what are the advantages of cloud computing

Faster time to market

You can spin up new instances or retire them in seconds, allowing developers to
accelerate development with quick deployments. Cloud computing supports
new innovations by making it easy to test new ideas and design new
applications without hardware limitations or slow procurement processes.

Scalability and flexibility

Cloud computing gives your business more flexibility. You can quickly scale
resources and storage up to meet business demands without having to invest in
physical infrastructure.
Companies don’t need to pay for or build the infrastructure needed to support
their highest load levels. Likewise, they can quickly scale down if resources
aren’t being used.

Cost savings
Whatever cloud service model you choose, you only pay for the resources you
actually use. This helps you avoid overbuilding and overprovisioning your data
center and gives your IT teams back valuable time to focus on more strategic
work.

Better collaboration
Cloud storage enables you to make data available anywhere you are, anytime
you need it. Instead of being tied to a location or specific device, people can
access data from anywhere in the world from any device—as long as they have
an internet connection.

Advanced security
Despite popular perceptions, cloud computing can actually strengthen your
security posture because of the depth and breadth of security features, automatic
maintenance, and centralized management. Reputable cloud providers also hire
top security experts and employ the most advanced solutions, providing more
robust protection.
Data loss prevention
Cloud providers offer backup and disaster recovery features. Storing data in the
cloud rather than locally can help prevent data loss in the event of an
emergency, such as hardware malfunction, malicious threats, or even simple
user error.

Describe the different cloud service models?

There are three major cloud service models: software as a service (SaaS),
infrastructure as a service (IaaS) and platform as a service (PaaS).
Software as a Service
Software as a service vendors host the applications, making them available to
users via the internet. With SaaS, businesses don't have to install or download
any software to their existing IT infrastructures. SaaS ensures that users are
always running the most up-to-date versions of the software. The SaaS provider
handles maintenance and support.
Platform as a Service
Platform as a service offers developers a platform for software development and
deployment over the internet, enabling them to access up-to-date tools. PaaS
delivers a framework that developers can use to create customized applications.
The organization or the PaaS cloud vendor manage the servers, storage and
networking, while the developers manage the applications.
Infrastructure as a Service
Infrastructure as a service is used by companies that don't want to maintain their
own on-premises data centers. IaaS provides virtual computing resources over
the Internet. The IaaS cloud vendor hosts the infrastructure components that
typically exist in an on-premises data center, including servers, storage and
networking hardware, as well as the hypervisor or virtualization layer.

What are some of the popularly used cloud computing services?

Amazon Web Services (AWS), Google Cloud, IBM Cloud and Microsoft Azure
Define Hybrid Cloud
Hybrid Cloud is a computing environment that combines an on-premises
datacenter (also called a private cloud) with a public cloud, allowing data and
applications to be shared between them.

What is the difference between the Hybrid Cloud and Hybrid IT?
The key difference is that Hybrid Cloud is a 100% cloud-based solution, versus
Hybrid IT which will have an element of private hardware and thus a wider
variety of platforms integrated in.
It might seem like a small difference between the two systems, but whether
some private hardware is retained or not has a huge impact on the transition
towards your hybrid system, and what your long-term goals will be for your IT.
Moving to a 100% cloud-based solution with Hybrid Cloud requires a
virtualisation strategy for every IT application and data storage and means
future solutions will need to be found within a public or private cloud
environment.
Whereas, with Hybrid IT, keeping some private hardware allows for a more
gradual transition since you can keep all of your existing applications running.
Those that are being virtualised can then be moved over to the cloud one at a
time. And in the future the business is free to take on projects that have security
needs or other specific requirements that need to be supported with private
hardware.

What is The Packaging of Hybrid Cloud? What are the two main types of
packaged hybrid cloud?
A packaged hybrid cloud solution provides pre-configured hardware, software,
and services that are designed to work together as a unified platform.
There are two main types of packaged hybrid cloud solutions: integrated systems
and hyperconverged systems.

what is the cloud?

"The cloud" refers to servers that are accessed over the Internet, and the
software and databases that run on those servers. Cloud servers are located
in data centers all over the world. By using cloud computing, users and
companies do not have to manage physical servers themselves or run software
applications on their own machines.

What are the different layers that define cloud architecture?

The Physical layer, the infrastructure layer, the platform layer and the
application layer.

What is SaaS (software as a service)?

Software as a service (or SaaS) is a way of delivering applications over the
Internet—as a service. Instead of installing and maintaining software, you
simply access it via the Internet, freeing yourself from complex software and
hardware management.

What is PaaS (Platform as a Service)?

Platform as a Service (PaaS) is a complete cloud environment that includes
everything developers need to build, run, and manage applications—from
servers and operating systems to all the networking, storage, middleware, tools,
and more.

What is IaaS (Infrastructure as a Service)?

IaaS, or Infrastructure as a Service, is a cloud computing model that provides
on-demand access to computing resources such as servers, storage, networking,
and virtualization.

UNIT 2

Explain the various Identity and Access Management challenges in the

cloud.
Identity Provisioning / De-provisioning
Maintaining a single ID across multiple platforms and organizations
Compliance Visibility: Who has access to what
Security when using 3rd party or vendor network

Describe the identity management lifecycle.

An identity lifecycle refers to the entire process that starts when a user's digital
identity is created and assigned access to resources, and continues with
authentication of that identity, updates to credentials and attributes, ending when
that identity is retired or deleted entirely.

What are the types of identity providers used in the cloud?

There are two primary types of identity providers: Security Assertion Markup
Language (SAML) and Single-Sign On (SSO)

write a short note on identity broker

In short, Identity Brokers allow Service Providers to offer a selection of Identity
Providers (authentication methods) to their customers via a single integration.
An Identity Broker is an intermediary proxy service that connects multiple
Service Providers (SPs) with multiple Identity Providers (IdPs)

Compare the types of identity providers in the cloud.

Enterprise identity providers are used for identity and access management
(IAM) within an organization. Social-based identity providers maintain
identities related to a user's account with a social network or cloud computing
service (for example, a Google or Facebook account).

Describe a few best practices for IAM in the cloud.

Separation of Duties
Centralize IAM
Categorize Identity Management
Enforce Least Privilege
Delegate Permissions by Roles

Explain Database as a Service.

Database as a service (DBaaS) is a cloud database offering that provides
customers with access to a database without having to deploy and manage the
underlying infrastructure. DBaaS is delivered as a managed database service,
which means that the provider takes care of patching, upgrading, and backing
up the database.

Write a short note on Network as a Service

Network as a service (NaaS) is an emerging model for organizations to consume
network infrastructure through flexible operating expense (OpEx) subscriptions,
inclusive of hardware, software, management tools, licenses, and lifecycle
services.

Explain Anything as a service or Everything as a Service(XaaS).

It encompasses the many products, tools and technologies that vendors deliver
to users as a service over a network -- typically, the internet -- as an alternative
to providing them locally or on-site to an enterprise.

UNIT 3

Explain Identity Federation.

Identity federation is a system of trust between two parties for the purpose of
authenticating users and conveying information needed to authorize their access
to resources.

Tell me about Cloud computing life cycle.

Cloud computing development life cycle (CCDLC) model is proposed for the
designing and developing of cloud from both vendor and consumer
perspectives. The proposed model overcomes the shortcomings and deficiencies
found in the traditional existing software engineering process models.

Stages of Cloud computing life cycle.

Phase One: Defining Your Cloud Philosophy.
Phase Two: Building a Cloud Roadmap.
Phase Three: Off to the Cloud.
Phase Four: Managing Your Assets.
Phase Five: Implementing Transformational Workloads.

Tell me about cloud security

Cloud security, also known as cloud computing security, is a collection of
security measures designed to protect cloud-based infrastructure, applications,
and data. These measures ensure user and device authentication, data and
resource access control, and data privacy protection.

cloud cia security model

Confidentiality, integrity, availability
The following is a breakdown of the three key concepts that form the CIA triad:
Confidentiality is roughly equivalent to privacy. Confidentiality measures are
designed to prevent sensitive information from unauthorized access attempts. It
is common for data to be categorized according to the amount and type of
damage that could be done if it fell into the wrong hands. More or less stringent
measures can then be implemented according to those categories.
Integrity involves maintaining the consistency, accuracy and trustworthiness of
data over its entire lifecycle. Data must not be changed in transit, and steps must
be taken to ensure data cannot be altered by unauthorized people (for example,
in a breach of confidentiality).
Availability means information should be consistently and readily accessible for
authorized parties. This involves properly maintaining hardware and technical
infrastructure and systems that hold and display the information.

cloud security issues and challenges

Misconfiguration.
Unauthorized Access.
Data Loss.
Malware Injections.
Restricted Access to Network Operations.
Insecure APIs.
Insufficient Due Diligence.
Abuse of Cloud Services.

What is Data Security

Data security is the process of safeguarding digital information throughout its
entire life cycle to protect it from corruption, theft, or unauthorized access. It
covers everything—hardware, software, storage devices, and user devices;
access and administrative controls; and organizations' policies and procedures.

What is Host Security

Host security refers to a category of security tools which are deployed at the
host level. Installing updates and deploying a HIDS, a tool used to monitor
traffic to and from the computer in which it is deployed, are examples of host-
based security tools.

What is firewall
A Firewall is a network security device that monitors and filters incoming and
outgoing network traffic based on an organization's previously established
security policies. At its most basic, a firewall is essentially the barrier that sits
between a private internal network and the public Internet.
How is Geo Restriction in CloudFront helpful
The CloudFront geographic restrictions feature lets you control distribution of
your content at the country level for all files that you're distributing with a given
web distribution.

What is Amazon Machine Image?

An Amazon Machine Image (AMI) is a supported and maintained image
provided by AWS that provides the information required to launch an instance.
You must specify an AMI when you launch an instance. You can launch
multiple instances from a single AMI when you require multiple instances with
the same configuration. You can use different AMIs to launch instances when
you require instances with different configurations.

what is amazon s3
Amazon Simple Storage Service (Amazon S3) is an object storage service that
offers industry-leading scalability, data availability, security, and performance.
Customers of all sizes and industries can use Amazon S3 to store and protect
any amount of data for a range of use cases, such as data lakes, websites, mobile
applications, backup and restore, archive, enterprise applications, IoT devices,
and big data analytics. Amazon S3 provides management features so that you
can optimize, organize, and configure access to your data to meet your specific
business, organizational, and compliance requirements.

What are the different data types used in cloud computing?

Some of the different data types used in cloud computing are emails, contracts,
images, blogs, text, Boolean, decimal, locale, number, date etc.

What is a Google Cloud API? How could we access it

Google Cloud APIs allow you to automate your workflows by using your
favorite language. Use these Cloud APIs with REST calls or client libraries in
popular programming languages.
You can access Cloud APIs from server applications with our client libraries in
many popular programming languages, from mobile apps via the Firebase
SDKs, or by using third-party clients.

What is VPC
A virtual private cloud (VPC) is a private cloud computing environment
contained within a public cloud. Essentially, a VPC provisions logically isolated
sections of a public cloud in order to provide a virtual private environment.

what is google app engine

Google App Engine (often referred to by the acronym GAE or simply App
Engine) is a cloud computing platform as a service for developing and hosting
web applications in Google-managed data centers. Applications are sandboxed
and run across multiple servers.

what is load balancing in cloud computing

Load balancing is the method of distributing network traffic equally across a
pool of resources that support an application. Modern applications must process
millions of users simultaneously and return the correct text, videos, images, and
other data to each user in a fast and reliable manner.

What is a Google Cloud Storage bucket?

Buckets are the basic containers that hold your data. Everything that you store
in Cloud Storage must be contained in a bucket. You can use buckets to
organize your data and control access to your data, but unlike directories and
folders, you cannot nest buckets.

What does BigQuery mean

Google BigQuery is a cloud-based big data analytics web service for processing
very large read-only data sets. BigQuery was designed for analyzing data on the
order of billions of rows, using a SQL-like syntax.
What is Object Versioning?
Object versioning provides data protection against accidental or malicious
object update, overwrite, or deletion. Enabled at the bucket level, versioning
directs Object Storage to automatically create an object version each time a new
object is uploaded, an existing object is overwritten, or when an object is
deleted.

what is iot
The Internet of Things (IoT) describes the network of physical objects
—“things”—that are embedded with sensors, software, and other technologies
for the purpose of connecting and exchanging data with other devices and
systems over the internet.