Cloud Question Paper

Q1) Solve any Five of the following: [5]

a) What are cloud enabling technologies?

Technologies enabling cloud computing include:

1. Virtualization: Creates multiple virtual machines on a single physical device.

2. High-Speed Internet: Ensures seamless access to cloud services.
3. Grid Computing: Links computers for scalable tasks.
4. SOA (Service-Oriented Architecture): Enables modular, reusable cloud applications.
5. Web Services: Facilitates interaction via APIs.
6. Data Center Automation: Automates infrastructure management.

b) What is multitenancy?
Multitenancy is an architecture where a single software instance serves multiple customers
(tenants). Each tenant's data is isolated, ensuring security and resource sharing.

c) What is PaaS?
Platform as a Service (PaaS) provides a cloud environment for developing, running, and
managing applications without managing infrastructure. Examples: Google App Engine,
Microsoft Azure, Heroku.

d) Benefits of cloud computing:

1. Cost Efficiency
2. Scalability
3. Accessibility
4. Disaster Recovery
5. Automatic Updates
6. Security

e) Platforms for large-scale cloud computing:

1. Amazon Web Services (AWS)

2. Microsoft Azure
3. Google Cloud Platform (GCP)
4. IBM Cloud
5. Oracle Cloud
6. Alibaba Cloud

f) Amazon cloud storage services:

 1. Amazon S3
2. Amazon EBS
3. Amazon EFS
4. Amazon Glacier
5. Amazon FSx
6. AWS Storage Gateway

Q2) Attempt the following. [10]

a) i) What is a Data Center? [2]

Ans:
A Data Center is a physical facility used to house computer systems, servers, and associated
components such as storage devices, networking equipment, and backup power systems. It is a
central location where organizations store and manage their data, run applications, and perform
processing tasks. Data centers provide the infrastructure needed for reliable IT operations, high
availability, and disaster recovery. They are designed for security, efficiency, scalability, and reliability.

a) ii) What is Load Balancing? Explain any one type with detail. [4]

Ans:
Load Balancing is the process of distributing network traffic or computing tasks across multiple
servers or resources to ensure no single server or resource is overwhelmed. This improves the
performance, reliability, and availability of applications by ensuring that workloads are evenly
distributed.

There are various types of load balancing, including:

1. Round-Robin Load Balancing:

o Explanation: In this type of load balancing, the incoming requests are distributed
evenly across all available servers in a sequential, circular manner. Each server gets
an equal share of the requests.

o Example: If there are 3 servers (A, B, and C), the first request goes to A, the second
to B, the third to C, and the cycle repeats.

o Pros: Simple to implement and works well when all servers have the same
processing power and capacity.

o Cons: Does not consider the actual load or capacity of the server; it assumes all
servers are identical in performance.
b) Explain detailed Cloud Computing Architecture. [4]

Ans:
Cloud computing architecture is a structured framework of various components that work together
to deliver cloud services. It is typically divided into three layers:

1. Front-end layer (Client side):

o This is the interface through which users interact with the cloud system. It can
include a user’s device (laptop, smartphone, etc.) running applications or browsers
that access cloud services.

o Common technologies include web browsers, mobile apps, and other client
applications that access cloud resources.

2. Back-end layer (Cloud side):

o This is the core infrastructure where the cloud services are hosted, managed, and
processed. It consists of servers, databases, storage, networking resources, and
computing power.

o The back-end consists of:

 Cloud service providers that maintain the data centers where cloud
infrastructure is housed.

 Virtualization technology that allows multiple virtual instances to be run on

physical hardware.

 Databases and storage systems to store and manage data.

 Networking infrastructure for communication between front-end clients and

cloud services.

3. Middleware:

o Middleware is the software layer that connects the front-end and back-end layers. It
helps to manage communication, data exchange, and service orchestration between
the user interface and cloud resources.

o This layer is responsible for ensuring that cloud applications run efficiently and
securely.

4. Cloud Service Models:

o IaaS (Infrastructure as a Service): Provides virtualized computing resources over the

internet.

o PaaS (Platform as a Service): Offers a platform for building, running, and managing
applications.

o SaaS (Software as a Service): Delivers software applications over the internet,

removing the need for local installation.

Q3) Attempt the following. [10]

a) i) What is MFA? [2]

Ans:
MFA (Multi-Factor Authentication) is a security process in which users are required to provide two
or more verification factors to gain access to a resource (e.g., application, network, or device). These
factors typically fall into three categories:

1. Something you know (e.g., password, PIN).

2. Something you have (e.g., smartphone, hardware token).

3. Something you are (e.g., fingerprint, retina scan).

MFA enhances security by requiring multiple forms of authentication, making it more difficult for
unauthorized users to access systems.

a) ii) What are the benefits and challenges of cloud security monitoring? [4]

Ans:

Benefits of Cloud Security Monitoring:

1. Continuous Monitoring: Cloud security monitoring provides constant vigilance over data,
applications, and infrastructure to detect vulnerabilities or threats in real time.

2. Automated Threat Detection: Automated tools can continuously analyze and detect
potential security incidents, reducing the need for manual intervention.

3. Compliance and Risk Management: Monitoring ensures compliance with security

regulations (e.g., GDPR, HIPAA) by keeping track of data access and ensuring sensitive
information is protected.

4. Incident Response: Faster identification and response to potential breaches allow for quicker
mitigation, minimizing the impact of security threats.

Challenges of Cloud Security Monitoring:

1. Data Privacy Concerns: Cloud providers may have access to sensitive data, leading to
concerns about data leakage or unauthorized access.

2. Complexity: With diverse cloud environments (private, public, hybrid), monitoring security
across different platforms can become complex, requiring specialized tools and knowledge.

3. Shared Responsibility Model: Security responsibilities are often divided between the cloud
provider and the client, which can lead to confusion over which party is responsible for
specific security tasks.

4. Resource Overload: The sheer volume of data generated by cloud services can overwhelm
security monitoring systems, making it difficult to identify critical threats promptly.

b) Describe Amazon Cloud Services in detail.

Ans:
Amazon Web Services (AWS) offers a wide range of cloud services that cater to computing, storage,
networking, machine learning, security, and more. Key services include:

1. Compute Services:

o Amazon EC2 (Elastic Compute Cloud): Provides resizable compute capacity in the
cloud, allowing users to run virtual servers and scale computing power as needed.

o AWS Lambda: A serverless computing service that lets users run code without
provisioning or managing servers. It automatically scales based on demand.

2. Storage Services:

o Amazon S3 (Simple Storage Service): Object storage that provides scalable, durable,
and low-latency storage for data and backups.

o Amazon EBS (Elastic Block Store): Block storage used with EC2 instances, providing
persistent data storage.

o Amazon Glacier: A low-cost storage service for archiving and backup with retrieval
times in hours.

3. Database Services:

o Amazon RDS (Relational Database Service): A managed database service supporting

multiple database engines like MySQL, PostgreSQL, and Oracle.

o Amazon DynamoDB: A fully managed NoSQL database service for high-performance,

low-latency applications.

4. Networking Services:

o Amazon VPC (Virtual Private Cloud): A service that allows users to create isolated
networks within the AWS cloud.

o Amazon Route 53: A scalable domain name system (DNS) service that routes end-
user requests to the appropriate AWS service.

5. Machine Learning Services:

o Amazon SageMaker: A fully managed service that provides tools for building,
training, and deploying machine learning models at scale.

o AWS Rekognition: A service that uses deep learning to analyze images and videos for
object and facial recognition.

6. Security & Identity:

o AWS IAM (Identity and Access Management): A service that helps control access to
AWS services and resources securely.

o AWS KMS (Key Management Service): A managed service for creating and
controlling encryption keys used to secure data.

7. Content Delivery:
 o Amazon CloudFront: A content delivery network (CDN) that speeds up the delivery
of static and dynamic content to users globally.

AWS offers a flexible, scalable, and secure platform, supporting a wide variety of applications, from
web and mobile apps to big data analytics and AI/ML workflows.

Q4) Attempt the following. [10]

a) i) What is Hypervisor in cloud computing? [2]

Ans:
A Hypervisor is a software layer or virtual machine monitor that enables virtualization by allowing
multiple virtual machines (VMs) to run on a single physical machine. It abstracts the underlying
hardware and allocates resources to each virtual machine. There are two types of hypervisors:

1. Type 1 (Bare-metal hypervisor): Runs directly on the physical hardware and manages virtual
machines without an operating system. Examples: VMware vSphere, Microsoft Hyper-V.

2. Type 2 (Hosted hypervisor): Runs on top of a host operating system and relies on the host
OS for resource management. Examples: VMware Workstation, Oracle VirtualBox.

Hypervisors are crucial for cloud computing, as they enable efficient resource allocation, isolation of
workloads, and scaling of virtualized environments.

a) ii) Write a short note on virtualization. [4]

Ans:
Virtualization is the process of creating virtual (rather than physical) versions of resources, such as
servers, storage devices, and networks, in a computing environment. It enables multiple operating
systems or applications to run on a single physical machine, each isolated from the others.
Virtualization abstracts and divides physical resources into multiple virtual environments, each of
which can be managed independently.

Types of virtualization:

1. Server Virtualization: Splits a physical server into multiple virtual machines (VMs) that run
different operating systems. It allows for better resource utilization and flexibility.

2. Storage Virtualization: Combines multiple physical storage devices into a single virtual unit,
simplifying storage management.

3. Network Virtualization: Abstracts network resources to create multiple virtual networks

within a single physical network.
 4. Desktop Virtualization: Allows users to access virtual desktops from any device, centralizing
management and improving security.

Benefits of virtualization include improved resource utilization, flexibility, scalability, easier

management, and isolation of applications.

b) Explain various components of Azure cloud platform. [4]

Ans:
The Azure cloud platform is a comprehensive cloud computing service offered by Microsoft that
provides a variety of services for building, deploying, and managing applications through Microsoft-
managed data centers. It consists of several key components:

1. Compute:

o Azure Virtual Machines (VMs): Provides scalable, on-demand compute capacity.

o Azure App Services: A platform for hosting web apps, APIs, and mobile backends.

o Azure Kubernetes Service (AKS): A managed Kubernetes service for containerized

applications.

2. Storage:

o Azure Blob Storage: Object storage for unstructured data like images, videos, and
backups.

o Azure Disk Storage: Persistent storage for Azure VMs, allowing data to persist
beyond VM lifecycles.

o Azure Files: Managed file shares for cloud or on-premises access.

3. Networking:

o Azure Virtual Network: Provides an isolated environment for securely connecting

Azure resources.

o Azure Load Balancer: Distributes incoming traffic across multiple Azure resources.

o Azure Content Delivery Network (CDN): Delivers content to users globally with low
latency.

4. Security and Identity:

o Azure Active Directory (AD): Identity and access management service to

authenticate and authorize users.

o Azure Key Vault: Manages secrets, encryption keys, and certificates.

o Azure Security Center: Provides unified security management and threat protection.

5. Database:

o Azure SQL Database: A fully-managed relational database service.

 o Azure Cosmos DB: A globally distributed, multi-model database service for large-
scale applications.

6. Analytics:

o Azure Synapse Analytics: An integrated analytics service for big data and data
warehousing.

o Azure Data Lake Storage: A scalable data storage solution for big data analytics.

7. AI and Machine Learning:

o Azure Cognitive Services: A suite of AI services for natural language processing,

computer vision, and more.

o Azure Machine Learning: A platform for building, training, and deploying machine
learning models.

Azure’s vast range of services and global reach allows developers and businesses to build flexible,
scalable applications and efficiently manage resources.

Q5) Attempt any two of the following. [10]

a) Write the difference between physical clusters and virtual clusters. [5]

Ans:
Physical Clusters and Virtual Clusters differ in the way resources are allocated and managed:

Aspect Physical Clusters Virtual Clusters

Physical clusters consist of multiple Virtual clusters consist of multiple virtual

Definition physical machines (servers) connected machines (VMs) running on a shared
together to work as a single unit. physical infrastructure.

Resource Resources like CPU, memory, and storage Resources are abstracted and shared
Aspect Physical Clusters Virtual Clusters

across multiple virtual machines on a

Allocation are directly assigned to physical servers.
hypervisor.

Requires manual intervention for physical Virtual resources can be dynamically

Management hardware maintenance, scaling, and fault allocated, provisioned, and scaled using
tolerance. cloud management platforms.

Generally higher due to hardware costs Lower cost due to sharing physical
Cost
and maintenance. resources and flexible scaling.

Less flexible as adding or removing More flexible, as VMs can be added,

Flexibility physical hardware is a time-consuming removed, or resized quickly in the cloud
task. environment.

b) Explain virtual machine provisioning & manageability. [5]

Ans:
Virtual Machine Provisioning refers to the process of creating and configuring virtual machines in a
cloud or virtualized environment. It involves the following steps:

1. VM Creation: A virtual machine is created by allocating a set amount of CPU, memory,

storage, and network resources. The user can specify the operating system and software
environment.

2. Template Selection: Pre-configured VM templates can be used to deploy multiple VMs with
similar configurations quickly.

3. VM Configuration: The virtual machine is configured with necessary parameters such as IP

addresses, network settings, and disk configurations.

4. Deployment: The VM is deployed to the virtualized infrastructure, where it can start running
applications or services.

Virtual Machine Manageability involves monitoring, scaling, updating, and securing VMs once they
are provisioned. It includes:

1. Monitoring: Tools like Azure Monitor or VMware vCenter allow administrators to track the
performance and health of VMs, including CPU usage, memory usage, and disk I/O.

2. Scaling: VMs can be dynamically scaled up or down based on demand, ensuring optimal
resource utilization.

3. Patch Management: Regular updates and patches are applied to maintain the security and
stability of the virtual machines.

4. Snapshotting: Snapshots or backups are taken to preserve the state of VMs for disaster
recovery or migration.

5. Security: Firewalls, encryption, and access control are applied to ensure VMs are secure and
compliant.
c) Write short note on. [5]

i) Security Architecture Design

Ans:
Security Architecture Design refers to the process of creating a framework to protect an
organization's assets and ensure the confidentiality, integrity, and availability of its systems and data.
It involves defining the structure, components, and policies that guide the design and
implementation of secure systems. The architecture includes:

1. Authentication and Authorization: Ensuring that only authorized users can access resources.

2. Data Protection: Using encryption and secure storage to protect sensitive information.

3. Network Security: Implementing firewalls, intrusion detection systems, and secure

communication protocols.

4. Security Policies: Defining rules and guidelines for securing systems and data.

ii) Identity and Access Management (IAM)

Ans:
Identity and Access Management (IAM) is a framework that enables organizations to manage and
control user access to resources in a secure and efficient manner. IAM ensures that the right
individuals have the appropriate access to resources at the right times and for the right reasons. Key
components of IAM include:

1. Identity Management: Managing user identities and ensuring they are authenticated
correctly.

2. Access Control: Defining and enforcing who can access what resources based on roles or
policies.

3. Authentication: Verifying the identity of users through various methods (e.g., passwords,
biometrics, MFA).

4. Authorization: Ensuring users are granted the correct permissions to access specific
resources.

5. Audit: Tracking and logging access events for security and compliance purposes.

IAM is essential for maintaining security in cloud environments and ensuring compliance with
regulatory standards.