Chapter 7 - 11
What are some of the concerns with cloud storage that is entrusted to external cloud providers?
Confidentiality Security Integrity
What type of cluster uses a failover system to redirect workloads away from failed nodes?
High-Availability Cluster
A pay-per-use monitor might be used to measure which of the follow:
The usage period of a virtual server.
A mechanism designed to authenticate users and track user access priviledges is called a ...
Identity and Access Management
A Hypervisor can be installed on a bare-metal server.
True
A Logical Network Perimeter isolates a group of related IT resources from non-authorized users.
True
A cloud usage monitor is responsible for collecting IT resource usage data.
True
What are the primary concerns related to cloud storage?
Security Integrity
A digital signature can help prevent a malicious intermediary from altering a message.
True
A hypervisor can be installed directly on a bare-metal server.
True
A load balancer can be a dedicated hardware appliance.
True
A load balancer can be configured to direct a request to a particular IT resource based solely on the content of the request.
True
An automated scaling listener can respond to fluctuations in the environment by scaling IT resources.
True
As a commodity mechanism, the virtual server represents the most foundational building block of cloud environments.
True
Hypervisors can only assign resources to a virtual machine from resource pools that are physically located on the server.
True
Identity access and management systems can help mitigate the threat of insufficient authorization.
True
Security groups determine what IT resources are available to a cloud consumer.
True
In Asymmetric Encryption , the Public Key can be used to both encrypt and decrypt a message.
True only when the message is encrypted with the Private Key.
Software programs will often offload state information to a database in order to reduce the amount of run-time memory usage. This allows the program to...
be more scalable.
Encryption is used to ...
preserve the confidentiality and integrity of data.
In cloud security, the term hardening refers to ...
reducing the number of potential vulnerabilities.
Data that is re-located across national and/or geographic boundaries may be subject to:
regulations and legal implications.
Creating multiple instances of the same IT resource is called...
replication
In an active-passive failover system, the passive node ...
takes over processing when an outtage occurs.
Which of the following cloud services would most likely benefit from multi-device broker.
A cloud service that allows consumers to upload information from either an Andriod device or an iOS device.
In order to function correctly, a resource cluster must have ...
A coordinating module or function that makes the cluster look like a single resource. A method of sharing data between the nodes in a cluster. High-speed dedicated network connections.
What type of cloud mechanism might store a users's login credential in a log file?
Audit Monitor
Pricing models that vary between different consumers and different IT resources are most likely to be handled by what system?
Billing Management System
A Digital Signature is used to provide...
Both authenticity and integrity.
The network that lies between the external (public facing) firewall and the internal firewall is called the
DMZ
What type of cloud storage device using structured query language (SQL) to access records?
Datasets storage
A ___________________ is used to decrypt ciphertext into plain text that can be read.
Encryption key
To increase availability and reliability, a mission critical system commonly use a...
Failover System
A Resource Agent is commonly used to measure network traffic.
False
A VIM (virtual infrastructure manager) is only required for type-1 hypervisors.
False
A cloud billing system provides a portal for cloud consumers to review and select various cloud service offererings.
False
A resource cluster is a group of IT resources that are located in the same geographic location.
False
A single sign-on mechanism can help mitigate denial of service attacks.
False
Active-Passive failover systems require a loadbalancer.
False
Encrypting a message with a Public Key is a secure way to establish Authenticity.
False
An IT resource that filters network traffic is known as a
Firewall
Resource replication: (check all that apply)
Is Implemented by virtualization technology. Can be used to enhance a IT resource's availability. Is the process of making a copy of an existing IT resource.
What cloud mechanism can be used to insure that larger workloads get assigned to IT resources with higher processing capabilities?
Loadbalancer
The term "live-migrate" refers to which of the following:
Moving a virtual server from one physical device to another physical device in a manner transparent to the operating system.
A device that transforms data to make it accessible to a multitude of service consumers is known as what?
Multi-Device Broker
What type of cloud storage organizes data into web-based resources?
Object storage
One-way hashing algorithms are commonly used to store what?
Password
What type of agent is used to periodically monitor resource status?
Polling Agent
Which of the following functions would most likely be performed via a remote administrative console?
Releasing an IT resource for on-demand service Managing access controls. Capacity planning
A Message Digest is a ...
Result of performing a one-way hash of a message
What mechanism allows IT resources to circulate runtime authorization credentials?
SSO
Billing Management System
Uses per-use monitors to collect and process usage data as it pertains to accounting.
A logical network perimeter is established and controlled by what?
Virtual Firewalls
Selecting the best hardware device to support virtual resources is the role of what system?
Virtual Infrastructure Manager
Cloud consumers are allocated compute (CPU) resources in the form of ...
Virtual Servers