Cloud Computing Final Chapter Review Sheets

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/254

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

255 Terms

1
New cards

Capacity Planning

The process of determining how much can be produced to meet future demands, with strategies like lead, lag, and match.

2
New cards

Lead capacity planning strategy

adds capacity before the demand increases

3
New cards

Lag capacity strategy planning

adds capacity after the demand increases, when the IT resource reaches full strategy

4
New cards

Match capacity planning strategy

adds capacity incrementally to align closely with demand changes

5
New cards

Cost Reduction

Strategies aimed at lowering IT expenses and aligning IT costs with business performance.

6
New cards

Organizational Agility

The ability of an organization to effectively respond to internal and external changes for success.

7
New cards

scaling

IT resources need _____ beyond predictions to adapt to business changes.

8
New cards

Clustering

Interconnected IT resources functioning as one system to decrease system failure rates and enhance availability.

9
New cards

Grid computing

Distributed computing system that connects multiple computers to work together on solving complex problems.

10
New cards

Virtualisation

Creates virtual instances of physical IT resources

11
New cards

Cloud

A remote IT resource provision environment that can be privately owned and offers metered access.

12
New cards

Scaling

The ability of IT resources to handle increased or decreased usage demands through horizontal and vertical scaling.

13
New cards

Horizontal scaling

(out and in) adding or removing identical resources

14
New cards

Vertical scaling

(up and down) increasing or decreasing resource capacity

15
New cards

Cloud Service

Any IT resource within a cloud made remotely accessible and offered through published APIs.

16
New cards

On-premise

IT resources located within an organization's premises that can interact with cloud-based resources.

17
New cards

Mitigation

Using legal contracts and SLAs to reduce risks and address potential issues in cloud computing.

18
New cards

Data Compliance

Following rules on data storage, access, and security to ensure compliance and benefit from cost-effective usage features.

19
New cards

Defined Roles

Specific responsibilities assigned to individuals and organizations within the cloud computing ecosystem.

20
New cards

Cloud provider

An organization/entity that offers cloud-based IT resources and services to customers

21
New cards

Cloud consumer

Any organization/individual that utilizes cloud-based IT resources provided by a cloud provider.

22
New cards

Cloud Service Owner

The legal entity/person who holds ownership rights over a particular cloud service

23
New cards

Cloud Resource Administrator

Individuals/organizations tasked with managing and administering cloud-based IT resources

24
New cards

Cloud Auditor

An external entity responsible for conducting independent assessments of cloud environments to evaluate security controls, privacy impacts, and performance

25
New cards

Cloud Broker

An intermediary entity that manages and negotiates cloud services on behalf of cloud consumers, providing services such as service intermediation, aggregation, and arbitrage

26
New cards

Cloud Carrier

A provider of wire-level connectivity between cloud consumers and cloud providers, often assumed by network and telecommunication providers

27
New cards

Organisational boundary

The extent to which an organization extends its trust into the cloud environment when utilizing cloud-based IT resources.

28
New cards

Characteristics of organizational boundary

on-demand usage, measured usage, ubiquitous access, multitenancy, resiliency, elasticity, resource pooling

29
New cards

Cloud Delivery Models

Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) models for cloud services.

30
New cards

Infrastructure-as-a-Service (IaaS)

Provides virtualised computing resources over the internet

31
New cards

Platform-as-a-Service (PaaS)

Provides a platform allowing customers to develop, run, and manage applications without dealing with the underlying infrastructure.

32
New cards

Software-as-a-Service (SaaS)

Delivers software applications over the internet on asubscription basis

33
New cards

Cloud Deployment Models

Public, Private, Community, and Hybrid Cloud models based on ownership, size, and access characteristics.

34
New cards

Public cloud

A cloud environment accessible to the general public, owned and operated by a third-party cloud provider.

35
New cards

Private cloud

A cloud environment owned and operated by a single organization, providing centralized access to cloud resources within the organization.

36
New cards

Community Cloud

Similar to a public cloud, but with access restricted to a specific community of cloud consumers, often sharing common interests or requirements

37
New cards

Hybrid Cloud

Combines multiple cloud deployment models, such as public and private clouds, to meet specific business needs and requirements

38
New cards

Variations

Different configurations/architectures within cloud deployment that offer additional flexibility and customization options for cloud computing environments

39
New cards

Virtual Private Cloud

A self-contained cloud environment hosted and managed by a public cloud provider, exclusively available to a cloud consumer

40
New cards

Inter-Cloud

An architecture cloud deployment model connecting two or more clouds

41
New cards

Cloud Computing

Relies on network connectivity for accessing IT resources, with most clouds being Internet-enabled for ubiquitous access.

42
New cards

Internet Service Provider (ISP)

A company that provides individuals/organizations with access to the Internet and related services like email, web hosting, and online storage.

43
New cards

Tier 1, Tier 2, Tier 3

Different levels of network providers in the Internet topology, with Tier 1 being international cloud providers overseeing vast networks.

44
New cards

Tier 1

International cloud providers overseeing vast networks; cloud consumers and providers can establish direct connections through tier 1 providers

45
New cards

Tier 2

Includes large regional providers interconnected with Tier 1

46
New cards

Tier 3

Includes local ISPs linked to Tiers 2 and 1

47
New cards

Packet Switching

Connectionless method fundamental for data transmission, where routers process and forward packets individually to manage network traffic efficiently.

48
New cards

Latency

Time for a packet to travel, increases with nodes and loads

49
New cards

Quality of Service (QoS)

Operates on a "best effort" basis, affected by latency and dynamic routing, impacting packet speeds based on network conditions.

50
New cards

Dynamic routing

Impacts packet speeds, and varies with network conditions

51
New cards

Virtualization

Process of creating virtual versions of computers and networks to simplify IT by abstracting physical resources into virtual components for easier allocation and control.

52
New cards

Transport Layer Protocol

Includes TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) for standardized communication guiding data packets across the Internet.

53
New cards

Virtualisation layer

Operational tools based on virtualisation platforms.

54
New cards

Hypervisor

Virtualization software managing virtual machines and resources, essential for allocation and usage management, on the physical (hardware) layer

55
New cards

Multitenant Technology

Allows multiple users to access the same application logic simultaneously, ensuring user isolation, data security, and scalability.

56
New cards

Tenants can customise

user interface, business process (rules & logic), data model (include, exclude, rename fields), access control rights

57
New cards

Multitenant applications ensure

user isolation, data tier isolation , data security, recovery, scalability, application upgrades, metered usage

58
New cards

Web Services

Utilized for complex web-based service logic, with SOAP-based services using WSDL, XML Schema, SOAP, and UDDI for defining APIs and messaging formats.

59
New cards

REST services

Web services that use standard HTTP methods to access and manage resources, making it easy to interact with cloud applications.

60
New cards

Service Agents

Catch messages during runtime to enable dynamic event-driven operations and service integration.

61
New cards

Kind of service agents

active and passive agents

62
New cards

Active Agent

Modify messages

63
New cards

Passive Agent

Read messages for monitoring

64
New cards

Service Middleware

Evolved from MOM platforms, includes ESB for service brokerage and routing, and orchestration platforms for workflow execution within cloud environments.

65
New cards

Containerisation

Packaging apps for easy and consistent running.

66
New cards

Container architecture

Container, container engine, container build file, container image, pods

67
New cards

Container

Light-weight software packages that have all of the necessary elements to run in any cloud environment. It is an executable instance of a container image

68
New cards

Container engine

A specialised software for container management

69
New cards

Container build file

Specifies application requirements

70
New cards

Container image

An unchangeable, read-only image used for container deployment.

71
New cards

Pods

Groups of containers that share resources and the same IP address, allowing multiple isolated applications to run together.

72
New cards

Information Security

Involves techniques, technologies, regulations, and behaviors to protect computer systems and data

73
New cards

3 terms that measure security

  1. Confidentiality - to ensure that information is accessible only to those authorized toaccess it.

  2. Integrity - to ensure that the information is accurate and complete and has not been tampered with.

  3. Availability - to ensure that authorized users have access to the information and associated assets when needed.

74
New cards

3 terms to measure insecurity

1. Vulnerability - a weakness in the system that can be exploited by threats.

2. Threat - a potential cause of an unwanted incident, which may result in harm to a system or organization.

3. Risk - the potential for loss/damage/destruction of an asset as a result of a threat exploiting a vulnerability

75
New cards

3 terms to establish safeguards to improve security

1. Security Measures - countermeasures to prevent or respond to threats.

2. Security Mechanisms - components of defensive frameworks protecting IT resources.

3. Security Policies - a set of rules and regulations for security and define implementation and enforcement of security measures

76
New cards

Threat Agent

Entities that are capable of carrying out attacks

77
New cards

Types of threat agents

Anonymous attack, trusted attack, malicious service agent, malicious insider

78
New cards

Anonymous Attacker

Attacks from outside the cloud trusted boundary.

79
New cards

Trusted Attacker

Misuses authorized access inside the cloud trusted boundary.

80
New cards

Malicious Service Agent

External cloud service provider that messes with cloud traffic.

81
New cards

Malicious Insider

Past employee that causes harm with pre-existing cloud access.

82
New cards

Common threats in cloud-based environments

Traffic eavesdropping, malicious intermediary threat, resource overload, insufficient authorisation, overlapping trust boundaries, virtualisation attacks, container attacks, DoS (Denial of Service) attacks

83
New cards

Traffic Eavesdropping

Occurs when a malicious service agent sneakily listens in on data going to or within the cloud to steal information.

84
New cards

Malicious Intermediary Threat

Occurs when a malicious service agent sneakily reads and modifies messages

85
New cards

Resource Overload

Excessive demands on virtual servers leading to service outages.

86
New cards

Insufficient Authorization

Occurs when wrong or broad access allows attackers to get into protected data

87
New cards

Virtualization Attacks

Exploiting vulnerabilities in the virtualization layer to gain unauthorized access and lets attackers take control and see confidential data

88
New cards

Container Attacks

Exploiting vulnerabilities and tampering in containerized applications (in the software that controls containers)

89
New cards

Overlapping trust boundaries

In a multi-tenant cloud environment can lead to data leakage and unauthorized access across different tenants

90
New cards

Denial of Service (DoS) Attacks

Occurs when too many requests overwhelm the cloud, making it crash and causing major trouble

91
New cards

Potential errors

flawed implementations, security policy disparity, contracts & SLAs, risk management

92
New cards

Logical Network Perimeter

A virtual boundary to isolate cloud-based IT resources from the wider communication network

93
New cards

Why is the Logical Network Perimeter implemented?

To isolate IT resources in a cloud from non-authorised users, non-users, cloud consumers and to control the bandwidth available to isolated IT resources

94
New cards

Key components (devices) used in the Logical Network Perimeter

Virtual firewall (active filter of network traffic to and from isolated network) and virtual network (utilised VLANS that isolates the network environment within the data centre infrastructure)

95
New cards

Virtual Server

A form of virtualisation software imitating a physical server

96
New cards

Cloud storage device mechanism

A storage system designed for cloud use, where capacity is allocated in fixed increments.

97
New cards

Cloud storage levels

blocks, files, datasets, objects

98
New cards

Files

A cloud storage level that is a collection of data grouped into files located in folders

99
New cards

Blocks

The lowest level of cloud storage closest to the hardware; the smallest unit of data individually accessible

100
New cards

Dataset

A cloud storage level that is a sets of data are organized into a table-based, delimited, or record format.