Insurance Portability and Accountability Act)
o Ensures the security and privacy of health-related data stored or processed in the
cloud.

15.Explain different resource provisioning method in cloud.


Ans. As per the requirement of the application, resource provisioning techniques can be
categorized into three types:

a. Static Resource Provisioning:- For applications that have predictable and generally
unchanging demands/workloads, it is possible to use “static provisioning" effectively. With
advance provisioning, the customer contracts with the provider for services and the provider
prepares the appropriate resources in advance of start of service. The customer is charged a flat
fee or is billed on a monthly basis.

b. Dynamic Resource Provisioning: - In cases where demand by applications may change or


vary, “dynamic provisioning" techniques have been suggested whereby VMs may be migrated
on-the-fly to new compute nodes within the cloud. With dynamic provisioning, the provider
UNIT – IV
Resource Management and Security in Cloud
allocates more resources as they are needed and removes them when they are not. The customer
is billed on a pay-per-use basis. When dynamic provisioning is used to create a hybrid cloud, it is
sometimes referred to as cloud bursting.

c. User Self-provisioning: With user self provisioning:-(also known as cloud self-service), the
customer purchases resources from the cloud provider through a web form, creating a customer
account and paying for resources with a credit card. The provider's resources are available for
customer use within hours, if not minutes.

16. Why security is needed in cloud?


Ans. Cloud computing and storage provides users with capabilities to store and process their data
in third-party data centers. Organizations use the cloud in a variety of different service models
(with acronyms such as SaaS, PaaS, and IaaS) and deployment models (private, public, hybrid,
and community). Security concerns associated with cloud computing fall into two broad
categories: security issues faced by cloud providers (organizations providing software-, platform-
, or infrastructure-as-a-service via the cloud) and security issues faced by their customers
(companies or organizations who host applications or store data on the cloud). The responsibility
is shared, however. The provider must ensure that their infrastructure is secure and that their
clients’ data and applications are protected, while the user must take measures to fortify their
application and use strong passwords and authentication measures.

When an organization elects to store data or host applications on the public cloud, it loses its
ability to have physical access to the servers hosting its information. As a result, potentially
sensitive data is at risk from insider attacks. According to a recent Cloud Security Alliance
report, insider attacks are the sixth biggest threat in cloud computing. Therefore, cloud service
providers must ensure that thorough background checks are conducted for employees who have
physical access to the servers in the data center. Additionally, data centers must be frequently
monitored for suspicious activity.

In order to conserve resources, cut costs, and maintain efficiency, cloud service providers often
store more than one customer's data on the same server. As a result, there is a chance that one
user's private data can be viewed by other users (possibly even competitors). To handle such
sensitive situations, cloud service providers should ensure proper data isolation and logical
storage segregation.

The extensive use of virtualization in implementing cloud infrastructure brings unique security
concerns for customers or tenants of a public cloud service. Virtualization alters the relationship
between the OS and underlying hardware – be it computing, storage or even networking. This
introduces an additional layer – virtualization – that itself must be properly configured, managed
and secured. Specific concerns include the potential to compromise the virtualization software,
UNIT – IV
Resource Management and Security in Cloud
or "hypervisor". While these concerns are largely theoretical, they do exist. For example, a
breach in the administrator workstation with the management software of the virtualization
software can cause the whole datacenter to go down or be reconfigured to an attacker's liking.

17. What are the different security challenges available in


cloud.
Ans. Cloud computing in its many forms, has proven to be a powerful, effective set of
technologies which can provide even the smallest enterprise with significant benefits. However,
cloud computing does not come without its own challenges, including those that are security
related. Below you will find an overview of the key security challenges faced by cloud
computing adopters.

Lack of Visibility and Control

Relating to public and hybrid cloud environments, the loss of overall service visibility and the
associated lack of control can be a problem. Whether you’re dealing with public or hybrid cloud
environments, a loss of visibility in the cloud can mean a loss of control over several aspects of
IT management and data security. Where legacy style in- house infrastructure was entirely under
the control of the company, cloud services delivered by third-party providers don’t offer the
same level of granularity with regards to administration and management.

Data Breaches and Downtime

Despite the fact that generally speaking, enterprise-grade cloud services are more secure than legacy
architecture, there is still a potential cost in the form of data breaches and downtime. With public and
private cloud offerings, resolving these types of problems is in the hands of the third-party
provider. Consequently, the business has very little control over how long critical business
systems may be offline, as well as how well the breach is managed.

Vendor Lock-In

For companies that come to rely heavily on public and hybrid cloud platforms, there is a danger
that they become forced to continue with a specific third-party vendor simply to retain
operational capacity. If critical business applications are locked into a single vendor, it can be
very difficult to make tactical decisions such as moving to a new vendor. In effect, the vendor is
being provided with the leverage it needs to force the customer into an unfavorable contract.
Logicworks recently performed a survey that found showed that some 78% of IT decision
makers blame the fear of vendor lock-in as a primary reason for their organization failing to gain
maximum value from cloud computing.

Compliance Complexity
UNIT – IV
Resource Management and Security in Cloud
In sectors such as healthcare and finance, where legislative requirements with regard to storage
of private data are heavy, achieving full compliance whilst using public or private cloud
offerings can be more complex. Many enterprises attempt to gain compliance by using a cloud
vendor that is deemed fully compliant. Indeed, data shows that some 51% of firms in the USA
rely on nothing more than a statement of compliance from their cloud vendor as confirmation
that all legislative requirements have been met. But what happens when at a later stage, it is
found that the vendor is not actually fully compliant? The client company could find itself facing
non-compliance, with very little control over how the problem can be resolved.

18. Explain messaging standard in cloud.


Ans. Standards for message are a unit of information that is moved from one place to another.

• Simple Message Transfer Protocol (SMTP)

o It is usually used for sending a message from a workstation to a mail server


o It is also used for communications between mail servers
o Clients must have a constant connection to the host to receive SMTP messages

• Post Office Protocol (POP)

o Purpose is to download messages from a server


o This allows a server to store messages until a client connects and requests them
o Once the client connects, POP servers begin to download the messages and subsequently
delete them from the server

• Internet Messaging Access Protocol (IMAP)


o IMAP allows messages to be kept on the server
o But viewed as though they were stored locally

Syndication (RSS and Atom & Atom Publishing Protocol)


• RSS
o The acronym “Really Simple Syndication” or “Rich Site Summary”
o Used to publish frequently updated works—such as news headlines
o RSS is a family of web feed formats

• Atom & Atom Publishing Protocol


o The Atom format was developed as an alternative to RSS

Communications (HTTP, SIMPLE and XMPP)

• HTTP
o The acronym “Hypertext Transfer Protocol
UNIT – IV
Resource Management and Security in Cloud
o HTTP is a request/response standard between a client and a server
o For distributed, collaborative, hypermedia information systems
• XMPP
o The acronym “Extensible Messaging and Presence Protocol”
o Used for near-real-time, extensible instant messaging and presence information
o XMPP remains the core protocol of the Jabber Instant Messaging and Presence
technology
• SIMPLE
o Session Initiation Protocol for Instant Messaging and Presence Leveraging Extensions
o For registering for presence information and receiving notifications
o It is also used for sending short messages and managing a session of realtime messages
between two or more participants

19-. What are benefits of Identity and Access Management


(IAM)
Identity and Access Management (IAM) refers to a framework of policies, processes, and
technologies that ensure the right individuals and entities have access to the right resources at the
right time. Effective IAM is essential for securing systems, protecting sensitive data, and
enhancing operational efficiency. Below are the key benefits of implementing IAM:

1. Enhanced Security

• Access Control: Ensures that only authorized users can access specific resources.
• Least Privilege Principle: Limits access rights to the minimum required for users to
perform their tasks.
• Reduced Risk of Insider Threats: By managing access tightly, IAM minimizes the risk
of unauthorized actions by internal personnel.

2. Regulatory Compliance

• Simplifies compliance with standards like GDPR, HIPAA, and PCI DSS by ensuring
proper logging, monitoring, and auditing of access.
• Facilitates access reviews and ensures only appropriate permissions are granted.

3. Improved Productivity

• Single Sign-On (SSO): Allows users to access multiple systems with one set of
credentials, reducing the time spent on logging into various platforms.
• Automated Provisioning: Speeds up the onboarding process by automatically granting
access to necessary resources.

4. Cost Efficiency
UNIT – IV
Resource Management and Security in Cloud
• Reduces IT overhead by automating user provisioning, password resets, and de-
provisioning.
• Prevents data breaches and the associated financial and reputational costs.

5. Centralized Access Management

• Offers a unified platform to manage and monitor user access across multiple systems and
applications.
• Simplifies administration, especially in multi-cloud or hybrid environments.

6. Reduced Risk of Credential Misuse

• Supports multi-factor authentication (MFA), adding an extra layer of security beyond


passwords.
• Ensures timely revocation of access when employees leave or change roles.

7. Enhanced User Experience

• Streamlined Access: SSO and self-service portals improve usability, reducing frustration
caused by multiple logins or forgotten passwords.
• Consistency: Provides uniform access across all resources and platforms

8. Scalability

• Easily accommodates growing organizations by managing access for additional users,


applications, and systems.
• Works across on-premises, cloud, and hybrid environments.

20 .What is Software as a Service (SaaS) Security?


Software as a Service (SaaS) security refers to the measures, strategies, and practices used to
secure software applications that are provided over the internet, rather than being installed and
run on local machines or servers. SaaS is a popular cloud computing model where users access
software applications via a web browser on a subscription or pay-per-use basis.

SaaS applications can range from customer relationship management (CRM) tools (e.g.,
Salesforce) to office productivity software (e.g., Google Workspace) and enterprise resource
planning (ERP) systems. Because the software and data are hosted on cloud servers owned by
third-party providers, SaaS security is essential to ensure that data is protected from breaches,
loss, and unauthorized access.
UNIT – IV
Resource Management and Security in Cloud
Key Aspects of SaaS Security:

1. Data Protection and Privacy:


o Encryption: SaaS providers must ensure that data is encrypted both in transit
(when data is transferred over the network) and at rest (when it is stored on the
provider’s servers) to prevent unauthorized access.
o Data Integrity: Mechanisms must be in place to ensure that data is not altered or
tampered with during transmission or storage.
o Data Backup and Recovery: Regular backups should be performed to safeguard
against data loss. Providers should also have a disaster recovery plan in place in
case of data breaches or other disruptions.
2. Access Control:
o Authentication: Strong authentication mechanisms, such as multi-factor
authentication (MFA), should be implemented to verify the identity of users
accessing the application.
o Authorization: Role-based access control (RBAC) or attribute-based access
control (ABAC) ensures that users can only access the data and features they are
authorized to use, based on their roles or attributes.
o Identity Management: Effective identity and access management (IAM)
practices must be used to manage users and their privileges across the SaaS
platform.
3. Multi-Tenancy Security:
o SaaS applications are often multi-tenant, meaning that multiple customers share
the same instance of the software. Each customer’s data and configuration must
be logically isolated to prevent unauthorized access to others’ data.
o Tenant Isolation: Providers must ensure that one customer's data cannot be
accessed by another customer, either due to software bugs or malicious intent.
4. Compliance and Regulatory Standards:
o SaaS providers need to comply with industry-specific standards and regulations
such as General Data Protection Regulation (GDPR), Health Insurance
Portability and Accountability Act (HIPAA), Payment Card Industry Data
Security Standard (PCI DSS), and more.
o Regular audits and assessments ensure that the SaaS platform adheres to these
standards and that data is stored and processed in a compliant manner.
5. Security Monitoring and Incident Response:
o Continuous monitoring tools should be in place to detect suspicious activity,
unauthorized access attempts, and security breaches in real-time.
o Incident Response: A well-documented incident response plan ensures that the
provider can quickly address security incidents and notify customers of any
potential breaches.
6. Vulnerability Management:
o SaaS providers must regularly conduct security assessments, vulnerability
scanning, and penetration testing to identify and fix security weaknesses in the
software and infrastructure.
o Patching: Regular updates and security patches must be applied to fix
vulnerabilities in the SaaS application and its underlying infrastructure.
UNIT – IV
Resource Management and Security in Cloud
7. Secure APIs:
o Many SaaS platforms expose APIs (Application Programming Interfaces) that
allow users to integrate with other software. These APIs must be secured to
prevent unauthorized access or abuse.
o API Security: This involves using strong authentication methods, input
validation, and rate-limiting to protect API endpoints.
8. End-User Security Training:
o Since SaaS applications often involve end-users interacting directly with the
platform, it’s important to train users on best security practices (such as strong
password management, avoiding phishing attacks, etc.)
Unit 5: Question Bank (Cloud Computing)
1. What are modules of Hadoop?
Hadoop is an open-source framework from Apache and is used to store process and
analyze data which are very huge in volume.
Modules of Hadoop:
1. HDFS: Hadoop Distributed File System. Google published its paper GFS and on the
basis of that HDFS was developed. It states that the files will be broken into blocks and
stored in nodes over the distributed architecture.
2. Yarn: Yet another Resource Negotiator is used for job scheduling and manage the
cluster.
3. Map Reduce: This is a framework which helps Java programs to do the parallel
computation on data using key value pair. The Map task takes input data and converts it
into a data set which can be computed in Key value pair. The output of Map task is
consumed by reduce task and then the out of reducer gives the desired result.
4. Hadoop Common: These Java libraries are used to start Hadoop and are used by other
Hadoop modules.

2. Explain Hadoop and its History.


Hadoop is an open source distributed processing framework that manages data processing
and storage for big data applications in scalable clusters of computer servers. It's at the
center of an ecosystem of big data technologies that are primarily used to support
advanced analytics initiatives, including predictive analytics, data mining and machine
learning.

The Hadoop was started by Doug Cutting and Mike Cafarella in 2002. Its origin was the
Google File System paper, published by Google.
Let's focus on the history of Hadoop in the following steps: -
o In 2002, Doug Cutting and Mike Cafarella started to work on a project, Apache Nutch. It
is an open source web crawler software project.
o While working on Apache Nutch, they were dealing with big data. To store that data they
have to spend a lot of costs which becomes the consequence of that project. This problem
becomes one of the important reason for the emergence of Hadoop.
o In 2003, Google introduced a file system known as GFS (Google file system). It is a
proprietary distributed file system developed to provide efficient access to data.
o In 2004, Google released a white paper on Map Reduce. This technique simplifies the
data processing on large clusters.
o In 2005, Doug Cutting and Mike Cafarella introduced a new file system known as NDFS
(Nutch Distributed File System). This file system also includes Map reduce.
o In 2006, Doug Cutting quit Google and joined Yahoo. On the basis of the Nutch project,
Dough Cutting introduces a new project Hadoop with a file system known as HDFS
(Hadoop Distributed File System). Hadoop first version 0.1.0 released in this year.
o Doug Cutting gave named his project Hadoop after his son's toy elephant.
o In 2007, Yahoo runs two clusters of 1000 machines.
o In 2008, Hadoop became the fastest system to sort 1 terabyte of data on a 900 node
cluster within 209 seconds.
o In 2013, Hadoop 2.2 was released.
o In 2017, Hadoop 3.0 was released.

3. Define Virtual Box.


VirtualBox is software that is provided by Oracle to install virtual machines onto your
system. It was introduced in the year 2007 by Innotek Gmbh and later was developed by
Oracle. It is also called a software virtualization package that is capable to load multiple
operating systems.
• VirtualBox is open-source software for virtualizing the x86 computing architecture. It
acts as a hypervisor, creating a VM (virtual machine) where the user can run another OS
(operating system).
• The operating system where VirtualBox runs is called the "host" OS. The operating
system running in the VM is called the "guest" OS. VirtualBox supports Windows,
Linux, or macOS as its host OS.

Oracle VirtualBox is open source virtualization software that allows users to run multiple
operating system on a single device, and easily deploy to cloud.

4. What do you mean by MapReduce?

A MapReduce is a data processing tool which is used to process the data parallelly in a
distributed form. It was developed in 2004, on the basis of paper titled as "MapReduce:
Simplified Data Processing on Large Clusters," published by Google.

The MapReduce is a paradigm which has two phases, the mapper phase, and the reducer
phase. In the Mapper, the input is given in the form of a key-value pair. The output of the
Mapper is fed to the reducer as input. The reducer runs only after the Mapper is over. The
reducer too takes input in key-value format, and the output of reducer is the final output.

Phases of MapReduce:

• Input Phase − Here we have a Record Reader that translates each record in an input file
and sends the parsed data to the mapper in the form of key-value pairs.
• Map − Map is a user-defined function, which takes a series of key-value pairs and
processes each one of them to generate zero or more key-value pairs.
• Intermediate Keys − They key-value pairs generated by the mapper are known as
intermediate keys.
• Combiner − A combiner is a type of local Reducer that groups similar data from the map
phase into identifiable sets. It takes the intermediate keys from the mapper as input and
applies a user-defined code to aggregate the values in a small scope of one mapper. It is
not a part of the main MapReduce algorithm; it is optional.
• Shuffle and Sort − The Reducer task starts with the Shuffle and Sort step. It downloads
the grouped key-value pairs onto the local machine, where the Reducer is running. The
individual key-value pairs are sorted by key into a larger data list. The data list groups the
equivalent keys together so that their values can be iterated easily in the Reducer task.
• Reducer − The Reducer takes the grouped key-value paired data as input and runs a
Reducer function on each one of them. Here, the data can be aggregated, filtered, and
combined in a number of ways, and it requires a wide range of processing. Once the
execution is over, it gives zero or more key-value pairs to the final step.
• Output Phase − In the output phase, we have an output formatter that translates the final
key-value pairs from the Reducer function and writes them onto a file using a record
writer.

5. Discuss Hadoop Architecture.

Hadoop Architecture
The Hadoop architecture is a package of the file system, MapReduce engine and the
HDFS (Hadoop Distributed File System). The MapReduce engine can be
MapReduce/MR1 or YARN/MR2.

A Hadoop cluster consists of a single master and multiple slave nodes. The master node
includes Job Tracker, Task Tracker, NameNode, and DataNode whereas the slave node
includes DataNode and TaskTracker.

Hadoop Distributed File System


The Hadoop Distributed File System (HDFS) is a distributed file system for Hadoop. It contains
a master/slave architecture. This architecture consist of a single NameNode performs the role of
master, and multiple DataNodes performs the role of a slave.

Both NameNode and DataNode are capable enough to run on commodity machines. The Java
language is used to develop HDFS. So any machine that supports Java language can easily run
the NameNode and DataNode software.

NameNode

• It is a single master server exist in the HDFS cluster.


• As it is a single node, it may become the reason of single point failure.
• It manages the file system namespace by executing an operation like the opening,
renaming and closing the files.
• It simplifies the architecture of the system.

DataNode

• The HDFS cluster contains multiple DataNodes.


• Each DataNode contains multiple data blocks.
• These data blocks are used to store data.
• It is the responsibility of DataNode to read and write requests from the file system's
clients.
• It performs block creation, deletion, and replication upon instruction from the
NameNode.

Job Tracker

• The role of Job Tracker is to accept the MapReduce jobs from client and process the data
by using NameNode.
• In response, NameNode provides metadata to Job Tracker.

Task Tracker

• It works as a slave node for Job Tracker.


• It receives task and code from Job Tracker and applies that code on the file. This process
can also be called as a Mapper.

MapReduce Layer
The MapReduce comes into existence when the client application submits the MapReduce job to
Job Tracker. In response, the Job Tracker sends the request to the appropriate Task Trackers.
Sometimes, the TaskTracker fails or time out. In such a case, that part of the job is rescheduled.

6. Explain Features of Hadoop.

1. Open Source:Hadoop is open-source, which means it is free to use. Since it is an


open-source project the source-code is available online for anyone to understand it or
make some modifications as per their industry requirement.

2. Highly Scalable Cluster:Hadoop is a highly scalable model. A large amount of data is


divided into multiple inexpensive machines in a cluster which is processed parallelly. The
number of these machines or nodes can be increased or decreased as per the enterprise’s
requirements. In traditional RDBMS (Relational DataBase Management System) the
systems cannot be scaled to approach large amounts of data.

3. Fault Tolerance is Available:Hadoop uses commodity hardware(inexpensive


systems) which can be crashed at any moment. In Hadoop data is replicated on various
DataNodes in a Hadoop cluster which ensures the availability of data if somehow any of
your systems got crashed. You can read all of the data from a single machine if this
machine faces a technical issue data can also be read from other nodes in a Hadoop
cluster because the data is copied or replicated by default. By default, Hadoop makes 3
copies of each file block and stored it into different nodes. This replication factor is
configurable and can be changed by changing the replication property in the hdfs-site.xml
file.

4. High Availability is Provided:Fault tolerance provides High Availability in the


Hadoop cluster. High Availability means the availability of data on the Hadoop cluster.
Due to fault tolerance in case if any of the DataNode goes down the same data can be
retrieved from any other node where the data is replicated. The High available Hadoop
cluster also has 2 or more than two Name Node i.e. Active NameNode and Passive
NameNode also known as stand by NameNode. In case if Active NameNode fails then
the Passive node will take the responsibility of Active Node and provide the same data as
that of Active NameNode which can easily be utilized by the user.

5. Cost-Effective: Hadoop is open-source and uses cost-effective commodity hardware


which provides a cost-efficient model, unlike traditional Relational databases that require
expensive hardware and high-end processors to deal with Big Data. The problem with
traditional Relational databases is that storing the Massive volume of data is not cost-
effective, so the company’s started to remove the Raw data, which may not result in the
correct scenario of their business. Means Hadoop provides us 2 main benefits with the
cost one is it’s open-source means free to use and the other is that it uses commodity
hardware which is also inexpensive.

7. What is Google App Engine (GAE)?

• GAE is a platform-as-a-service product that provides web app developers and enterprises
with access to Google's scalable hosting and tier 1 internet service.
• GAE requires that applications be written in Java or Python, store data in Google
Bigtable and use the Google query language. Noncompliant applications require
modification to use GAE.
• GAE provides more infrastructure than other scalable hosting services, such as Amazon
Elastic Compute Cloud (EC2). GAE also eliminates some system administration and
development tasks to make writing scalable applications easier.
• Google provides GAE free up to a certain amount of use for the following resources:

▪ processor (CPU)
▪ storage
▪ application programming interface (API) calls
▪ concurrent requests

Advantages of GAE

• Ease of setup and use. GAE is fully managed, so users can write code without
considering IT operations and back-end infrastructure. The built-in APIs enable users to
build different types of applications. Access to application logs also facilitates debugging
and monitoring in production.
• Pay-per-use pricing. GAE's billing scheme only charges users daily for the resources
they use. Users can monitor their resource usage and bills on a dashboard.
• Scalability. Google App Engine automatically scales as workloads fluctuate, adding and
removing application instances or application resources as needed.
• Security. GAE supports the ability to specify a range of acceptable Internet Protocol (IP)
addresses. Users can allow list specific networks and services and blocklist specific IP
addresses.
GAE disadvantages

• Lack of control. Although a managed infrastructure has advantages, if a problem occurs


in the back-end infrastructure, the user is dependent on Google to fix it.
• Performance limits. CPU-intensive operations are slow and expensive to perform using
GAE. This is because one physical server may be serving several separate, unrelated app
engine users at once who need to share the CPU.
• Limited access. Developers have limited, read-only access to the GAE filesystem.
• Java limits. Java apps cannot create new threads and can only use a subset of the Java
runtime environment standard edition classes.

8. List the functional model of GAE.

FUNCTIONAL MODULES OF GAE:


➢ When the user wants to get the data, he/she will first send an authorized data requests to
Google Apps.
➢ It forwards the request to the tunnel server.
➢ The tunnel servers validate the request identity.
➢ If the identity is valid, the tunnel protocol allows the SDC to set up a connection,
authenticate, and encrypt the data that flows across the Internet.
➢ SDC also validates whether a user is authorized to access a specified resource.
➢ Application runtime environment offers a platform for web programming and execution.
➢ It supports two development languages: Python and Java. 🞂 Software Development Kit
(SDK) is used for local application development.
➢ The SDK allows users to execute test runs of local applications and upload application
code.
➢ Administration console is used for easy management of user application development
cycles.
➢ GAE web service infrastructure provides special guarantee flexible use and management
of storage and network resources by GAE.
➢ Google offers essentially free GAE services to all Gmail account owners.
➢ We can register for a GAE account or use your Gmail account name to sign up for the
service.
➢ The service is free within a quota.
➢ If you exceed the quota, extra amount will be charged.
➢ Allows the user to deploy user-built applications on top of the cloud infrastructure.
➢ They are built using the programming languages and software tools supported by the
provider (e.g., Java, Python)
9. Write advantage of Hadoop.
Fast: In HDFS the data distributed over the cluster and are mapped which helps in faster
retrieval. Even the tools to process the data are often on the same servers, thus reducing
the processing time. It is able to process terabytes of data in minutes and Peta bytes in
hours.
Scalable: Hadoop cluster can be extended by just adding nodes in the cluster.
Cost Effective: Hadoop is open source and uses commodity hardware to store data so it
really cost effective as compared to traditional relational database management system.
Resilient to failure: HDFS has the property with which it can replicate data over the
network, so if one node is down or some other network failure happens, then Hadoop
takes the other copy of data and use it. Normally, data are replicated thrice but the
replication factor is configurable.

10. What do you mean by OpenStack?

OpenStack is a collection of open source software modules and tools that provides a framework
to create and manage both public cloud and private cloud infrastructure.

OpenStack delivers infrastructure-as-a-service functionality -- it pools, provisions and manages


large concentrations of compute, storage and network resources. These resources, which include
bare metal hardware, virtual machines (VMs) and containers, are managed through application
programming interfaces (APIs) as well as an OpenStack dashboard. Other OpenStack
components provide orchestration, fault management and services intended to support reliable,
high availability operations.

What does OpenStack do?

• To create a cloud computing environment, an organization typically builds off of its


existing virtualized infrastructure, using a well-established hypervisor such as VMware
vSphere, Microsoft Hyper-V or KVM. However, cloud computing offers more than just
virtualization -- a public or private cloud provides extensive provisioning, lifecycle
automation, user self-service, cost reporting and billing, orchestration and other features.
• Installing OpenStack software on top of a virtualized environment forms a cloud
operating system. An organization can use that to organize, provision and manage large
pools of heterogeneous compute, storage and network resources. Whereas an IT
administrator typically provisions and manages resources in a more traditional virtualized
environment, OpenStack enables individual users to provision resources through
management dashboards and an API.
• This cloud-based infrastructure created through OpenStack supports an array of uses
cases, including web hosting, big data projects, software-as-a-service delivery or
container deployment.
• OpenStack competes most directly with other open source cloud platforms, including
Eucalyptus and Apache CloudStack. Some also see it as an alternative to public cloud
platforms such as Amazon Web Services or Microsoft Azure, and some smaller public
cloud providers use OpenStack as the native cloud platform.

Components of OpenStack:

As an open source software, it has a community that collaborates and it has defined nine
components that are part of the “core” of OpenStack. The community maintains these
components and they are distributed as a part of any OpenStack system.

Nova

This is the primary computing engine behind OpenStack. This allows deploying and managing
virtual machines and other instances t o handle computing tasks.

Swift

The storage system for objects and files is referred to as Swift. In the traditional storage systems,
files are referred to a location on the disk drive, whereas in OpenStack Swift files are referred to
by a unique identifier and the Swift is in charge where to store the files.

The scaling is therefore made easier because the developers don’t have the worry about the
capacity on a single system behind the software. This makes the system in charge of the best way
to make data backup in case of network or hardware problems.

Cinder

This is the respective component to the traditional computer access to specific disc locations. It is
a block storage component that enables the cloud system to access data with higher speed in
situations when it is an important feature.

Neutron

Neutron is the networking component of OpenStack. It makes all the components communicate
with each other smoothly, quickly and efficiently.
Horizon

This is the OpenStack dashboard. It’s the graphical interface to OpenStack and the first
component that users starting with OpenStack will see.

There is an OpenStack API that allows developers to access all the components individually, but
the dashboard is the management platform for the system administrators to have a know what is
going on in the cloud.

Keystone

This is the component that provides identity services for OpenStack. Basically, this is a
centralized list of all the users and their permissions for the services they use in the OpenStack
cloud.

Glance:It is a component that provides image services or virtual copies of the hard disks.
Glance allows these images to be used as templates when deploying new virtual machine
instances.

Ceilometer:Ceilometer provides data measurement services, thus enabling the cloud to


offer billing services to individual users of the cloud. It measures system usage by each
user for each of the components of the cloud and makes reporting available.

Heat:Heat is the orchestration component of OpenStack, which allows developers to store the
requirements of a cloud application in a file that defines what resources are necessary for that
application. In this way, it helps to manage the infrastructure needed for a cloud service to run.

This is the component which allows developers to keep the requirements of the cloud
applications of the resources in a file. It improves the management of the infrastructure needed
for a cloud service to run.

11. What is cloud Federation?

Cloud computing offers computing resources such as servers, databases, storage, networking,
runtime environment, virtualization, & software to its customer on their demand over the
internet. Customers consume these cloud services with pay as you go pricing model.
Now the term federation is associated with the cloud. Federation means associating small
divisions to a single group for performing a common task. Federated cloud is formed by
connecting the cloud environment of several cloud providers using a common standard. This
federation in the cloud helps the provider to easily scale up the resource to match business needs.

Cloud Federation Properties

Cloud federation properties can be classified into two categories i.e. functional cloud federation
properties and usage cloud federation properties.

Functional Cloud Federation Properties

1. Authentication: Cloud federation has the involvement of several foreign resources that have
participated in the federation. To consume these foreign resource customer must be provided
with the access credential relevant to the target foreign resource. However, the respective foreign
resource must also have authentication information of the customer.

2. Integrity: Integrity in the federated cloud offers and demand consistent resources by the
providers participated in the federation. If the federated cloud environment lacks in providing the
resources its purpose becomes questionable.

To maintain the consistency of the environment management is needed by the providers they can
even designate a federation administrative board or the provider can automate the process which
will trigger the administrative action when any irregularity is detected.
3. Monitoring: Federated cloud can be monitored in two ways global monitoring and monitoring
as a service (MaaS). Global monitoring aids in maintaining the federated cloud. MaaS provides
information that helps in tracking contracted services to the customer.

4. Object: Marketing object in cloud computing are infrastructure, software, platform that are
offered to the customer as a service. These objects have to pass through federation when
consumed in the federated cloud.

5. Contracts: In cloud computing, the agreement between provider and consumer i.e. service
level agreement (SLA) has both technical as well as administrative commitments between
provider and consumer. In addition to SLA federated cloud has a federation level agreement
that encloses commitment to the functional and usage properties.

6. Provisioning: Allocating services and resources offered by the cloud provider to the customer
through federation. It can be done manually or automatically. In an automatic way, the best
provider is chosen to allocate the resources and services to the customer. In the manual way
entity in the federation selects the provider to allocate the resources and services.

12. What is the advantage of federated cloud?

Advantages of Federated Cloud:

1. Federated cloud allows scaling up of resources.


2. Federated cloud increases reliability.
3. Federated cloud has increased collaboration of cloud resources.
4. Connects multiple cloud service provider globally to let providers buy and sell their
services on demand.
5. Dynamic scalability reduces the cost and time of providers.

13. Explain the concept of Map Reduce.

A MapReduce is a data processing tool which is used to process the data parallelly in a
distributed form. It was developed in 2004, on the basis of paper titled as "MapReduce:
Simplified Data Processing on Large Clusters," published by Google.

The MapReduce is a paradigm which has two phases, the mapper phase, and the reducer
phase. In the Mapper, the input is given in the form of a key-value pair. The output of the
Mapper is fed to the reducer as input. The reducer runs only after the Mapper is over. The
reducer too takes input in key-value format, and the output of reducer is the final output.
Features of MapReduce:

1. Scalability

Apache Hadoop is a highly scalable framework. This is because of its ability to store and
distribute huge data across plenty of servers. All these servers were inexpensive and can operate
in parallel. We can easily scale the storage and computation power by adding servers to the
cluster.

2. Flexibility

MapReduce programming enables companies to access new sources of data. It enables


companies to operate on different types of data. It allows enterprises to access structured as well
as unstructured data, and derive significant value by gaining insights from the multiple sources
of data.

3. Security and Authentication

The MapReduce programming model uses HBase and HDFS security platform that allows access
only to the authenticated users to operate on the data. Thus, it protects unauthorized access to
system data and enhances system security.

4. Cost-effective solution

Hadoop’s scalable architecture with the MapReduce programming framework allows the storage
and processing of large data sets in a very affordable manner.

5. Fast

Hadoop uses a distributed storage method called as a Hadoop Distributed File System that
basically implements a mapping system for locating data in a cluster.

6. Simple model of programming

Amongst the various features of Hadoop MapReduce, one of the most important features is that
it is based on a simple programming model. Basically, this allows programmers to develop the
MapReduce programs which can handle tasks easily and efficiently.

7. Parallel Programming

One of the major aspects of the working of MapReduce programming is its parallel processing. It
divides the tasks in a manner that allows their execution in parallel. The parallel processing
allows multiple processors to execute these divided tasks. So the entire program is run in less
time.

8. Availability and resilient nature

Whenever the data is sent to an individual node, the same set of data is forwarded to some other
nodes in a cluster. So, if any particular node suffers from a failure, then there are always other
copies present on other nodes that can still be accessed whenever needed. This assures high
availability of data.

14. What is federation stack and explain it in detail.


Sol: The cloud federation stack is a collection of technologies and protocols that enable
different cloud providers to work together seamlessly to provide a unified, interoperable
cloud computing environment.
It typically includes the following components:
1. Identity and Access Management: Cloud federation requires a robust identity and access
management system that allows users to securely authenticate and access resources across
multiple cloud providers.
2. Data Interoperability: Data interoperability ensures that data can be easily transferred
and accessed across different cloud platforms. This includes standard data formats, APIs, and
protocols for data exchange.
3. Resource Orchestration: Resource orchestration is the process of automating the
deployment and management of resources across multiple cloud providers. It includes tools
for provisioning, scaling, and monitoring resources in a federated environment.
4. Federation Policy Management: Federation policy management involves defining and
enforcing policies for sharing resources, data, and services across multiple cloud providers.
This includes policies for security, compliance, and governance.
5. Service Level Management: Service level management ensures that services provided by
different cloud providers meet agreed-upon performance, availability, and quality standards.
This includes monitoring, reporting, and analyzing service level metrics.
6. Federation Gateway: The federation gateway acts as a bridge between different cloud
providers, allowing for seamless communication and data exchange.
It performs tasks such as authentication, authorization, and data translation. Overall, the
cloud federation stack is designed to facilitate collaboration and cooperation between
different cloud providers, enabling users to take advantage of a variety of cloud services and
resources without being tied to a single provider. By leveraging the cloud federation stack,
organizations can create a more flexible, scalable, and resilient cloud computing
infrastructure.
15. Explain the major cloud features of Google applications engine.

• GAE is a platform-as-a-service product that provides web app developers and enterprises
with access to Google's scalable hosting and tier 1 internet service.
• GAE requires that applications be written in Java or Python, store data in Google
Bigtable and use the Google query language. Noncompliant applications require
modification to use GAE.
• GAE provides more infrastructure than other scalable hosting services, such as Amazon
Elastic Compute Cloud (EC2). GAE also eliminates some system administration and
development tasks to make writing scalable applications easier.
• Google provides GAE free up to a certain amount of use for the following resources:

▪ processor (CPU)
▪ storage
▪ application programming interface (API) calls
▪ concurrent requests

Key features of GAE include the following:

• API selection. GAE has several built-in APIs, including the following five:

▪ Blobstore for serving large data objects;


▪ GAE Cloud Storage for storing data objects;
▪ Page Speed Service for automatically speeding up webpage load times;
▪ URL Fetch Service to issue HTTP requests and receive responses for efficiency and
scaling; and
▪ Memcache for a fully managed in-memory data store.

• Managed infrastructure. Google manages the back-end infrastructure for users. This
approach makes GAE a serverless platform and simplifies API management.
• Several programming languages. GAE supports a number of languages, including GO,
PHP, Java, Python, NodeJS, .NET and Ruby. It also supports custom runtimes.
• Support for legacy runtimes. GAE supports legacy runtimes, which are versions of
programming languages no longer maintained. Examples include Python 2.7, Java 8 and
Go 1.11.
• Application diagnostics. GAE lets users record data and run diagnostics on applications
to gauge performance.
• Security features. GAE enables users to define access policies with the GAE firewall
and managed Secure Sockets Layer/Transport Layer Security certificates for free.
• Traffic splitting. GAE lets users route requests to different application versions.
• Versioning. Applications in Google App Engine function as a set of microservices that
refer back to the main source code. Every time code is deployed to a service with the
corresponding GAE configuration files, a version of that service is created.

16. Write short notes on any two of the followings.


i. Hadoop Distributed File System(HDFS)

Hadoop Distributed File System

The Hadoop Distributed File System (HDFS) is a distributed file system for Hadoop. It contains
a master/slave architecture. This architecture consist of a single NameNode performs the role of
master, and multiple DataNodes performs the role of a slave.

Both NameNode and DataNode are capable enough to run on commodity machines. The Java
language is used to develop HDFS. So any machine that supports Java language can easily run
the NameNode and DataNode software.

ii. Job Tracker and Task Tracker


Job Tracker

• The role of Job Tracker is to accept the MapReduce jobs from client and process the data
by using NameNode.
• In response, NameNode provides metadata to Job Tracker.

Task Tracker

• It works as a slave node for Job Tracker.


• It receives task and code from Job Tracker and applies that code on the file. This process
can also be called as a Mapper.

17. What are the major functionalities of Hadoop API?

Modules of Hadoop

1. HDFS: Hadoop Distributed File System. Google published its paper GFS and on the basis
of that HDFS was developed. It states that the files will be broken into blocks and stored
in nodes over the distributed architecture.
2. Yarn: Yet another Resource Negotiator is used for job scheduling and manage the cluster.
3. Map Reduce: This is a framework which helps Java programs to do the parallel
computation on data using key value pair. The Map task takes input data and converts it
into a data set which can be computed in Key value pair. The output of Map task is
consumed by reduce task and then the out of reducer gives the desired result.
4. Hadoop Common: These Java libraries are used to start Hadoop and are used by other
Hadoop modules.

18. What is four level of Federation?


Four Levels of Federation:

Federation in the cloud is an ability to connect two or more cloud computing environment of
distinct cloud service providers. The federation can be classified into four types.

• Permissive federation
Permissive federation allows the interconnection of the cloud environment of two service
providers without the verifying identity of peer cloud using DNS lookups. This raises the
chances of domain spoofing.

• Verified Federation
Verified federation allows interconnection of the cloud environment, two service
providers, only after the peer cloud is identified using the information obtained from
DNS. Though the identity verification prevents spoofing the connection is still not
encrypted and there are chances of DNS attack.

• Encrypted Federation
Encrypted federation allows interconnection of the cloud environment of two services
provider only if the peer cloud supports transport layer security (TSL). The peer cloud
interested in the federation must provide the digital certificate which still provides
mutual authentication. Thus encrypted federation results in weak identity verification.

• Trusted Federation
Trusted federation allows two clouds from different provider to connect only under a
provision that the peer cloud support TSL along with that it provides a digital certificate
authorized by the certification authority (CA) that is trusted by the authenticating cloud.

19. Explain both advantages & disadvantages and open stack components.
Apart from various projects which constitute the OpenStack platform, there are nine major
services namely Nova, Neutron, Swift, Cinder, Keystone, Horizon, Ceilometer, and Heat.
Advantages of using OpenStack

• It boosts rapid provisioning of resources due to which orchestration and scaling up


and down of resources becomes easy.
• Deployment of applications using OpenStack does not consume a large amount of
time.
• Since resources are scalable therefore they are used more wisely and efficiently.
• The regulatory compliances associated with its usage are manageable.

Disadvantages of using OpenStack

• OpenStack is not very robust when orchestration is considered.


• Even today, the APIs provided and supported by OpenStack are not compatible with
many of the hybrid cloud providers, thus integrating solutions becomes difficult.
• Like all cloud service providers OpenStack services also come with the risk of
security breaches.

20. What do you mean by future of federation?

The future of the cloud is federated, and when you look at the broad categories of apps
moving to the cloud, the truth of this statement begins to become clear. Gaming, social
media, Web, eCommerce, publishing, CRM – these applications demand truly global
coverage, so that the user experience is always on, local and instant, with ultra-low latency.
That’s what the cloud has always promised to be.

The problem is that end users can’t get that from a single provider, no matter how large.

The federated cloud model is a force for real democratization in the cloud market. It’s how
businesses will be able to use local cloud providers to connect with customers, partners and
employees anywhere in the world. It’s how end users will finally get to realize the promise of the
cloud. And, it’s how data center operators and other service providers will finally be able to
compete with, and beat, today’s so-called global cloud providers.

You might also like