Azure Fundamentals - Cloud Concepts
What are some questions to ask about a potential provider in terms of compliance and requirements?
-How compliant is the cloud provider when it comes to handling sensitive data? -How compliant are the services offered by the cloud provider? -How can I deploy my own cloud-based solutions to scenarios that have accreditation or compliance requirements? -What terms are part of the privacy statement for the provider?
What is Health Insurance Portability and Accountability Act (HIPAA)?
A US federal law that regulates patient Protected Health Information (PHI). Azure offers customers a HIPAA Business Associate Agreement (BAA), stipulating adherence to certain security and privacy provisions in HIPAA and the Health Information Technology for Economic and Clinical Health Act (HITECH) Act. To assist customers in their individual compliance efforts, Microsoft offers a BAA to Azure customers as a contract addendum.
What is UK Government G-Cloud?
A cloud computing certification for services used by government entities in the United Kingdom. Azure has received official accreditation from the UK Government Pan Government Accreditor.
National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)?
A voluntary Framework that consists of standards, guidelines, and best practices to manage cybersecurity-related risks. Microsoft cloud services have undergone independent, third-party Federal Risk and Authorization Management Program (FedRAMP) Moderate and High Baseline audits, and are certified according to the FedRAMP standards. Additionally, through a validated assessment performed by the Health Information Trust Alliance (HITRUST), a leading security and privacy standards development and accreditation organization, Office 365 is certified to the objectives specified in the NIST CSF.
What are the advantages and disadvantages of using public cloud?
Advantages: -High scalability/agility -Pay-as-you-go pricing -You're not responsible for maintenance or updates of the hardware Minimal technical knowledge to set up and use - you can leverage the skills and expertise of the cloud provider to ensure workloads are secure, safe, and highly available Disadvantages: -There may be specific security requirements that cannot be met by using public cloud -There may be government policies, industry standards, or legal requirements which public clouds cannot meet -You don't own the hardware or services and cannot manage them as you may want to -Unique business requirements, such as having to maintain a legacy application might be hard to meet
What are the advantages and disadvantages of using hybrid cloud?
Advantages: -Keep any systems running and accessible that use out-of-date hardware or an out-of-date operating system -Flexibility with what you run locally versus in the cloud -Take advantage of economies of scale from public cloud providers for services and resources where it's cheaper, and then supplement with your own equipment when it's not -Use your own equipment to meet security, compliance, or legacy scenarios where you need to completely control the environment Disadvantages: -It can be more expensive than selecting one deployment model since it involves some CapEx cost up front -It can be more complicated to set up and manage
What are the advantages and disadvantages of using private cloud?
Advantages: -You have complete control over the resources and can ensure the configuration can support any scenario or legacy application -You have complete control (and responsibility) over security -Private clouds can meet strict security, compliance, or legal requirements in ways a public cloud might not be able to Disadvantages: -You have upfront CapEx costs and must purchase the hardware for startup and maintenance -Owning the equipment limits the agility - to scale you must buy, install, and setup new hardware -Private clouds require IT skills and expertise that's hard to come by
What is Multi-Tier Cloud Security (MTCS) Singapore?
After rigorous assessments conducted by the MTCS Certification Body, Microsoft cloud services received MTCS 584:2013 Certification across all three service classifications—Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Microsoft was the first global cloud solution provider (CSP) to receive this certification across all three classifications.
What is the Criminal Justice Information Services (CJIS)?
Any US state or local agency that wants to access the FBI's CJIS database is required to adhere to the CJIS Security Policy. Azure is the only major cloud provider that contractually commits to conformance with the CJIS Security Policy, which commits Microsoft to adhering to the same requirements that law enforcement and public safety entities must meet.
What is Cloud Security Alliance (CSA) STAR Certification?
Azure, Intune, and Microsoft Power BI have obtained STAR Certification, which involves a rigorous independent third-party assessment of a cloud provider's security posture. This STAR certification is based on achieving ISO/IEC 27001 certification and meeting criteria specified in the Cloud Controls Matrix (CCM). It demonstrates that a cloud service provider conforms to the applicable requirements of ISO/IEC 27001, has addressed issues critical to cloud security as outlined in the CCM, and has been assessed against the STAR Capability Maturity Model for the management of activities in CCM control areas.
Why is the cloud reliable?
Cloud computing providers offer data backup, disaster recovery, and data replication services to make sure your data is always safe (redundancy). It is often built into cloud services architecture so if one component fails, a backup component takes its place (fault tolerance) and it ensures that your customers aren't impacted when a disaster occurs.
Why is the cloud cost-effective?
Cloud computing provides a pay-as-you-go or consumption-based pricing model. This consumption-based model brings with it many benefits, including: -No upfront costs -No need to purchase and manage costly infrastructure that you may not use to its fullest -The ability to pay for additional resources only when they are needed -The ability to stop paying for resources that are no longer needed
Why is the cloud current?
Cloud eliminates the burdens of maintaining software patches, hardware setup, upgrades, and other IT management tasks so that you're able to focus on building and deploying applications.
Why is the cloud global?
Cloud providers have fully redundant datacenters located in various regions all over the globe. This gives you a local presence close to your customers to give them the best response time possible no matter where in the world they are.
Why is the cloud secure?
Cloud providers offer a broad set of policies, technologies, controls, and expert technical skills that can provide better security than most organizations can otherwise achieve. When it comes to physical security - threats to cloud infrastructure, cloud providers invest heavily in walls, cameras, gates, security personnel, and so on, to protect physical assets. They also have strict procedures in place to ensure employees have access only to those resources that they've been authorized to manage. In terms of digital security, one thing that makes the cloud unique is that you rent compute and storage resources from a shared pool.
What is the hybrid cloud?
Combines public and private clouds, allowing you to run your applications in the most appropriate location. For example, you could host a website in the public cloud and link it to a highly secure database hosted in your private cloud (or on-premises datacenter).
What are the benefits of OpEx?
Companies wanting to try a new product or service don't need to invest in equipment. Instead, they pay as much or as little for the infrastructure as required. It is appealing if the demand fluctuates or is unknown.
The computing services offered typically include what?
Compute power, storage, networking, analytics
What provides a consistent, isolated execution environment for applications?
Containers
When would you use PaaS?
Development framework and analytic / business intelligence.
Suppose you have two types of applications: legacy applications that require specialized mainframe hardware and newer applications that can run on commodity hardware. Which cloud deployment model would be best for you?
Hybrid cloud
What are the three types of cloud services?
Infrastructure as a service (IaaS), Platform as a service (PaaS), and Software as a service (SaaS)
Why is the cloud elastic?
It automatically allocates more computing resources to handle the increased traffic. When the traffic begins to normalize, the cloud automatically de-allocates the additional resources to minimize cost.
What is General Data Protection Regulation (GDPR)?
It imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. It applies no matter where you are located.
What is horizontal scaling and what are some examples of it?
It is also known as "scaling out", is the process of adding more servers that function together as one unit. For example, you have more than one server processing incoming requests.
What is vertical scaling and what are some examples of it?
It is also known as "scaling up", is the process of adding resources to increase the power of an existing server. Some examples of vertical scaling are: adding more CPUs, or adding more memory.
What is software as a service (SaaS)?
It is centrally hosted and managed for the end customer. It is usually based on an architecture where one version of the application is used for all customers, and licensed through a monthly or annual subscription. Requires the least amount of management. The cloud provider is responsible for managing everything, and the end user just uses the software.
What is Operational Expenditure (OpEx)?
It is spending money on services or products now and being billed for them now. You can deduct this expense from your tax bill in the same year. There's no upfront cost. You pay for a service or product as you use it.
What is Capital Expenditure (CapEx)?
It is the spending of money on physical infrastructure up front, and then deducting that expense from your tax bill over time. It's an upfront cost, which has a value that reduces over time.
What is Platform as a Service (PaaS)?
It provides an environment for building, testing, and deploying software applications. The goal is to help you create an application quickly without managing the underlying infrastructure. A complete development and deployment environment in the cloud. Requires less user management. The cloud provider manages the operating systems, and the user is responsible for the applications and data they run and store.
What are the seven benefits of cloud computing?
It's cost-effective, scalable, elastic, current, reliable, global, and secure.
What is IaaS?
It's the most flexible category of cloud services. It aims to give you complete control over the hardware that runs your application. Rent hardware. It's an instant computing infrastructure, provisioned and managed over the internet. Requires the most user management of all the cloud services. The user is responsible for managing the operating systems, data, and applications.
What is International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27018?
Microsoft is the first cloud provider to have adopted the ISO/IEC 27018 code of practice, covering the processing of personal information by cloud service providers.
What is EU Model Clauses?
Microsoft offers customers EU Standard Contractual Clauses that provide contractual guarantees around transfers of personal data outside of the EU. Microsoft is the first company to receive joint approval from the EU's Article 29 Working Party that the contractual privacy protections Azure delivers to its enterprise cloud customers meet current EU standards for international transfers of data. This ensures that Azure customers can use Microsoft services to move data freely through Microsoft's cloud from Europe to the rest of the world.
What is Service Organization Controls (SOC) 1, 2, and 3?
Microsoft-covered cloud services are audited at least annually against the SOC report framework by independent third-party auditors. The Microsoft cloud services audit covers controls for data security, availability, processing integrity, and confidentiality as applicable to in-scope trust principles for each service.
When would you use IaaS?
Migrating workloads, test and development, website hosting, and storage, backup, and recovery.
What are examples of SasS software?
Office 365, Skype, and Dynamics CRM Online
You're developing an application and want to focus on building, testing, and deploying. You don't want to worry about managing the underlying hardware or software. Which cloud service type is best for you?
PaaS
What are the three deployment methods of cloud computing?
Public cloud, private cloud, hybrid cloud
What lets you run application code without creating, configuring, or maintaining a server?
Serverless computing
What is economies of scale?
The ability to do things more efficiently or at a lower-cost per unit when operating at a larger scale. This cost advantage is an important benefit in cloud computing.
What is the core idea of serverless computing?
The core idea is that your application is broken into separate functions that run when triggered by some action.
How are containers different from VMs?
They're similar to VMs except they don't require a guest operating system, but instead the application and all its dependencies is packaged and then a standard runtime environment is used to execute the app.
What is the public cloud?
This is the most common deployment model. You have no local hardware because everything run on your cloud provider's hardware. Azure is an example of a public cloud.
What is the goal of cloud computing?
To make running a business easier and more efficient
What is an emulation of a computer that gives more control and responsibility over maintenance?
Virtual Machine
Why is the cloud scalable?
You can increase or decrease the resources and services used based on the demand or workload at any given time. Scaling can be done manually or automatically based on specific triggers.
What is the private cloud?
You create a cloud environment in your own datacenter and provide self-service access to compute resources to users in your organization. Completely responsible for the purchase and maintenance of the hardware and software services you provide.
How does the serverless model differ from VMs and containers?
You only pay for the processing time used by each function as it executes. VMs and containers are charged while they're running - even if the applications on them are idle.
What are the benefits of CapEx?
You plan your expenses at the start of a project or budget period. Your costs are fixed, meaning you know exactly how much is being spent. This is appealing when you need to predict the expenses before a project starts due to a limited budget.