Cloud Essestials CLO-001
True or false? A watcher node is responsible for measuring application performance of a cloud service. A. True B. False
A A watcher node is a computer located at a user facility that connects to a service and performs operations to measure response time and connectivity to the service
Cloud service opportunities should be identified based on what criteria? A. Business needs B. Regulatory requirements C. Cost control D. Security requirements
A Any consideration of cloud service adoption should be based on business needs. Regulatory requirements, security requirements, and cost control are all examples of specific business needs.
How do you calculate the overall availability of a service composed of two tiers, where each tier is 99.999% available? A. Multiply the availability values. B. Average the availability values. C. Subtract each value from 100%, add the results, and subtract that from 100%. D. Add the values, subtract from 200%, and subtract that from 100%.
A Availability values are similar to probabilities. It is probable that a five 9s service will be available 99.999% of the time. To determine overall availability of independent events, you need to multiply the individual probabilities. For instance, the probability of getting a 6 from rolling a die is 1/6, the probability of rolling a 6 twice in a row is 1/6 × 1/6, or 1/36.
Which of the following elements must be defined to ensure that an organization is well prepared for incident management for cloud-based services? (Choose all that apply.) A. Service description B. Service-level agreement C. Support agreement D. Contract renewal agreement
A B C
What type of cloud service is the most common? A. SaaS B. PaaS C. IaaS D. XaaS
A Because SaaS cloud applications are entirely controlled by their provider, this type of cloud service is the most common and numerous today.
What type of cloud service is the most common? A. SaaS B. PaaS C. IaaS D. XaaS
A Because Software as a Service cloud applications are entirely controlled by their provider, this type of cloud service is the most common and numerous today.
True or false? An organization contracting a vendor to provide IaaS on a public cloud is responsible for maintaining the operating system used by the virtual machines hosted in the IaaS environment. A. True B. False
A IaaS is viewed as hardware as a service. The vendor manages the connectivity and storage but not the individual virtual machines.
What characteristic of cloud computing reduces administrative costs? A. Self-service or automated resource management B. Placing the cloud data center farther away from local administrators C. Limitation of platform/application development selection (in PaaS environments) D. Paying only for resources actually consumed
A Self-serve management of resource allocation reduces IT administrative overhead, while automated resource allocation reduces administrative overhead for business and IT operations.
Which of the following is not an appropriate business reason for choosing a private cloud solution over a public cloud solution? A. Management directives to retain full control over hardware B. Strict legal requirements for data protection and control C. Significant IT investment already made by the organization D. Limited Internet connectivity
A Some managers prefer to "see" what they are paying for, even if it is otherwise unnecessary. A more appropriate reason for keeping control over the hardware would be if it is required for legal or regulatory compliance. Additionally, organizations that have significant IT investment, particularly recent investment, may not be able to justify disposing of infrastructure, and sufficient Internet connectivity is required for public cloud implementations.
Which cloud standards body is focused on audit and security standards for cloud computing? A. Cloud Security Alliance (CSA) B. IEEE Standards Association (IEEE-SA) C. National Institute of Standards and Technology (NIST) D. Organization for the Advancement of Structured Information Standards (OASIS)
A The Cloud Security Alliance (CSA) is a group that focuses on audit and security standards for cloud computing.
True or false? Dynamic scaling of resources in the cloud may lead to noncompliance with software licenses A. True B. False
A The number of servers an organization needs may increase or decrease dynamically to provide sufficient quality of service and may overrun per-device or per-processor licenses
At what IT infrastructural level are server costs capital expenses rather than operational? A. Traditional B. Private cloud C. Hybrid cloud D. Public cloud
A The traditional data center's server costs tend to be capital expenses because the burden for change and update lies solely with the organization.
What are some examples of utility value provided by a cloud-based service? A. Access from anywhere B. Higher availability C. Better security D. Business continuity
A Utility includes functionality, increased performance, and the removal of constraints. For instance, a cloud-based accounting service may provide the same functionality as an accounting service hosted on premises, but it may also allow the user to work from any device connected to the Internet, removing the constraint of connectivity to the corporate network and increasing performance by allowing the user to work even if the corporate network is unavailable
VXLAN provides virtual _______ layer connections across ________ layer networks? A. Data-Link, Network B. Physical, Data-Link C. Transport, Physical D. Network, Transport
A Virtual Extensible Local Area Network (VXLAN) services provide virtual Layer 2 (Data-Link) network tunnels between Layer 3 (Network) subnets.
What is the role of a cross-functional team representing all business elements of an organization in determining readiness for cloud services? A. To participate in the pilot program and identify areas of concern B. To negotiate costs for services C. To ensure that the SLA benefits the organization more than the provider D. To manage the cultural change that will occur during and immediately after the transition
A While personnel from multiple business units may participate in negotiation, review of the SLA, and management of cultural change, a successful pilot program requires representatives from all business elements in order to accurately identify potential issues.
Which of the following are important factors that must be negotiated with a SaaS vendor? (Choose all that apply.) A. Contract renewals B. Data ownership C. Programming language D. Server operating system
A, B SaaS vendors tend to have an automatic contract renewal clause and policies on data ownership and deletion. It is necessary to understand and negotiate those with vendors. The programming languageused by a SaaS vendor cannot be changed by a customer because the SaaS vendor owns the application and develops its code; the same goes for the operating system running on the servers.
What are the main advantages of using a web-based distributed application? (Choose two.) A. Availability B. Scalability C. Security D. Reliability
A, B You can make a web-based distributed application highly available by providing several web servers and scalable by adding servers as needed based on usage. Security and reliability are no different than with a regular distributed application, although some people might argue that you can easily enable SSL to encrypt data transmission in a web application yet the same can be used for a regular distributed application.
What are the three basic logical tiers of a distributed application? (Choose three.) A. Presentation B. Application C. Network D. Data E. Internet
A, B, D The three tiers of a distributed application are the presentation tier (user interface), application tier (business logic), and data tier (data storage).
Which of the following organizational skills are important skills to have when moving applications to the cloud? (Choose all that apply.) A. Vendor management B. Desktop security C. Data integration D. Customer management
A, C Cloud service vendors must be managed closely since the daily operations of the organization now relies on the availability of services provided by the vendor. Integration of data maintained on premises and on the cloud is needed to provide a more accurate picture of the business and facilitate business decisions. Desktop security does not affect cloud services because data is stored and changed in the cloud. Customer management does not affect cloud systems.
Which of the following are important factors to consider when transitioning from an on-premises application to an SaaS application? (Choose all that apply.) A. Internet bandwidth B. Processor architecture C. WAN design D. Programming language
A, C Internet bandwidth is the main factor that must be taken into account when moving to a SaaS model because all calls that used to be made to an on-premises application are now directed to the Internet. Because connectivity to the Internet is required, the WAN design of the organization must be looked into to ensure that remote offices have the necessary connectivity to run the SaaS applications.
What are the five volumes in ITIL? (Choose five.) A. Service Design B. Service Development C. Service Strategy D. Service Transition E. Service Operation F. Service Analysis G. Continual Process Improvement
A, C, D, E, G ITIL is composed of five distinguished volumes: Service Design, Service Strategy, Service Transition, Service Operation, and Continual Process Improvement.
Which factor contributes to network latency primarily because of oversubscription? A. Congestion B. Number of hops C. Node count D. Protocol latency
A. Congestion
An organization that blends Google Docs forms and Microsoft's Azure services for data collection and management is using what type of cloud deployment? A. Private B. Community C. Public D. Hybrid
B A community cloud may be resident on one organization's data center resources but shared with partner organizations as a remote community cloud service. Community clouds may also reside outside of all organizational cloud hosting and be accessed remotely by all partners in the community, as in the case of a partitioned public community cloud service
True or false? If the cloud service provider has a strong information security management system (ISMS), the customer does not have to have one as well A. True B. False
B A strong ISMS is necessary for both organizations and cloud service providers due to shared responsibility for security management.
Adding additional memory to a server is an example of what type of scalability? A. Horizontal B. Vertical C. Diagonal D. Load balancing
B Vertical scaling, or scaling up, involves adding resources to a single node or host. Horizontal scaling, or scaling out, involves adding additional nodes to a distributed system, while diagonal scaling is a combination of the two. Load balancing is a process associated with scaling application services.
Which of the following is not an indicator of the organization's ability to successfully adopt cloud services? A. A successful pilot B. A fully staffed help desk C. Identification of regulatory requirements D. Executive management support
B A successful pilot indicates an organization's readiness, and identification of regulatory requirements is necessary to determine both the business needs and the appropriate service provider. Executive management support, as well as that of key stakeholders, is necessary due to the changes in organizational cultural, domain management, and business processes that will occur. A fully staffed help desk may be of little consequence if help desk functionality is transferred to the cloud service provider.
Which type of client lacks storage for applications? A. Thick B. Thin C. Mobile D. Remote
B A thin client system does not have a hard drive or flash drive for storage, so it relies on remote applications to operate
True or false? Cloud computing is inherently an ecologically green technology. A. True B. False
B Although cloud computing can provide opportunities for reduced environmental impact through transparent migration to optimal locations and by leveraging economies of scale, it still relies on the same basic components found in a traditional data center.
True or false? All cloud services fall into only one of the NIST models: SaaS, PaaS, IaaS. A. True B. False
B Although most cloud "as a Service" products can be aligned within the NIST definitions, many cloud services blend varying levels of the NIST models. The common Dropbox service, for example, includes both SaaS (web client for accessing files) and IaaS (cloud file storage) elements into its particular product.
True or false? Vendor lock-in concerns relate only to Platform as a Service cloud implementations. A. True B. False
B Although the proprietary language options available to a particular PaaS development environment present the most obvious form of vendor lock-in potential, standards do not yet exist across all SaaS or even all IaaS providers' options, leading to some concerns that an early move into the cloud could create additional costs later for switching to an alternate service.
rue or false? Vendor lock-in concerns relate only to PaaS cloud implementations A. True B. False
B Although the proprietary language options available to a particular PaaS development environment present the most obvious form of vendor lock-in potential, standards do not yet exist across all SaaS or even all IaaS providers' options, leading to some concerns that an early move into the cloud could create additional costs later for switching to an alternate service.
True or false? Adoption of public cloud services requires an organization to first implement server virtualization and private and hybrid clouds. A. True B. False
B Although the spectrum of virtualization begins with the transfer of traditional servers to virtualized hosting in the data center and ends with the fully virtualized public cloud, organizations can take advantage of any level of virtualization without any of the others. This spectrum presentation is merely a mechanism for aligning the various types of virtualized computing.
True or false? There are no significant security benefits to using cloud services. A. True B. False
B Although there are numerous risks, there are also significant benefits related to scale. Cloud service providers often take advantages of economy of scale to provide security services many organizations would be unlikely to afford on their own.
What is the process of verifying a user's identity? A. Authorization B. Authentication C. Logging in D. Access control
B Authentication is the process of verifying an entity's identity by validating one or more factors against a trusted identity provider. Authorization is the process of determining whether a user has permission to access a resource and is similar to access control. Logging in is the process of presenting credentials for authentication.
True or false? Application life cycle management in the cloud is slightly more complex than in traditional development models due to the addition of remote resources. A. True B. False
B Because the organization is no longer involved in acquisition, installation, and maintenance upgrades, software management life cycles can be shortened and costs reduced through cloud service integration
True or false? Big data applications are perfect candidates for cloud-based applications A. True B. False
B Big data applications are I/O bound, which may result in large costs for transferring data over the Internet.
True or false? All distributed applications are web applications. A. True B. False
B Distributed applications do not require the use of a web server and can have any type of user interface.
__________ cloud services can provide interconnections between cloud functioning, allowing multiple clouds to be managed as a single cloud resource pool. A. Hybrid B. Federated C. Layer 2 D. Layer 3
B Federated cloud services can provide interconnections between clouds, allowing multiple clouds to be managed as a single cloud resource pool in private/private, private/public, and public/public configurations.
What characteristic of cloud computing reduces data center costs? A. Using energy-efficient technologies in cloud data centers B. Flexibility and sustainability of cloud service models C. Allowing services to be automatically migrated between data center locations as required D. Remote availability for mobile devices
B Flexible resource assignment allows the cloud service provider to share resources across multiple customers, reducing active server count, power load, and cooling requirements. The sustainable nature of cloud services includes the mobility of data and service operations as well as the potential for green cooling options.
True or false? ITIL is a collections of tools used to manage an IT infrastructure. A. True B. False
B ITIL is a collection of best practices on how to manage an IT infrastructure. The best practices prescribed by ITIL are technology agnostic.
Which type of cloud service model allows the cloud-level hosting of organizational resources from the operating system to the applications accessed within them? A. PaaS B. IaaS C. Public cloud D. Hybrid cloud
B IaaS represents cloud resources provided at the lowest level—storage, databases, network interconnections, and similar functions. This is the most flexible level of cloud service but requires the most management and planning of the consuming organization. Platform as a Service represents cloud resources provided at the development level for custom application development and hosting. Public and hybrid clouds are deployment models, not service models.
What type of client system relies on server-based applications and services to take the place of locally stored resources? A. Thick client B. Thin client C. Desktop D. Mobile device
B In client/server architecture, thin clients are unable to perform their own processing and rely upon server-based applications and services. Thick clients, on the other hand, have enough processing and storage resources to perform local processing. Desktops and mobile devices are examples of thin or thick clients.
Encryption is not an appropriate mitigation technique for which of the following security risks? A. Unauthorized access to confidential data B. Loss of organizational control C. Cleartext password transmission D. Weak data destruction processes
B Loss of organizational control is a problem when an organization is unable to properly manage risk due to unknown exposure. This risk is mitigated by clearly defining security responsibilities and requirements in the service-level agreement (SLA). Encryption is an appropriate mitigation technique against the risk of unauthorized access to confidential data and weak data destruction procedures because even if unauthorized individuals did gain access to encrypted files, they would be unreadable without the key (or a great deal of computing power to dedicate to breaking the encryption). Encryption also protects against the danger of password compromise in transmission.
True or false? Government agencies must always notify a data owner when they compel disclosure of information from a cloud service provider as part of lawful access.
B Not only are government agencies not required to notify data owners, certain countries have gag orders that prevent the service providers from providing notification to the data owners.
At what NIST "as a Service" model level is the current concern of vendor/proprietary lockin greatest for custom applications developed for the cloud? A. Software as a Service B. Platform as a Service C. Infrastructure as a Service D. Everything as a Service
B Of the three NIST models, PaaS presents the greatest limitation on cloud application design that could lead to an organization's "lock in" to a particular cloud vendor's services. Each vendor's PaaS services (such as Google Apps, Microsoft Azure, and Amazon Elastic Cloud) offer a limited spectrum of application development languages, often involving proprietary variations even when using standard language bases. Movement to another cloud service provider will involve rewriting many application functions or applications in their entirety.
True or false? An organization contracting a vendor to provide PaaS on a public cloud is responsible for deciding what programming language to use when developing cloudbased applications. A. True B. False
B PaaS vendors have a predefined set of programming languages that can be used in their platform
Decreased time to market is facilitated by which of the following cloud computing benefits? A. Economies of scale B. Pay-as-you-go billing C. Mobility D. Disaster recovery
B Pay-as-you-go billing allows for rapid development without being limited by the cost of computing hardware or being stalled by procurement times. Economies of scale is a tool for cost reduction. Mobility and improved disaster recovery are cloud computing benefits, but they do not directly relate to time to market.
Of the following activities involved in cloud services adoption, which should be performed first? A. Implement a pilot program. B. Identify business processes and their dependencies. C. Identify and compare vendors. D. Identify the appropriate services and deployment models.
B Prior to identification of services, deployment models, and vendors, the organization must identify its business processes and their technical dependencies. After all this is done, the organization can implement its pilot program.
Which type of cloud is not specified expressly by NIST? A. Private B. Community C. Partitioned public D. Public
B Private clouds are constructed atop local data center resources. Hybrid clouds can blend two or more cloud types including public, private, or other hybrid clouds, while community clouds might be located in one community member's data center but would be remote for all other members.
Risk is a factor of ___________________. A. Threats and vulnerabilities B. Probability and impact C. Vulnerabilities and exploits D. Probability and vulnerability
B Risk is a factor of probability (likelihood) and impact (loss)—specifically, the probability that a particular incident will occur and the impact to the business when that happens. Threats, vulnerabilities, and successful exploits have the potential to negatively impact an organization but do not in and of themselves define risk.
True or false? An organization contracting a vendor to provide a SaaS application must have the necessary technical skills to maintain and operate the application being hosted on the cloud. A. True B. False
B SaaS vendors are responsible for code maintenance and operation of applications they host.
What type of application design is preferable for a cloud-based application? A. A design that uses stateful objects B. A design that uses stateless objects C. A design that uses in-memory state management D. A design that uses client-based state management
B Stateful objects should be avoided at all times because calls from the client can reach different servers at any time, and code should be optimized for multicore use
Which function of cloud storage gateways is intended to improve response time to data requests? A. Backup B. Caching C. Compression D. Encryption
B The storage gateway can store regularly accessed data in its cache to improve response time in comparison to repeated access against the original storage server.
True or false? An organization should not be concerned with relying on a single vendor or proprietary technology base. A. True B. False
B This is referred to as vendor-lock in and can be problematic when the organization wants to switch to a different cloud service provider
The identity management process of allowing users in different security domains to share services without having identities in each domain is called what? A. Single-sign on B. Federated C. Authentication D. Authorization
B. Federated
Which of the following is not an appropriate mitigation technique against data exposure? A. Audit B. Recovery C. Data isolation D. Encryption
B. Recovery
C Implementing single sign-on allows an organization's users to authenticate once and pass identity attributes on to multiple applications. Kerberos is a secure authentication protocol that can be used in single sign-on. Integrated Windows authentication refers to Microsoft products authenticating against a domain login. Authorization occurs after authentication and involves determining proper permissions.
C A hybrid cloud is the best solution for organizations with appropriate infrastructure and compelling reasons to implement a private cloud solution but that also have periods of high demand that make bursting into the public cloud much more cost effective than purchasing additional infrastructure. Moving everything to the public cloud or trying to utilize a community cloud would not align with the mandate of leveraging existing internal resources.
What instrument identifies the roles and responsibilities of both the customer and the cloud service provider? A. Service-level objective B. Web hosting agreement C. Service-level agreement D. Software license agreement
C A service-level agreement (SLA) acts as an intermediary between the customer and the provider, and one of its functions is to document the roles and responsibilities of both the customer and the provider so that there are no surprises. A service-level objective is a quality of service measurement. Web hosting and software license agreements are also contracts between customers and providers; however, they may not contain all the necessary elements of an SLA.
What are synthetic transactions? A. Database transactions B. File system transactions C. Operations that mimic user interaction with a service D. Operations that mimic a cloud service
C A synthetic transaction is a set of prerecorded operations that mimic how a user operates a given service. Synthetic transactions are used to verify if a service is available from a specific location and the performance of said service.
When networks are architected for cloud services, which quality addresses the ability to expand to meet variable data requirements? A. Resiliency B. Simplified management C. Scalability D. Throughput
C Although throughput and resiliency address the ability to transport ever-larger volumes of data that must remain available, scalability addresses the ability to expand both network and system resources to meet expanding variable data consumption in a cloud service environment.
What application can be used to move a service from an on-premises test environment to the public cloud in a hybrid cloud environment using Microsoft System Center and Azure?
C AppController can be used to manage and create services on a private or public cloud using Microsoft System Center and Azure
Which benefit of cloud automation eases Christmas data center support in particular, compared to traditional data centers? A. Hidden complexity B. Standardization C. Availability D. Resource utilization
C Availability in automated cloud self-service makes it possible to manage resource allocation and provisioning even during off-hours, weekends, and holidays when the IT staff is otherwise engaged. Concealing complexity from operators eases development and resource access at all times, so it would not be associated with holidays in particular.
What is another term for a flexible pool of computing resources available to network clients and managed by self-service on-demand automated tools? A. Server virtualization B. High-performance computing C. Cloud computing D. Server consolidation
C Cloud computing is a flexible self-service and network-accessible pool of computing resources; it is rapidly transforming the modern enterprise network environment by moving on-premises services to remote cloud service providers.
Physical computing hardware is an example of what type of expense? A. Operating B. Direct C. Capital D. Indirect
C Computers, servers, and other physical devices are fixed assets and therefore, capital expenses. Operating expenses are those associated with ordinary business operations. A cost is considered direct or indirect based on whether it can be assigned to a single process, product, or service or to multiple ones, so more information would be required for option B or option C to be correct.
Which of the following is not a legal risk associated with cloud computing? A. Data isolation B. Jurisdiction C. Cost D. Electronic discovery
C Cost is a business risk, not a legal risk. Data isolation, jurisdiction (in reference to data location), and electronic discovery are all legal risks
Which of the following risks leads to an increased cost for running a cloud-based application? A. Security compliance B. IT organizational changes C. DDOS attacks D. Cloud service maturity
C DDOS attacks can cause new instances of a presentation layer server to be added automatically, increasing the compute cost of the application
Which ITIL volume provides guidance on the deployment of services into a production environment? A. Service Strategy B. Service Design C. Service Transition D. Service Operation
C ITIL Service Transition provides guidance on the deployment of services required by an organization into a production environment.
Authentication to multiple services in the cloud can be streamlined by adopting which of the following identity management mechanisms? A. Kerberos B. Integrated Windows authentication C. Single sign-on D. Authorization
C Implementing single sign-on allows an organization's users to authenticate once and pass identity attributes on to multiple applications. Kerberos is a secure authentication protocol that can be used in single sign-on. Integrated Windows authentication refers to Microsoft products authenticating against a domain login. Authorization occurs after authentication and involves determining proper permissions.
Which type of cloud is often used when external mandates require a high degree of data governance? A. Private B. Community C. Partitioned public D. Public
C Like the current distributed electrical power grid, public clouds provide resources to clients based on utility and consumption. Costs are operational for planning and vary based on level of use.
Which model of cloud computing best mirrors the current electrical utility grid? A. Community B. Private C. Public D. Hybrid
C NIST specifies the four types of clouds as public, hybrid, private, and community. Community clouds operate as private for the related community of organizations or as a secured partition of a public cloud for all others. A partitioned public cloud is an example of a community cloud that does not reside within the data center of any of the partner consuming organizations.
The term Web Access Architecture refers to the organization of cloud functions against which model of network communication? A. TCP B. HTTP C. OSI D. SMTP
C Network communication is defined by the Open Systems Interconnection (OSI) model, in which data is passed through a series of layers comprising similar communication functionality. Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) are high-level application protocols that run over Transport Control Protocol (TCP), a low-level data delivery protocol.
Which of the following actions would not lead to risks related to records retention in the cloud? A. Secure destruction of records on schedule B. Restrictions on archived storage C. Difficulties associating metadata with archived records D. Unauthorized access
C Network communication is defined by the Open Systems Interconnection (OSI) model, in which data is passed through a series of layers comprising similar communication functionality. Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) are high-level application protocols that run over Transport Control Protocol (TCP), a low-level data delivery protocol.
Which NIST "as a Service" model is best suited to full customization for an organization's services? A. Software as a Service B. Platform as a Service C. Infrastructure as a Service D. Everything as a Service
C Of the three NIST models, IaaS allows the greatest flexibility from the operating system up.
Which of the following SLA elements should be of high concern to an organization considering putting mission-critical data or services in the cloud? A. Services provided and excluded B. Dispute resolution C. Availability and performance requirements D. Costs for services
C Organizations considering using cloud services for mission-critical services or data should be very concerned with both availability and performance because deficiencies in either could negatively impact business. The other options are all standard elements of SLAs
Which of the following elements should be monitored by a consumer of a PaaS service? A. Network fabric B. Storage fabric C. Virtualization hosts D. Services on a VM
C PaaS consumers do not have access to the underlying fabric of a cloud solution, but they are responsible for developing and deploying services to the VM. They can, and should, monitor these services.
Which of the following is a design pattern of cloud-based applications? A. Predictable volume B. Constant processing C. Unpredictable burst D. Big data
C The four design patterns of cloud-based applications are predictable burst; unpredictable burst; start small, grow fast; and periodic processing.
Which of the following is not an appropriate mitigation to protect against malicious insiders? A. Employee background checks B. Security policies C. Timely installation of security patches D. Logging
C While timely installation of security patches is a security control, it does not apply to malicious insiders. Employee background checks, strong security policies, and logging employee actions are appropriate mitigations because they reduce the risk of malicious employees being hired, limit the access they may have to customer data, and provide an audit trail to aid in incident response.
Regarding information security management systems, in what phase of the Plan-Do-Check-Act cycle does metrics analysis occur? A. Plan B. Do C. Check D. Act
C. Check
Which level of the cloud service model pyramid allows the greatest flexibility for application development? A. Software as a Service B. Platform as a Service C. Infrastructure as a Service D. Hardware as a Service
C. IAAS
Which of the following is not a risk associated with cloud-based applications? A. Vendor lock-in B. Reliability C. Security D. Lack of development tools
D Although some cloud service providers provide only proprietary development tools, most providers allow the use of commonly used tools such as Visual Studio and programming languages such as C# and Java.
An organization can address regulatory compliance risks in the cloud in all the following ways except which one? A. Its own security policies B. Periodic audits C. Service-level agreements with cloud providers D. Delegation of full responsibility for compliance to the cloud service provider
D Although the organization can delegate operational duties to a cloud service provider and in some cases the cloud service provider may share responsibility with the organization, an organization cannot delegate responsibility for compliance or liability. Options A, B, and C are all examples of appropriate mitigations against noncompliance.
When a service has been migrated into the cloud, where is it really located? A. In the local data center B. In a partner organization's data center C. At a service provider's virtualized data center D. Almost anywhere
D Being "in the cloud" means only that a service, application, or other component of technology infrastructure is being supported within a cloud computing flexible resource pool environment. There is no specific location that can be pointed to as "the cloud" in general.
What is the main limitation of a desktop application? A. Lack of manageability B. Lack of reliability C. Lack of security D. Lack of scalability
D Desktop applications can use all the power available in a desktop to allow for security, reliability and manageability but cannot scale out to use other computers.
Which security measures can be used to secure communications between cloud services and end users? A. VPN B. SSL C. Firewall D. Both A and B.
D Firewalls manage network traffic but do not, on their own, secure communications. Virtual private networking (VPN) creates a private network over an intermediate network such as the Internet through tunneling, isolating communications. Secure Sockets Layer (SSL) is a type of encryption used to secure web communications.
Which ITIL volume provides guidance on incident and problem management? A. Service Strategy B. Service Design C. Service Transition D. Service Operation
D ITIL Service Operation provides guidance on achieving the delivery of agreed levels of service to end users and the organization, including event management, incident management, problem management, request fulfillment, and access management.
Which of the following is not a business driver for cloud computing? A. Cost reduction B. IT staff reduction C. Strategic flexibility D. Increasing capital expenses
D Increasing capital expenses is not a business driver for cloud computing. Businesses looking to adopt cloud computing are seeking to decrease capital expenses (e.g., hardware costs) by shifting the cost to operations.
Prior to cloud services adoption, technical and business staff must work together to perform what action? A. Identify business processes and their dependencies. B. Determine changes to the organization's infrastructure. C. Determine the impact to business processes. D. Both A and C.
D It requires both business and technical staff to accurately identify business processes, their technological dependencies, and the impact of change to both. The organization's infrastructure, however, is generally the domain of technical staff.
Which of the following does not describe the relationship between mobile computing and cloud computing? A. Mobile devices serve as data input and presentation interfaces. B. Data transmitted occupies the limited bandwidth available to mobile devices. C. Cloud services provide functions that could overrun available resources on mobile devices if run locally. D. Mobile devices must access cloud services using a mobile web browser.
D Mobile devices are able to access cloud services not only through their web browsers but also through applications loaded onto the devices.
Congestion occurs when devices begin to interfere with one another as they compete for available network capacity and can be addressed by expanding the available bandwidth or ____________. A. Selecting transport protocols with higher latency B. Selecting transport protocols with lower latency C. Reducing the number of hops between devices D. Segmenting subnetworks to limit collisions
D Network congestion can be addressed by expanding the available bandwidth (upgrading the network) or by segmenting subnetworks to limit collisions between devices on the same subnet.
Which capability of cloud service automation allows memory and processing power to be dynamically assigned? A. Provisioning policies B. Data recovery C. Resource limitation D. Resource pooling
D Resource pooling makes it possible for automated cloud provisioning systems to allow computing resources such as storage, memory, network bandwidth, virtual servers, and processing power to be assigned dynamically or upon request.
Which of the following elements should be monitored by a consumer of a SaaS service? A. Network fabric B. Storage fabric C. Services on VMs D. Connectivity to service
D SaaS consumers do not have access to the underlying platform. They can only, and should always, monitor access to the services being consumed.
With regard to security, the service-level agreement should clearly outline ___________________. A. The security management responsibilities of the cloud service provider B. The security responsibilities of the customer C. The provider's security incident notification procedures D. All of the above
D Security management responsibilities of both the provider and the customer should be defined in the SLA to ensure that proper controls are applied and monitored. The provider's security incident notification procedures should be defined in the SLA to ensure that they meet the business needs and regulatory requirements of the customer.
Which example of new cloud computing roles will focus more on financial matters than on technical ones? A. Vendor management staff B. Support desk staff C. Cloud architect D. Cloud service manager
D The cloud service manager will be responsible for financial management, including pricing, service levels, and service classes that will factor into cloud hosting contracts and billing policies.
Adopting cloud services will impact an organization's financial management due to which of the following changes? A. Cost of technical support escalations B. Changes in software licensing C. Shifting technology from a capital to an operational expenditure D. Both B and C
D The cost of technical support escalations, although monetary, is an element of IT service management. Changes in software licensing and the shifting of technology from CAPEX to OPEX are likely to require significant changes to an organization's budgeting process.
All but which one of the following options are advantages of SaaS in the enterprise? A. Application deployment and maintenance is performed by the cloud service provider. B. Applications do not need to be installed on individual machines. C. Data is aggregated across multiple individuals, sites, or organizations. D. Customized and personalized applications can be developed
D The development of customized and personalized applications is a function of PaaS. With PaaS, applications are developed, deployed, updated, and maintained by an organization's own development staff, as opposed to SaaS, in which the cloud service provider performs those functions. Aggregation of data is generally considered to be a benefit of enterprise SaaS, while the ability to run applications without them being installed on individual machines is an advantage of both enterprise and personal SaaS.
Which category of "as a Service" models is not specifically identified by NIST? A. Software as a Service B. Platform as a Service C. Infrastructure as a Service D. Hardware as a Service E. Everything as a Service
E NIST defines cloud computing service models for applications (SaaS), platforms (PaaS), and infrastructures (IaaS). Hardware as a Service is just an alternate way to refer to IaaS. Everything as a Service (XaaS) is simply a general term reflecting the evolution of traditional data center models into integrated flexible and adaptable alternatives integrating elements of cloud computing. Industry giants like Google, HP, and Microsoft are starting to use the XaaS designation, but it does not align to a formal category of cloud services.
True or false? The United States and the European Union have compatible data privacy laws. A. True B. False
False
Which level of the cloud service model pyramid allows the greatest flexibility for application development? A. IaaS B. SaaS C. PaaS D. XaaS
SaaS options offer almost no application development, while PaaS application development is tied to a provider's selection of available languages—sometimes even using proprietary versions of common languages to lock clients into its services. IaaS allows the greatest flexibility because an organization can deploy its own resources from the operating system up.
Which of the following does not impact data confidentiality? A. Man-in-the-middle (MitM) B. Cross-site scripting (XSS) C. Denial of service (DoS) D. Password theft
c. DoS
Which is the following services requires a broader capacity of technical skills owned by the organization contracting a cloud service vendor? A. SaaS B. PaaS C. IaaS
c.IAAS