Cloud Computing Exam Notes

Cloud Computing

  • Delivery of computing services over the internet, not local hardware.
  • Key features: On-demand self-service, broad network access, scalability, pay-as-you-go pricing, resource pooling, high availability.
  • Types: Public, Private, Hybrid, Multi-Cloud
  • Service Models: IaaS, PaaS, SaaS
  • Benefits: Cost savings, efficiency, security, disaster recovery, global accessibility.

Public Cloud

  • Computing resources owned and operated by third-party providers (e.g., AWS, Azure, Google Cloud).
  • Shared resources (multi-tenant environment).
  • Advantages: Lower costs, high scalability, reliability, and security.
  • Disadvantages: Less control, security concerns, limited customization.
  • Use Cases: Web hosting, development, CRM (e.g., Salesforce), big data analytics.

Private Cloud

  • Dedicated infrastructure for a single organization.
  • Single-tenant environment with exclusive resources.
  • Advantages: Greater control, enhanced security, customization.
  • Disadvantages: High cost, scalability limitations, maintenance responsibility.
  • Use Cases: Government, financial, healthcare (HIPAA), large enterprises.

Hybrid Cloud

  • Combination of public and private clouds.
  • Data and application movement between clouds.
  • Advantages: Security of private cloud + scalability of public cloud, cost-efficiency, business continuity.
  • Disadvantages: Complex management, security risks, higher costs.
  • Use Cases: Enterprises balancing security and scalability, e-commerce, disaster recovery.

Multi-Cloud

  • Using multiple public cloud providers (e.g., AWS, Azure, Google Cloud).
  • Avoids vendor lock-in, optimizes costs and performance.
  • Advantages: Avoids vendor lock-in, optimized performance, enhanced resilience.
  • Disadvantages: Increased complexity, higher costs, security challenges.
  • Use Cases: Large enterprises, global infrastructure, redundancy.

Cloud Computing Types: Comparison

  • Public: Third-party, moderate security, low cost, high scalability, best for startups.
  • Private: Single organization, high security, high cost, limited scalability, best for enterprises needing high security.
  • Hybrid: Mix of public & private, high security, medium cost, high scalability, best for businesses needing security & scalability.
  • Multi-Cloud: Multiple public providers, varies security, high cost, high scalability, best for enterprises seeking vendor flexibility.

Cloud-Based Enterprise Solutions

  • Software and services hosted on cloud infrastructure.
  • Key types: ERP, CRM, HRM, Collaboration & Productivity Tools, Cloud Storage & Backup, Business Intelligence & Analytics, Cybersecurity & Compliance, Industry-Specific Solutions.
  • Benefits: Scalability, Cost-Efficiency, Security & Compliance, Accessibility, Automatic Updates.

Cost-Benefit Analysis (CBA)

  • Costs: Subscription fees, infrastructure costs, data transfer, security & compliance, migration & training.
  • Benefits: Reduced CapEx, Operational Efficiency, Pay-as-You-Go, Faster Deployment & Innovation, Improved Performance.
  • CBACBA Example:
    • Cloud-Based Solution: Low initial investment, managed maintenance, high scalability, automatic security updates, anytime accessibility.
    • On-Premises Solution: High initial investment, IT staff maintenance, limited scalability, manual patching, limited physical location.

Scalability

  • Vertical Scaling: Increase CPU, RAM, storage.
  • Horizontal Scaling: Add more servers.
  • Auto-Scaling: Adjust resources based on demand.
  • Global Reach: Deploy applications across multiple regions.
  • Benefits: Cost Efficiency, High Availability, Performance Optimization, Business Growth Support.

Security & Governance

  • Cloud Security Best Practices: Data Encryption, IAM, Threat Detection & AI-Powered Monitoring, Regular Security Audits, Disaster Recovery & Backups.
    Governance
  • Policy-Based Access Control: Restrict user access based on roles and permissions.
  • Cloud Security Posture Management (CSPM): Automates compliance enforcement and security configuration checks.
  • Audit Logging & Monitoring: Ensures visibility into security events and data access.
  • Data Residency & Sovereignty Policies: Ensures compliance with geographic data storage regulations.

Data Security & Compliance

  • Compliance Standards: GDPR, HIPAA, ISO 27001, SOC 2, PCI DSS.
  • Requirements: User data protection, encryption, access controls, risk management, security, availability, and confidentiality.

Cloud Governance Frameworks: Key Components

  • Security & Compliance: IAM, Data Security & Encryption, Regulatory Compliance (GDPR, HIPAA, SOC 2, PCI DSS), Audit Logging & Monitoring.
  • Cost & Resource Management: Cost Optimization, FinOps (Cloud Financial Management), Usage Monitoring & Alerts.
  • Performance & Reliability: Auto-Scaling & Load Balancing, Disaster Recovery & Business Continuity, SLA Management.

Cloud Governance Frameworks

  • NIST Cloud Computing Framework: Standardized cloud security, risk management, and compliance. Best for government agencies.
  • AWS Well-Architected Framework: Best practices for designing, securing, and optimizing AWS environments. Best for AWS customers seeking scalability, security, and cost efficiency.
  • Microsoft Azure Cloud Adoption Framework: Guide enterprises in cloud adoption and governance. Best for enterprises migrating to Azure.
  • Google Cloud Architecture Framework: Optimize security, reliability, and operational efficiency on Google Cloud. Best for companies using Google Cloud for analytics, AI, and big data workloads.
  • COBIT: IT governance framework for risk management, compliance, and decision-making. Best for Enterprises needing robust IT governance and compliance management.
  • CIS Cloud Security Framework: Security best practices for cloud environments. Best for organizations with strict security controls.
  • ISO/IEC 38500 IT Governance Framework: IT governance best practices, including cloud services. Best for Enterprises with global IT governance requirements.