Cloud Essentials+ (CLO-002)

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

You are consulting for Company A, and they ask you to run a cloud assessment. In which order should you perform the following tasks as part of this assessment?

1.) Gather current and future requirements 2) Run a baseline 3) Perform a feasibility study 4) Compare benchmarks

Bring your own license (BYOL)

A company hires contractors for six-month projects. After six-months, a new team of contractors will be brought in. Which type of software licensing allows the licenses to be transferred from the first group to the second group? note: bring your own license is when software can be transferred from one user to another or one system to another.

Private Cloud

A company that purchases virtualization software to set up individual clouds within their own network. Does NOT have rapid scalability Has to purchase computer assets. Controls all aspects of security.

Cloud computing

A method by which you can access remote servers that provide software, storage, database, networking, or compute services for you.

PaaS

Adds features to IaaS that include OSs and software development tools like runtime environments.

Hypervisor

Also known as a virtual machine manager (VMM)

High Availability

An SLA that specifies five nines is referring to ___

IoT (internet of things)

An engineer on your team says that the company should use new technology to enter a new stream of business. He says that you should sell and monitor linked home appliances and smart thermostats. Which technology is he talking about?

The nation where the data is stored The nationality of the user the data is about the location of the organization that stored the data.

An organization that does business internationally needs to take into consideration data sovereignty laws on data stored in: note - Where the data is physically stored, the nationality of the users for whom the organization is storing data, and the location in which the organization is doing business.

Quantitative

Analysis that is dependent on the monetary value or quantity of an asset is known as: note - value of an asset based on monetary value or its quantity.

Qualitative

Analysis that is dependent on the quality or perceived value of an asset is known as: note - qualitative analysis is the analysis of a value of an asset based on its perceived value.

Self-service

Cloud clients can get more compute power without CSP intervention based on ___ characteristic

Resource pooling

Cloud providers resources that can be seen as one large pool which is divided amongst clients as needed.

Shared responsibility Model

Cloud security responsibilities are defined by the

Provisioning

Cloud service provider allocates resources to a client.

Broad network access

Cloud users need to access resources from PCs and mobile devices. This is called

Hybrid Cloud

Combines the public cloud and private cloud models. Allows companies to keep tight control over sensitive data/databases in a private cloud environment within a network. Utilize public cloud software such as Google Docs.

Backups

Copying snapshots of instances to different locations in order to protect against data loss or corruption is an example of : note - backups are copying of data to a different location in the event of data loss or corruption.

SaaS Advantages

Cost, flexibility, and ease of access

Community Cloud

Created when multiple organizations with common interests, such as schools or merging companies, combine to create a cloud. It's like a public cloud with better security.

SaaS Disadvantages

Data security. All data is transmitted over the internet, and data is stored "somewhere else" other than your on-premises data center. An internet connection is required to access apps and save data.

SaaS

Gmail is an example of which type of cloud service? note: Software as a service includes software alications, including apps like Google Docs.

Industry

HIPAA, GLBA, PCI DSS, and FINRA are all examples of __ based standards. note - HIPAA is healthcare industry, GLBA is financial, PCI DSS is credit care, and FINRA is financial.

Unchangeable

Immutable infrastructure contains resources that: note - immutable means that the data cannot be modified or changed.

Silos

In the Continuous Integration Continuous Delivery pipeline the four steps are separated into _____ from each other, and the CI/CD attempts to remove them. note: The four teams involved in the CICD pipeline do not communicate or collaborate with each other.

Federal

In the event of competing local, state, federal, and international regulatory requirements, which regulations should an organization follow? note - federal laws preempt all other regulations

CSP and Client

In the shared responsibility model, who is responsible for the security of computer and storage resources? Note: in the shared responsibility model, the CSP is responsible for security "of" the cloud, which includes services and infrastructure such as compute and storage resources. Clients are responsible for security "in" the cloud, such as operating systems, access management, and customer data.

Training

Internal IT employees need to learn to use a new cloud-based software interface to manage corporate services. What should you request from the CSP? note: training is a short-term activity that focuses on acquiring a specific skillset to perform a job.

Kernel-based Virtual Machine (KVM)

KVM software that allows any Linux installation to be turned into a hypervisor and run multiple VMs

Free for use

Linux is an operating system uses which license type? note - The Linux kernel is license under the GPL, which is a free-for-use license.

Public cloud

Microsoft Azure is an example of which type of cloud deployment model? note: Google Cloud, Azure, and AWS are all examples of public clouds.

Public

Offers scalability, reliability, flexibility, geographical independence, and cost effectiveness.

Pay as you go

Once a month, a cloud client uses twice as many resources as they normally do. The next month, they use their normal amount. They pay for only what is used. This is called ____

Type 2 Hypervisor

Sits on an existing OS, called a host OS. Downsides include host OS consumes resources, and a host OS failure means that the guest OS fails as well.

Elastic

Thanks to the concept of pooled resources, cloud resources are said to be ___

Private

The ___ cloud deployment model places all security responsibilities on the company that owns it.

RPO

The ___ specifies the oldest data can be to be acceptable to restore for business use.

Scalability Definition

The ability to use more or fewer resources is called scalability. Can also refer to location. Public clouds can in theory be accessed anywhere in the world. They can scale geographically to suit business needs.

Switch to Pay-as-you-go model

The finance department wants you to convert the IT infrastructure capital expenditures to operating expenditures. Which of the following would do this? note: Purchasing IT hardware or other tangible assets is a capital expenditure. Switching to a cloud-based IT infrastructure model PAYG pricing means less (or no) need to purchase hardware and therefore no new capital expenditures.

locality

The latency between data and the end user is determined for the most part by the property: note - Locality is the measure of the distance between data and the end user.

Assets, threat, probability

The three main components of risk are: note -

RPO, RTO

The two recovery objectives that should be in a disaster recovery plan are

Self-Service

This characteristic allows users to access additional resources (such as storage, network, or compute) automatically, 24 hours a day, 7 days a week, 365 days a year without requiring intervention from the service provider.

Applications Operating System Hardware

Traditional Computing Model

Bare-metal Hypervisor

Type 1 hypervisor that sits directly on the hardware and acts as the operating system for the physical machine. Has better performance than type 2 and the system is dedicated to supporting virtualization.

Public, private, and Hybrid

What are the three cloud deployment models?

to remotely manage Linux server

What is SSH used for within the cloud environment? note: secure shell is used to remotely manage Linux-based servers.

Machine learning

Which of the following cloud services uses probabilities to make predications about input? note: machine learning, a general form of artificial intelligence, uses probabilities to make predictions about classifying new input based on previous input received.

Deduplication

Which of the following cloud technologies reduces the amount of storage space needed by removing redundant copies of stored files? note: deduplication saves storage space by removing redundant copies of files.

Anonymity

Which of the following is NOT a key operating principle of blockchain? note: blockchain operates on three key principles - decentralization, transparency, and immutability.

DNS

Which of the following services within the cloud is responsible for resolving host names to IP addresses? note: domain name system resolves host names to IP addresses.

Synchronous replication

Which replication type keeps data synced between two or more locations in real time? note - synchronous replication keeps data synced in real time.

CSP

You are beginning a cloud assessment for your company and need to contact key stakeholders. Who in the following list is NOT an example of a key stakeholder for the cloud assessment? note: the cloud service provider is not a key stakeholder of the company and should not have input on which cloud services the company needs.

VDI

You are implementing multiple levels of security for new cloud resources. Which of the following is NOT a method of cloud-based identity access management? note: virtual desktop infrastructure is for creating virtual user desktops on a server. It is not related to identity access management (IAM).

The Client

You are negotiating an SLA with a CSP. Who is responsible for defining the RPO and RTO? note: Client is responsible for defining recovery point objective and recovery time objective.

Five Nines

You are negotiating the SLA with a CSP. Which of the following high availability guarantees is likely to cost the most? note: High availability models are specified in terms of nines. More nines come with more uptime but also cost more.

Firewall

You are obtaining cloud-based networking for your company. The CIO insists that the cloud resources be as safe as possible from potential hackers. Which service will help with this? note: A firewall is a network or host-based security device. It can help protect a network or individual computers from malware.

RFI (request for information)

You are searching for the right cloud vendor for your organization. Which of the following should be your first step? note: the first step is to gather info about the vendors capabilities, which is done through a request for information.

Object Storage

You are setting up a cloud solution for your company, and it needs to be optimized for unstructured data. Which storage type is appropriate? note: object Storage is the best option for unstructured data.

Cold Storage

You are setting up cloud services and need to space to store email archives. Which of the following will be the LEAST expensive solution? note: cold storage will always be cheaper than hot storage.

Encryption

You have been tasked with designing an FIPS 140-2 compliant application. Which technology are you most concerned with? note - FIPS is a cryptographic standard for encryption.

10

You have migrated to the cloud, and users have access to cloud based productivity software. There are 10 users in the group. Each user has a laptop, smartphone, and tablet that can access the software. Using a subscription model, how many software licenses will you need to purchase? note: Under the subscription model, only one license per user is required.

PoC

You want to test a solution from a CSP to show that a new technology works properly. Which type of evaluation should you perform? note: a PoC is an evaluation used to prove that a technology works as it should.

Scalability

Your CTO wants to ensure the company users in Asia, Europe, and South America have access to cloud resources. Which cloud characteristic should be considered to meet business needs? note: scalability can refer to the ability for cloud services to be scaled geographically.

Lift and shift

Your current cloud contract is expiring, and you need to quickly move to a different provider. Which type of migration is best in this situation? note: a lift and shift, where data and applications are picked up as is and moved to another location, is the quickest and cheapest migration option.

FISMA

Your organization is in negotiations with a federal contractor that also deals with sensitive information from the federal government. Which federal regulation will apply in this scenario? note - The Federal Information Security Management Act (FISMA) is the federal regulation that deals with sensitive information security for federal agencies.

Risk, Asset

___ and ___ owner are the individuals of an organization who own and manage risk. note - Risk and asset owners.

Policies

___ are directions, guidance, and provide goals for an organization. note - policies are general guidelines for an organization. Procedures are specific steps or actions.

Mitigation

___ is a risk response where an organization decided to initiate actions to prevent any risk from taking place. note - mitigation is a risk response where an organization lowers or reduces the chance of risk but does not prevent all risk from occurring.

Elastic

cloud services can grow or shrink as the client's needs change.

Virtualization

there isn't a one-to-one relationship between a physical server and a logical (virtual) server or services.

Regulatory requirements

with new advancements in CSP technologies, you don't need to worry about storing sensitive data in the cloud. Without any configuration on your part, a CSP's tools will be sufficient for what? note- CSPs do offer tools that can meet most if not all regulatory requirements you organization may need.


Set pelajaran terkait

Foundations of Sports Injuries Chapter 7: Emergency Plan and Initial Injury Evaluation

View Set

unit 1: ancient river valley civilizations review

View Set

Saunders Endocrine Study Questions 140/189

View Set

Psychology of Adjustment Final Exam

View Set

Supply Chain Management Chapter 9

View Set

Chapter 32: skin integrity and wound care.

View Set