CC Assignment 1
CC Assignment 1
b. Cloud Bursting: A hybrid cloud strategy where an application runs in a private cloud but
expands to a public cloud during high demand to handle traffic spikes.
d. Load Balancing: A technique that distributes incoming network traffic across multiple servers
to optimize performance, prevent overload, and ensure high availability.
e. Hybrid Cloud: A computing environment that combines private and public clouds, allowing
data and applications to move between them for better flexibility and optimization.
f. DevOps: A set of practices that integrates software development (Dev) and IT operations
(Ops) to enhance collaboration, automation, and continuous delivery.
g. Docker: An open-source platform that enables developers to build, package, and deploy
applications in lightweight, portable containers.
i. Multi-cloud: The use of multiple cloud services from different providers (e.g., AWS, Azure,
Google Cloud) to avoid vendor lock-in and improve redundancy.
j. Cloud Service Providers (CSP): Companies that offer cloud computing services, including
infrastructure, platforms, and software, such as AWS, Microsoft Azure, and Google Cloud.
k. Cloud Delivery Model: The method by which cloud services are provided, categorized into
IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a
Service).
Q3. Risks and Challenges in Cloud Models.
1. Security Risks: Cloud environments are vulnerable to data breaches, insider threats,
and cyberattacks like malware and phishing.
2. Data Privacy & Compliance: Organizations must ensure compliance with regulations
like GDPR, HIPAA, and PCI-DSS, which can be complex across different regions.
3. Limited Visibility & Control: Cloud providers manage the infrastructure, limiting
customers’ control over security, monitoring, and data governance.
4. Downtime & Service Outages: Cloud providers may experience outages, affecting
business continuity and access to critical data and applications.
5. Vendor Lock-in: Migrating between cloud providers can be complex and costly due to
proprietary technologies and dependencies.
6. Cost Management: Pay-as-you-go pricing can lead to unexpected expenses if
resources are not monitored and optimized.
7. Shared Responsibility Model: Cloud security is a joint effort between providers and
users, requiring clear policies to avoid misconfigurations and data leaks.
8. Data Loss & Recovery: Improper backups, accidental deletions, or cloud failures can
result in data loss if disaster recovery plans are inadequate.
9. Performance Issues: Network latency and bandwidth limitations can impact application
performance, especially for real-time processing.
10.Compliance with Industry Standards: Different industries have specific cloud security
and governance requirements that must be continuously managed.
. Security Servers:
Securing network access and related equipment is very important in this modern
where AAA servers help easily manage all of the infrastructure from a single
Software providers of network security and access control platforms use three
once the Network Access Server (NAS) receives and accepts the request
by the user.
The CIA Triad is a core concept in information security, representing three key principles that
guide how data should be protected in digital systems. These principles—Confidentiality,
Integrity, and Availability—serve as the foundation for creating robust security frameworks,
ensuring that sensitive information is kept safe, accurate, and accessible. Together, they form
the essential pillars of a well-balanced security policy.
1. Confidentiality: Protecting Sensitive Information
Confidentiality refers to the protection of data from unauthorized access or disclosure. The goal
is to ensure that only authorized individuals or systems can access specific information, thereby
preventing data breaches and leaks. Techniques used to maintain confidentiality include:
Authentication: Verifying the identity of users or devices trying to access systems or data.
Integrity involves maintaining the accuracy, consistency, and trustworthiness of data throughout
its lifecycle. The goal is to ensure that data remains unaltered unless modified by authorized
parties and that no unintended changes or corruption occur. Techniques for ensuring integrity
include:
Hashing: Generating unique hashes for data, ensuring it hasn’t been altered.
Digital Signatures: Verifying that data or communications have not been tampered with during
transmission.
Checksums: Verifying data integrity through calculations before and after transmission or
storage.
Availability ensures that information and resources are accessible and usable when required by
authorized users. This principle focuses on maintaining the continuous operation of systems,
applications, and networks, preventing disruptions or downtimes that might impact business
operations. Strategies to ensure availability include:
Redundancy: Using backup systems or data replication to provide failover capabilities in case of
hardware failure.
Load Balancing: Distributing workloads across multiple systems to ensure no single point of
failure.
Disaster Recovery and Backup Systems: Ensuring rapid recovery in case of natural disasters,
cyberattacks, or hardware failures.
User's Manage and configure Focus on building and Use the software as
responsibility virtual machines, deploying apps; no provided without
networks, and storage. need to manage worrying about updates
underlying or infrastructure.
infrastructure.
Control High control over the Moderate control, Minimal control; users
operating system, focused on app only interact with the
middleware, and development and application itself.
applications. deployment.
Use cases Hosting websites, Building custom web Using web-based
running virtual apps or deploying applications for
machines, or setting up web-based software. everyday business or
cloud storage. personal tasks.
A Type-1 hypervisor runs directly on the physical hardware of the host machine, without
needing an underlying operating system. It is often referred to as a bare-metal hypervisor. The
hypervisor itself manages the hardware resources and allocates them to the virtual machines.
Key Characteristics:
● Direct Hardware Access: It interacts directly with the physical hardware, which typically
results in better performance and efficiency.
● No Host OS: There is no need for a separate operating system; the hypervisor itself acts
as the operating system for the host machine.
● Performance: Since there is no intermediary operating system, Type-1 hypervisors
typically offer superior performance and resource management.
● Security: These hypervisors tend to be more secure, as there are fewer layers (e.g., no
guest OS to secure) and less risk of vulnerabilities in the host OS.
● Use Cases: Type-1 hypervisors are generally used in enterprise environments, data
centers, and cloud platforms where performance, scalability, and security are critical.
● VMware ESXi
● Microsoft Hyper-V (when installed directly on hardware)
● Xen
● KVM (Kernel-based Virtual Machine)
A Type-2 hypervisor runs on top of an existing operating system (called the host OS). It
uses the resources and services provided by the host OS to manage virtual machines.
Essentially, the host OS manages the hardware, and the Type-2 hypervisor acts as a middle
layer between the host OS and the virtual machines.
Key Characteristics:
● VMware Workstation
● Oracle VirtualBox
● Parallels Desktop
● Microsoft Virtual PC
Accessibility
● Data can be accessed from anywhere, on any device with internet connectivity, allowing
for easy remote work and collaboration.
Cost-Efficiency
● Eliminates the need to purchase, maintain, and upgrade physical storage hardware.
Users only pay for the storage they use, reducing overall IT costs.
Scalability
● Cloud storage offers on-demand scaling, allowing users to easily increase or decrease
storage capacity as their needs change without needing to invest in physical
infrastructure.
Security
● Cloud providers implement robust security measures like encryption, firewalls, and
multi-factor authentication to protect data, offering higher levels of security compared to
traditional storage methods.
● Cloud storage offers automated backups, reducing the risk of data loss due to hardware
failure or disasters. It also facilitates quick data recovery when needed.
Collaboration
● Enables multiple users to access and work on files simultaneously, improving team
collaboration and productivity, especially for remote or distributed teams.
Automatic Updates and Maintenance
● Cloud service providers manage and update the infrastructure, ensuring the latest
features and security patches are automatically applied, reducing the burden on IT
teams.
Disaster Recovery
● Cloud storage offers built-in disaster recovery solutions, ensuring data is stored
redundantly across multiple locations, minimizing downtime in case of a disaster.
Environmentally Friendly
● By sharing resources and using centralized data centers, cloud storage reduces the
energy consumption associated with on-premises storage systems, contributing to more
sustainable practices.
Easy Integration
● Cloud storage can seamlessly integrate with other cloud-based services and
applications, providing a unified solution for businesses.
**Virtualization in Cloud Computing** is the technology that allows the creation of virtual (rather
than physical) versions of resources like servers, storage devices, networks, or operating
systems. It enables the abstraction and pooling of physical resources into virtual environments
that can be managed and allocated dynamically.
In cloud computing, virtualization allows multiple virtual machines (VMs) to run on a single
physical machine, optimizing resource usage and providing flexibility, scalability, and isolation
for different workloads.
1. **Resource Optimization:**
Virtualization enables efficient use of physical hardware by allowing multiple VMs to share the
same physical resources, leading to better resource utilization.
2. **Scalability:**
It allows the dynamic creation, scaling, and management of virtual resources based on
demand, which is essential for cloud environments.
3. **Cost Efficiency:**
By consolidating hardware resources, virtualization reduces the need for physical
infrastructure and lowers operational costs.
5. **Flexibility:**
Virtual machines can run different operating systems and applications on the same physical
hardware, providing flexibility for diverse workloads.
6. **Simplified Management:**
Virtualization makes it easier to manage, allocate, and monitor resources, helping cloud
service providers and users to scale their infrastructure with minimal complexity.
1. **Server Virtualization:**
The process of creating virtual servers from physical servers. It allows multiple virtual servers
to run on a single physical machine, optimizing hardware usage.
2. **Storage Virtualization:**
This combines multiple physical storage devices into a single, logical storage unit, making
data storage and management more efficient.
3. **Network Virtualization:**
It abstracts network resources into virtual components, allowing for better network
management and scalability.
4. **Desktop Virtualization:**
Provides users with virtual desktops that can be accessed remotely, allowing for centralized
management of desktop environments.
In summary, virtualization is a core technology in cloud computing that enables the efficient,
scalable, and flexible use of computing resources, improving both performance and
cost-effectiveness in cloud environments.
Private
An exclusive cloud computing environment typically dedicated to one organisation.
May be deployed on-premises or in 3rd party data centers.
When in 3rd party locations, it is either managed, virtual, or hosted.
Private cloud provides specific operations such as appropriate clustering, data replication,
system monitoring, and maintenance, disaster recovery, and other uptime services.
Public
It is a cloud deployment model that entails cloud computing resources delivered over the
internet by a CSP .
Resources, particularly hardware resources, are not dedicated to one user.
They are managed by third parties which provide cloud services over the internet to the public,
these services are available as pay-as-you-go billing models.
They offer solutions for minimizing IT infrastructure costs and become a good option for
handling peak loads on the local infrastructure.
Hybrid
It is a cloud deployment model that fuses the benefits of public & private cloud computing.
Takes advantage of security & control of private cloud services & merges it with the flexibility &
cost-efficiency of a public cloud.
A hybrid cloud is totally safe and secure because it works on the distributed system network.
It is available at a cheaper cost than other clouds because it is formed by a distributed system.
Community/Multi-Cloud
An emerging cloud deployment model where users combine services across multiple cloud
service provider platforms.
May be a combination of only public cloud services or both public & private cloud services.
In the community cloud, the infrastructure is shared between organizations that have shared
concerns or tasks.
Each type addresses different needs, ranging from improving performance and scalability to
enabling advanced technologies like AI and quantum computing.
12.What is VMware and explain its features.
VMware is a company that develops virtualization software, which allows users to run virtual
computers on physical computers.