Public vs Private Cloud Overview
45 Questions
0 Views

Public vs Private Cloud Overview

Created by
@SupportiveMoscovium

Podcast Beta

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What characterizes a private cloud?

  • It must be hosted on-site by the organization.
  • It can only be managed by the organization itself.
  • It is provisioned exclusively for a single organization. (correct)
  • It is accessible to the general public.
  • Which of the following is an example of a private cloud service?

  • Amazon VPC (correct)
  • Dropbox
  • Microsoft OneDrive
  • Google Cloud Platform
  • What is a common misconception about private clouds?

  • They are inherently more secure than all public clouds.
  • They can only be managed on the organization’s premises. (correct)
  • They require less IT skill to manage than public clouds.
  • They provide more flexibility than public clouds.
  • In which scenario is a private cloud considered on-site?

    <p>When it is implemented at a customer's premises.</p> Signup and view all the answers

    What is a key requirement for organizations using an on-site private cloud?

    <p>They require IT skills to manage their devices and cloud.</p> Signup and view all the answers

    What is a primary concern for organizations considering the use of an on-site private cloud?

    <p>The need for a robust network infrastructure.</p> Signup and view all the answers

    What does the security perimeter of an on-site private cloud signify?

    <p>It allows subscribers to exercise control over their resources.</p> Signup and view all the answers

    Which of the following best describes outsourced private clouds?

    <p>They consist of servers managed by a hosting company.</p> Signup and view all the answers

    What is a potential risk of workloads residing concurrently on the same systems in an on-site private cloud?

    <p>Risk of exposure due to software flaws</p> Signup and view all the answers

    What impacts the on-demand bulk data import/export capabilities in an on-site private cloud?

    <p>The network capacity of the on-site private cloud</p> Signup and view all the answers

    What is a significant financial consideration when migrating to an on-site private cloud?

    <p>Significant-to-high up-front costs for setup</p> Signup and view all the answers

    Which aspect of an on-site private cloud is dependent on anticipated workloads?

    <p>Fixed computing and storage capacity</p> Signup and view all the answers

    What allows a subscriber to enhance security against external threats in an on-site private cloud?

    <p>Implementing a strong security perimeter</p> Signup and view all the answers

    What feature distinguishes an outsourced private cloud from an on-site private cloud?

    <p>Two security perimeters joined by a protected communications link</p> Signup and view all the answers

    Why might real-time processing be problematic in an on-site private cloud?

    <p>Because of network capacity limitations</p> Signup and view all the answers

    Which statement is true regarding client workload security in an on-site private cloud?

    <p>Access policies can mitigate risks of exposing client workloads.</p> Signup and view all the answers

    What primarily influences the security of data in an outsourced private cloud?

    <p>The strength and availability of security perimeters</p> Signup and view all the answers

    Which of the following is a key risk associated with multi-tenancy in an outsourced private cloud?

    <p>Implications similar to those of on-site private cloud</p> Signup and view all the answers

    What is a potential limitation when conducting bulk data import/export in an outsourced private cloud?

    <p>Network capacity between the provider and subscriber</p> Signup and view all the answers

    What main costs might a subscriber incur when migrating to an outsourced private cloud?

    <p>Negotiating the service level agreement (SLA)</p> Signup and view all the answers

    How can communication limitations in an outsourced private cloud scenario be addressed?

    <p>By provisioning high-performance networking</p> Signup and view all the answers

    In what way does the security perimeter differ in an outsourced private cloud compared to an on-site private cloud?

    <p>Both subscriber's and provider's perimeters need hardening</p> Signup and view all the answers

    What capability do providers have that is a core advantage for outsourced private cloud services?

    <p>Ability to provision and operate computing equipment at scale</p> Signup and view all the answers

    Which factor may necessitate an upgrade of the subscriber's network when moving to an outsourced private cloud?

    <p>Need for higher bandwidth to connect to the cloud</p> Signup and view all the answers

    What happens when the parser encounters an external entity that it cannot retrieve?

    <p>The parser will cease processing the DTD content and make the available data to the application.</p> Signup and view all the answers

    Which type of XML parser must retrieve all defined entities in the DTD?

    <p>Validating parser</p> Signup and view all the answers

    How does a non-validating parser handle unresolved external entities?

    <p>It proceeds with processing the remaining document while noting the unresolved entities.</p> Signup and view all the answers

    What is the role of entity references in XML processing?

    <p>To replace occurrences of certain character sequences with corresponding entities.</p> Signup and view all the answers

    Which character is specified as not usable as whitespace in XML tags?

    <p>EBCDIC character 'NEL'</p> Signup and view all the answers

    What should be used to include characters not defined in the encoding charset in XML?

    <p>Character references</p> Signup and view all the answers

    What is a special characteristic of validating parsers in XML processing?

    <p>They validate document compatibility with the DTD.</p> Signup and view all the answers

    What occurs if an XML parser identifies an external entity?

    <p>It retrieves and replaces each occurrence of the entity reference recursively.</p> Signup and view all the answers

    What distinguishes control sensitive instructions from behavior sensitive instructions?

    <p>Control sensitive instructions can inadvertently expose the guest OS.</p> Signup and view all the answers

    What is required for a VMM to be constructed on a conventional third generation computer?

    <p>The set of privileged instructions must be a subset of sensitive instructions.</p> Signup and view all the answers

    What characterizes full virtualization in server environments?

    <p>Emulation of hardware, including the CPU, is used.</p> Signup and view all the answers

    What is a significant drawback of using full virtualization?

    <p>Performance can be adversely affected due to hardware emulation.</p> Signup and view all the answers

    What is the primary way the guest operating system interacts with the VMM in para-virtualization?

    <p>By modifying the guest OS to be aware of the VMM.</p> Signup and view all the answers

    What does hardware-assisted virtualization primarily allow?

    <p>Unmodified operating systems can run without virtualization knowledge.</p> Signup and view all the answers

    Which of the following represents a modification approach in para-virtualization?

    <p>Using para-virtualized drivers for enhanced device performance.</p> Signup and view all the answers

    What is one of the notable features of QEMU and Bochs in virtualization?

    <p>They contribute to the total portability of VMs.</p> Signup and view all the answers

    Which of the following describes a main advantage of hardware-assisted virtualization?

    <p>It allows for improved performance by eliminating the need for emulation.</p> Signup and view all the answers

    Which of the following accurately describes a limitation of using para-virtualization?

    <p>It requires the guest OS to be aware of virtualization.</p> Signup and view all the answers

    What is a common misconception regarding virtual machine portability?

    <p>Portability is possible due to consistent hardware emulation.</p> Signup and view all the answers

    Why might a guest OS benefit from para-virtualized drivers?

    <p>To leverage virtualization-aware APIs for performance improvements.</p> Signup and view all the answers

    What is the role of the VMM in a hardware-assisted virtualization environment?

    <p>It intercepts and emulates privileged operations using hardware extensions.</p> Signup and view all the answers

    Study Notes

    Public Cloud

    • Restrictive default service level agreements
      • Public cloud service level agreements set limitations on how the cloud resources can be used.

    Private Cloud

    • Infrastructure is exclusive to a single organization
      • Multiple consumers within the organization can access the resources
    • Examples include:
      • Eucalyptus
      • Ubuntu Enterprise Cloud - UEC
      • Amazon VPC
      • VMware Cloud Infrastructure Suite
      • Microsoft ECI data center.
    • Private cloud can be managed by a third party and exist off-premises
    • Two main scenarios exist:
      • On-site Private Cloud: implemented at the customer's location
      • Outsourced Private Cloud: server-side is managed by a hosting company.

    On-site Private Cloud

    • Subscriber organization retains control over resources within the security perimeter
    • Factors to consider:
      • Subscribers still need IT skills to manage the environment
      • Workload location is hidden from clients for better resource management
      • Client workloads can reside concurrently within the same infrastructure, requiring strong access control policies
      • Network dependency impacts bulk data transfer and real-time processing
      • Secure from external threats with proper security perimeter implementation
      • Significant upfront costs for migrating to the cloud

    Outsourced Private Cloud

    • Two security perimeters are involved: one implemented by the subscriber and one by the provider.
    • Stronger protection depends on both security perimeters and the protected communication link
    • Considerations include:
      • Subscribers may be able to provision unique communication links with the provider.
      • Risks related to multi-tenancy are similar to on-site private clouds.
      • Network capacity limitations impact data transfer and real-time processing
      • Robust security measures are needed at both subscriber and provider perimeters.
      • Moderate to significant upfront costs for migration
      • Core competencies of providers: provisioning and operating computing equipment at scale
      • Main start-up costs are negotiation of service level agreements, network upgrades, application porting to the cloud, and training.

    Virtualization

    • Virtual Machine Monitor (VMM) can be constructed if sensitive instructions of a computer are a subset of privileged instructions.
    • A computer is recursively virtualizable if a VMM without timing dependencies can be built.

    VMM & VM

    • VMMs are the core of virtualization technology.
    • VMMs are responsible for managing and isolating VMs for security and performance considerations.

    Server Virtualization Approaches

    • Full Virtualization
      • First generation approach for x86/x64 server virtualization
      • Uses dynamic binary translation to emulate system hardware and software
        • Emulation layer talks to an operating system
        • Guest OS does not perceive the emulated environment
    • Para-Virtualization
      • Guest OS is modified to run kernel-level operations
        • Guest OS is aware of privileged instructions
        • VMM handles virtualization
      • Guest OS communicates with the VMM via a specialized API
    • Hardware-assisted virtualization
      • Guest OS runs in ring 0
      • VMM emulates privileged operations by using processor extensions
      • Removes many complexities of VMM development
      • VMM runs in a privileged ring higher than 0

    Network Virtualization

    • Virtualization of network infrastructure, such as:
      • Switches
      • Routers
      • Firewalls
      • Load balancers
    • Allows for greater flexibility and efficiency in managing network resources

    Why Virtualize?

    • Allows for greater utilization of computing resources
    • Improves flexibility and scalability of infrastructure
    • Provides isolation and security to enhance reliability

    XML Processing Rules: External Entities

    • External entities are referenced in a DTD to import external data into an XML document.
    • XML parsers can be validating or non-validating.
    • Validating parsers must retrieve all entities and verify compatibility with DTD rules.
    • Non-validating parsers attempt to retrieve entities but cease processing the DTD at the first unresolved entity.

    Special Issues: Characters and Charsets

    • XML defines specific characters as whitespace in tags.
    • EBCIDIC character 'NEL' cannot be used as whitespace.
    • Character references can be used to include characters not defined in the current encoding charset.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    WEEK2_LEC_MATERIAL.docx

    Description

    This quiz explores the differences between public and private cloud infrastructures, including their service level agreements and examples of private cloud solutions. It covers various scenarios, such as on-site and outsourced private clouds, providing insights into management and organizational control.

    More Like This

    Use Quizgecko on...
    Browser
    Browser