Cloud Architectures and Security Notes (Sem 5)

Unit 1) Cloud Architecture

1) What are Drawbacks of traditional monolithic applications? (5M)

Traditional monolithic cloud applications refer to applications hosted on cloud infrastructure that
follow a monolithic architecture. In a monolithic architecture, the entire application is developed as a
single, tightly-coupled unit. Traditional monolithic applications have several drawbacks, which have
led to the emergence of alternative architectural approaches, such as microservices.

1) Scalability: Monolithic applications can be challenging to scale horizontally because the entire
application is typically deployed as a single unit. Scaling requires replicating the entire application,
even if only specific components need additional resources.

2) Flexibility and Agility: Monolithic applications are less flexible and agile compared to
microservices. Making changes or updates to a monolith often requires redeploying the entire
application, which can be time-consuming and risky.

3) Maintainability: As monolithic applications grow in size and complexity, maintaining and

understanding the codebase can become increasingly challenging. This can hinder the ability to
quickly add new features or fix bugs.

4) Difficulty in Technology Adoption: Adopting new technologies or languages can be challenging in a

monolithic architecture, as the entire codebase may need to be modified to accommodate these
changes.

5) Fault Tolerance and Isolation: In a monolithic architecture, a failure in one part of the application
can potentially affect the entire system. Isolating faults and achieving fault tolerance can be more
challenging compared to microservices.

6) Resource Utilization: Monolithic applications may consume more resources than necessary, as all
components are typically loaded into memory, regardless of whether they are actively being used.
This can lead to inefficient use of cloud resources and increased costs.

7) Vendor Lock-In: Monolithic cloud applications may be more susceptible to vendor lock-in, as they
are built using specific cloud services and technologies.

8) Continuous Deployment Challenges: Continuous integration and continuous deployment (CI/CD)

practices can be more challenging to implement in monolithic applications. Testing and deploying the
entire application as a single unit may slow down the development cycle.

2) Explain Cloud Consumer / Cloud Provider / Cloud Carrier / Cloud Auditor / Cloud Broker in detail.
(5M)

 Cloud Consumer

A cloud consumer, also referred to as a cloud user or cloud customer, is an individual, organization, or
entity that utilizes cloud computing services and resources provided by a cloud service provider.
Cloud consumers leverage these services to meet their computing needs without the necessity of
owning and maintaining physical infrastructure. The role of a cloud consumer is pivotal in the cloud
computing ecosystem.

1) Cloud consumers can vary widely and include individuals, businesses of all sizes, government
agencies, educational institutions, and more. Essentially, any entity requiring computing resources
and services can be a cloud consumer.

2) Variable Requirements: Cloud consumers have diverse computing needs, ranging from simple
storage and computation to more complex requirements such as hosting applications, databases, or
deploying entire software solutions.

3) Cloud consumers often benefit from a pay-per-use or subscription-based model, allowing them to
pay for the resources and services they consume.

4) Cloud consumers can easily scale their computing resources up or down based on demand. This is
a key advantage, allowing them to adjust their infrastructure to handle varying workloads.

5) Cloud consumers access cloud services remotely over the internet. This means they can connect to
and use cloud resources from virtually anywhere, promoting flexibility and accessibility.

6) Cloud consumers are responsible for managing and securing their data in the cloud. This includes
storing, retrieving, and backing up data, as well as implementing data security measures to protect
sensitive information.

7) Cloud consumers must ensure that their use of cloud services complies with relevant standards
and regulations. Consumers have a shared responsibility for securing their applications and data.
They must implement security measures such as access controls, encryption, and identity
management.

 Cloud Provider

A cloud provider is an organization or company that offers cloud computing services and resources to
individuals, businesses, and other entities. These services are delivered over the internet, and cloud
providers are responsible for managing and maintaining the underlying infrastructure that supports
the cloud services. Cloud providers play a crucial role in the overall cloud computing ecosystem.

1) Cloud providers own and manage the physical infrastructure that supports cloud services. This
infrastructure includes data centres, servers, networking equipment, storage facilities, and other
hardware components.

2) Cloud providers offer a range of services, typically categorized into three main models: SaaS, PaaS,
and IaaS.

3) Major cloud providers often have a global presence, with data centres located in various regions
around the world.

4) Cloud providers offer scalable solutions, allowing cloud consumers to easily scale their computing
resources up or down based on demand. This scalability is a key feature of cloud computing and
supports flexibility in resource allocation.

5) Cloud providers often adopt a pay-per-use or subscription-based billing model. This means that
cloud consumers are billed based on their actual usage of resources.
6) Cloud providers are responsible for implementing and maintaining security measures to protect
the infrastructure and services. This includes physical security, network security, and measures to
ensure the confidentiality, integrity, and availability of data.

7) Cloud providers must adhere to industry standards and regulatory requirements. This includes
compliance with data protection laws, privacy regulations, and other relevant standards.

8) Providing customer support is an essential responsibility of cloud providers. This involves assisting
cloud consumers with technical issues, inquiries, and ensuring a positive customer experience.

 Cloud Carrier

A cloud carrier, often referred to as a network service provider or telecommunications provider, is an

entity that plays a crucial role in facilitating the connectivity between cloud consumers and cloud
providers. Cloud carriers provide the essential network infrastructure and services that enable the
transfer of data between on-premises infrastructure or end-users and the data centers of cloud
providers.

1) Cloud carriers offer the network connectivity required for data to travel between the cloud
consumer's premises and the data centers of cloud providers. This connectivity may involve various
technologies, including internet connections, dedicated lines, virtual private networks (VPNs), and
other networking solutions.

2) Cloud carriers often provide internet services that facilitate the transmission of data between the
cloud consumer and the cloud provider over the public internet.

3) In cases where organizations require enhanced security, reliability, and performance, cloud carriers
offer dedicated lines or private network connections.

4) Cloud carriers provide the necessary bandwidth to support the volume of data transfer between
the cloud consumer and the cloud provider. Bandwidth provisioning is crucial for ensuring that the
network can handle the data load efficiently.

5) Cloud carriers implement security measures to protect data during transit. This may involve
encryption, secure communication protocols, and other security features to safeguard the integrity
and confidentiality of data in transit.

6) Cloud carriers manage and optimize network traffic to ensure efficient utilization of resources. This
includes techniques like load balancing and traffic shaping to enhance the overall performance of the
network.

7) Many cloud carriers have a global presence with an extensive network infrastructure spanning
multiple geographic regions. This global reach allows cloud consumers to connect to cloud services
from locations around the world, improving accessibility and performance.

8) Cloud carriers may offer Quality of Service guarantees to optimize the performance of certain
types of traffic.

 Cloud Auditor

A cloud auditor is an entity or individual responsible for assessing and evaluating the security,
compliance, and overall performance of cloud services and infrastructure. The role of a cloud auditor
is crucial in establishing trust between cloud consumers and cloud providers, ensuring that cloud
services meet industry standards, regulatory requirements, and contractual agreements.
1) Cloud auditors perform thorough analyses of cloud services and infrastructure. They review
documentation, conduct interviews, and use various assessment methods to gain a comprehensive
understanding of the cloud provider's practices.

2) Cloud auditors document their findings and create comprehensive reports detailing the results of
their assessments. These reports may include recommendations for improvements and areas where
the cloud provider is in compliance.

3) Cloud auditors collaborate with various stakeholders, including cloud consumers, cloud providers,
and regulatory bodies.

4) Cloud auditors must stay informed about changes in industry standards, regulations, and emerging
security threats.

5) Assessing the performance and reliability of cloud services is an essential function of cloud
auditors.

6) Cloud auditors perform risk assessments to identify potential vulnerabilities, threats, and risks
associated with the use of cloud services.

7) Cloud auditors conduct security audits to assess the effectiveness of security controls and
measures implemented by cloud providers.

8) Cloud auditors verify that cloud services comply with relevant industry standards, regulations, and
legal requirements. This may involve assessing adherence to data protection laws, privacy
regulations, and industry-specific compliance measures.

 Cloud Broker

A cloud broker is an intermediary entity or service that facilitates the relationship between cloud
consumers (organizations or individuals using cloud services) and multiple cloud service providers.
The primary goal of a cloud broker is to enhance the efficiency and effectiveness of cloud computing
by providing added value in terms of services, expertise, and management capabilities. Cloud brokers
can offer a range of services to help cloud consumers choose, manage, and optimize their use of
cloud resources.

1) Cloud brokers aggregate services from multiple cloud providers, offering a single interface through
which cloud consumers can access and manage a variety of cloud services.

2) They simplify the complexities of dealing with multiple providers directly.

2) In a multi-cloud environment, cloud brokers help cloud consumers select the most suitable cloud
services or providers based on factors such as cost, performance, reliability, and compliance. They
act as advisors in the decision-making process.

3) Cloud brokers may offer customization and management services to tailor cloud solutions to the
specific requirements of cloud consumers. This includes configuring settings, optimizing
performance, and managing resources.

4) Cloud brokers can provide additional security and compliance services, such as encryption, access
control, and compliance monitoring.

5) Cloud brokers play a role in managing risks associated with cloud services. This includes assessing
potential security vulnerabilities and evaluating the financial stability of cloud providers.
6) Types of Cloud Brokers:

a) Intermediary Broker: Provides intermediation services to enhance or modify cloud services for the
benefit of cloud consumers.

b) Aggregator Broker: Aggregates multiple cloud services and offers them as a unified package to
cloud consumers.

c) Customization Broker: Focuses on customizing cloud services to meet the specific needs of cloud
consumers.

d) Security Broker: Specializes in enhancing the security of cloud services. This includes implementing
security measures, monitoring for threats, and ensuring compliance with security standards and
regulations.

e) Governance Broker: Focuses on governance and compliance aspects of cloud services such as
defining policies, ensuring regulatory compliance, and managing the overall governance.

3) What is SaaS/PaaS/IaaS? (5M)

 SaaS
 PaaS
  IaaS

4) NIST Definition of Cloud Computing. (2M)

The National Institute of Standards and Technology (NIST) provides a widely accepted and referenced
definition of cloud computing. According "The NIST Definition of Cloud Computing," cloud computing
is defined by five essential characteristics, three service models, and four deployment models.

 Essential Characteristics:

1) On-Demand Self-Service: Cloud computing resources, such as computing power and storage, are
provisioned automatically as needed, without requiring human intervention from the service
provider.

2) Broad Network Access: Cloud services are accessible over the network and can be accessed by
various devices, such as laptops, smartphones, and tablets, using standard mechanisms.

3) Resource Pooling: Cloud providers pool computing resources to serve multiple consumers.
Resources are dynamically assigned and reassigned according to consumer demand.

4) Rapid Elasticity: Cloud resources can be rapidly and elastically provisioned and released. This
enables users to scale resources up or down based on demand, often automatically.

5) Measured Service: Cloud computing resources are metered, and usage is monitored, controlled,
and reported. This enables transparency and provides a basis for billing and resource management.

 Service Models:

1) Infrastructure as a Service (IaaS)

2) Platform as a Service (PaaS)

3) Software as a Service (SaaS)

 Deployment Models:

1) Public Cloud: Cloud infrastructure is provisioned for open use by the general public. It is owned
and operated by a cloud service provider, and resources are made available to multiple customers.

2) Private Cloud: Cloud infrastructure is provisioned for exclusive use by a single organization. It can
be owned, managed, and operated by the organization itself or by a third party.

3) Community Cloud: Cloud infrastructure is provisioned for exclusive use by a specific community of
consumers from different organizations that have shared concerns. It may be owned, managed, and
operated by the organizations, a third party, or a combination.

4) Hybrid Cloud: Cloud infrastructure is a composition of two or more distinct cloud deployment
models (public, private, or community) that remain unique entities but are bound together by
standardized or proprietary technology. Data and application portability are key considerations in a
hybrid cloud.

5) Explain five essential characteristics of cloud model with reference of NIST. (5M)

1) On-Demand Self-Service: Cloud computing resources can be provisioned and managed

automatically without requiring human intervention from the service provider. Users can
independently request and configure computing resources, such as processing power, storage, or
network bandwidth, as needed. This characteristic empowers users to scale their usage of resources
without direct involvement from the cloud provider.
2) Broad Network Access: Cloud services are accessible over the network and can be accessed by a
variety of devices using standard mechanisms. Cloud services are designed to be accessed over the
internet or other networks. Users can access these services from different devices, including laptops,
smartphones, and tablets. This characteristic emphasizes the importance of network accessibility and
standard communication protocols.

3) Resource Pooling: Cloud providers pool computing resources to serve multiple consumers, with
resources dynamically assigned and reassigned according to demand. Multiple users share common
computing resources, and these resources are dynamically allocated based on demand. This pooling
of resources enables efficiency and optimization, allowing cloud providers to achieve economies of
scale. Users benefit from the ability to scale resources up or down based on their needs.

4) Rapid Elasticity: Cloud resources can be rapidly and elastically provisioned and released to scale
quickly based on demand. Cloud services can scale up or down to handle varying workloads, and this
scalability is achieved rapidly and automatically. This characteristic is essential for addressing
fluctuating resource requirements, allowing users to adapt to changing demands and avoid
underprovisioning or overprovisioning of resources.

5) Measured Service: Cloud computing resources are metered, and usage is monitored, controlled,
and reported, providing transparency and accountability. Cloud providers measure and track
resource usage, allowing for transparent reporting and billing. Users are billed based on their actual
consumption of resources, promoting efficiency and cost-effectiveness. Measured service also
provides insights into resource utilization, enabling users to optimize their usage and control costs.

6) Explain advantages of SaaS/PaaS/IaaS. (2M)

Same as above.

7) Explain Common SaaS/PaaS/IaaS scenarios. (2M)

 SaaS

1) Customer Relationship Management (CRM): Managing customer interactions, sales leads, and
marketing activities through a centralized platform. Examples: Salesforce, HubSpot

2) Enterprise Resource Planning (ERP): Integrated solutions for managing business processes like
finance, human resources, and supply chain. Examples: NetSuite, SAP S/4HANA Cloud

3) Human Resources Management System (HRMS): Personnel management, payroll, recruitment,

and employee performance tracking. Examples: Workday, BambooHR

4) Accounting and Financial Software: Cloud-based accounting and financial management tools for
businesses of all sizes. Examples: QuickBooks Online, Xero

5) Project Management: Collaboration and task management tools for organizing and tracking
projects. Examples: Asana, Trello

6) Collaboration and Communication Tools: Use Case: Real-time messaging, file sharing, and
collaboration among team members. Examples: Slack, Microsoft Teams

7) File Storage and Sharing: Cloud-based file storage with sharing and collaboration features.
Examples: Dropbox, Box

 PaaS
1) Web Application Development and Hosting: Rapid development and deployment of web
applications without managing underlying infrastructure. Examples: Heroku, Google App Engine

2) Database Management: Managed database services for hosting, scaling, and maintaining
databases. Examples: Amazon RDS, Azure SQL Database

3) IoT Application Development: Building and managing applications for the Internet of Things (IoT)
with integrated services. Examples: Azure IoT, AWS IoT Core

4) API Development and Management: Creating, publishing, and managing APIs with features like
security and analytics. Examples: Apigee, Azure API Management

5) Container Orchestration: Deploying, managing, and scaling containerized applications in a

clustered environment. Examples: Kubernetes, OpenShift

 IaaS

1) Virtual Machines and Computing Resources: Hosting applications, websites, or development

environments on scalable virtual machines. Examples: AWS EC2, Azure Virtual Machines

2) Storage and Backup Solutions: Scalable and durable storage solutions with options for backups and
archival. Examples: Amazon S3, Google Cloud Storage

3) High-Performance Computing (HPC): Running complex simulations, scientific computations, and

data analysis on powerful computing clusters. Examples: AWS HPC, Azure HPC

4) Networking Components: Designing and managing virtual networks, load balancers, firewalls, and
other networking components. Examples: AWS VPC, Azure Virtual Network

5) Disaster Recovery and Backup: Implementing disaster recovery plans, backup, and data
replication. Examples: AWS Backup, Azure Site Recovery

6) Content Delivery Networks (CDN): Accelerating content delivery, improving website performance,
and reducing latency. Examples: AWS CloudFront, Azure CDN

8) Explain Public Cloud/Private Cloud/Hybrid Cloud. (2M)

 Public Cloud

A public cloud refers to a cloud computing environment that is owned, operated, and provided by a
third-party cloud service provider. In a public cloud, computing resources such as virtual machines,
storage, and applications are shared among multiple customers over the internet. Each customer's
data and applications are logically isolated. Public clouds offer on-demand scalability, allowing users
to increase or decrease resources based on their requirements. The pay-as-you-go model allows
users to pay for the resources they consume, making it cost-effective. Public clouds are accessible
over the internet, making them suitable for a wide range of users and applications. Examples:
Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP).

 Private Cloud

A private cloud is a cloud computing environment that is used exclusively by a single organization. It
can be hosted on-premises or by a third-party provider. The primary characteristic of a private cloud
is that it provides dedicated and isolated computing resources for a single organization. Computing
resources are exclusive to a single organization, providing greater control and customization. Private
clouds offer enhanced security and compliance features, making them suitable for industries with
strict regulatory requirements. Organizations have more control over the configuration, architecture,
and management of the private cloud infrastructure. Since resources are not shared with other
organizations, private clouds can offer more predictable and consistent performance. Examples:
Microsoft Azure Stack, OpenStack

 Hybrid Cloud

A hybrid cloud is a combination of (two or more cloud models) public and private clouds that operate
as a single, integrated environment. In a hybrid cloud model, data and applications can move
seamlessly between the private and public environments. This flexibility allows organizations to
optimize their workloads based on factors like cost, performance, and security. Organizations can
balance cost-effectiveness by using the public cloud for scalable workloads and the private cloud for
more sensitive or stable workloads. Organizations can leverage the scalability of the public cloud
while keeping sensitive workloads in the private cloud. Examples: AWS Outposts, Azure Hybrid Cloud,
Google Cloud Anthos.

9) Explain various services involved in Cloud Service Management. (5M)

Cloud Service Management involves various services and processes to plan, design, implement,
operate, and continually improve the delivery and use of cloud services. These services aim to ensure
the effective and efficient utilization of cloud resources while meeting business objectives.
1) Business Support: Business Support entails the set of business-related services like handling clients
and other supporting processes. It includes the components required to run business operations that
directly involve the clients.

2) Customer management: Manage customer accounts, open/close/terminate accounts, manage

user profiles, and manage customer relationships by providing points-of-contact and resolving
customer issues and problems.

3) Contract management: Manage service contracts, setup, negotiate, close and terminate contracts,
etc.

4) Accounting and Billing: Manage customer billing information, send billing statements, process
received payments, track invoices and other accounting related functions.

5) Reporting and Auditing: Monitor user operations and activities and generate reports based on it.

6) Pricing and Rating: Evaluate cloud services and determine prices, handle promotions, etc.

7) Resource changing: Adjusting configuration/resource assignment for repairs, upgrades and joining
new nodes into the cloud.

8) Monitoring and Reporting: Discovering and monitoring virtual resources, monitoring cloud
operations and events and generating performance reports.

9) SLA management: Encompassing the SLA contract definition, SLA monitoring and SLA enforcement
consistent with defined policies.

10) What is Cloud portability? (2M)

Cloud portability refers to the ability to move applications, workloads, and data seamlessly across
different cloud environments. It involves the flexibility and ease with which an organization can
migrate its assets (applications, data, configurations) from one cloud service provider to another or
between different cloud deployment models (such as public, private, or hybrid clouds). With cloud
portability, organizations can avoid being tied to a specific cloud provider, providing them with more
flexibility and negotiating power. Cloud portability enables organizations to choose the most cost-
effective cloud provider for their specific needs. In case of service disruptions, security concerns, or
changes in business requirements, the ability to move applications and data easily acts as an
effective risk mitigation strategy to prevent data loss.

11) What is data portability/service interoperability/system portability (2M)

 Data Portability

Data portability refers to the ability to transfer and use personal data across different applications or
platforms in a standardized and user-friendly manner. It allows individuals to access, move, and use
their data across various services or applications without being restricted by proprietary formats or
closed ecosystems. Individuals have control over their data, including the ability to export, delete, or
transfer it. For example: Example: Allowing users to export their contacts from one social media
platform and import them into another.

 Service Interoperability

Service interoperability refers to the ability of different software services or systems to work together
and exchange information seamlessly. It involves the use of open standards, protocols, and APIs to
ensure that services from different providers can interact effectively. Services adhere widely
accepted standards for such communication. Well-documented and standardized APIs enable
services to seamlessly communicate with each other. Consistent data formats and structures further
facilitate the exchange of information. For example: Integrating a customer relationship management
(CRM) system with an email marketing platform, allowing data to flow between the two systems.

 System Portability

System portability involves designing and implementing systems or applications in a way that allows
them to be easily moved or deployed across different environments, such as different operating
systems or cloud platforms. Applications should be developed in a way that is not tied to a specific
operating system or hardware. Virtual machines or other virtualization technologies can be used to
abstract applications from the underlying infrastructure. For example: Deploying an application
developed on a Windows server to a Linux server without modification, thanks to the use of
platform-independent technologies.

12) What are the Pillars of Well-Architected Frameworks? (5M)

The Well-Architected Framework is a set of best practices and guidelines provided by cloud service
providers to help users build secure, high-performing, resilient, and efficient infrastructure for their
applications. While the specific details may vary between cloud providers, the fundamental pillars of
the Well-Architected Framework are generally common.

1) Operational Excellence: Operational Excellence focuses on running and monitoring systems to

deliver business value, continually improving processes and procedures. It is the ability to support
development, run workloads effectively, and gain insight into their operations.

2) Security: Security focuses on protecting data, systems, and assets. The security pillar describes
how to take advantage of cloud technologies to protect data, systems, and assets in a way that can
improve your security posture.

3) Reliability: Reliability is about ensuring a workload operates correctly and consistently under
various conditions. It involves setting up environments to automatically recover from failures.

4) Performance Efficiency: The ability to use computing resources efficiently to meet system
requirements, and to maintain that efficiency as demand changes and technologies evolve. It
involves making the most of computing resources to avoid waste and efficiently scaling resources
based on demand.

5) Cost Optimization: It involves avoiding unnecessary costs and optimizing spending to meet
business requirements without sacrificing performance, reliability, or security.

6) Sustainability: Sustainability: The ability to continuously improve sustainability by reducing energy

consumption and increasing efficiency across all components by maximizing the benefits achieved
from the resources and minimizing the total resources required.

13) What are five design principles for operational excellence in cloud? (5M)

1) Perform operations as code: You can define your entire workload (applications, infrastructure,
etc.) as code and update it with code. Treat infrastructure and operations procedures as code,
enabling automation and consistency in the deployment and management of resources. By
performing operations as code, you limit human error and enable consistent responses to events.
2) Make frequent, small, reversible changes: Make changes in small amounts that can be reversed if
they fail to aid in the identification and resolution of issues in your environment. This approach
reduces the impact of changes. Ensure that rollback mechanisms are in place, allowing for quick and
safe reversal of changes.

3) Refine operations procedures frequently: As you use operations procedures, look for opportunities
to improve them. As you evolve your workload, evolve your procedures appropriately. Review and
validate that all procedures are effective and that teams are familiar with them.

4) Anticipate failure: Try to identify potential sources of failure so that they can be removed or
mitigated. Test your failure scenarios and validate your understanding of their impact. Test your
response procedures to ensure they are effective and that teams are familiar with their execution.

5) Learn from operational failures: Use incidents and outages as learning opportunities to improve
processes and prevent similar issues in the future. Document lessons learned and update operational
procedures based on insights gained from incidents. Share what is learned across teams and through
the entire organization.

14) What are four best practice areas for operational excellence in the cloud? (2M)

Operational Excellence in the cloud is achieved through the implementation of best practices that
streamline operations, improve efficiency, and enhance overall performance. Organizations must
understand requirements and priorities and use these to organize and conduct work to support the
achievement of business outcomes.

1) Organization

2) Prepare

3) Operate

4) Evolve

15) What is CI/CD? (2M)

CI/CD stands for Continuous Integration and Continuous Delivery (or Continuous Deployment), and it
is a set of best practices and automated processes aimed at improving the development, testing, and
release of software. These practices are integral to modern software development methodologies,
particularly in the context of agile and DevOps.

 Continuous Integration (CI)

Continuous Integration is the practice of regularly integrating code changes from multiple
contributors into a shared repository. The primary goal is to detect and address integration issues
early in the development process. Developers integrate their work frequently (multiple times a day),
reducing the likelihood of conflicting changes and identifying issues early.

 Continuous Delivery (CD)

Continuous Delivery is an extension of Continuous Integration and involves automating the delivery
of software to various environments (e.g., staging or production) after passing through the
integration and testing phases. The process of deploying the application to different environments is
automated, reducing the risk of human errors in the deployment process. The same deployment
process is used for all environments, ensuring consistency and reducing the likelihood of issues
caused by environment-specific configurations. A deployment pipeline is created to automate the
stages involved in releasing software, from integration and testing to deployment and monitoring.

 Continuous Deployment (CD)

Continuous Deployment takes the concept of Continuous Delivery a step further. In a Continuous
Deployment model, every code change that passes automated testing is automatically deployed to
production without manual intervention. Once changes pass automated tests, they are automatically
deployed to the production environment without manual approval. Continuous Deployment allows
for rapid and frequent releases.

 CI/CD Pipeline

The CI/CD pipeline is the automated process that encompasses Continuous Integration, Continuous
Delivery, and Continuous Deployment. It consists of various stages that code goes through, from
development to production. The pipeline typically includes stages such as code compilation,
automated testing, deployment to staging, and deployment to production.

16) What is APM tool? (1M)

APM stands for Application Performance Monitoring or Application Performance Management, and
an APM tool is a software solution designed to monitor, manage, and optimize the performance of
applications. APM tools provide insights into various aspects of an application's behaviour, helping
developers and IT teams identify and resolve performance issues, enhance user experience, and
ensure the overall health of applications.

17) What is MTTR? (1M)

MTTR stands for Mean Time to Recovery, and it is a key performance indicator that measures the
average time it takes to restore a system or service after a failure or incident. MTTR is an important
metric in IT service management and operations, as it provides insights into how quickly an
organization can recover from disruptions and restore normal operations.

18) What is MTBF? (1M)

MTBF stands for Mean Time Between Failures, and it is a measure used to assess the reliability of a
system or a component. MTBF represents the average time that elapses between one failure of a
system or component and the next one. It is a key metric in reliability engineering and is often used
to predict the expected reliability of a system over time. MTBF is typically expressed in units of time,
such as hours, days, or years.

19) What is KPIs? (1M)

KPI stands for Key Performance Indicator. KPIs are measurable values that demonstrate how
effectively an organization is achieving its key business objectives. They are used to evaluate the
performance of an organization, department, team, or individual in reaching strategic goals. KPIs are
crucial in providing insights into the success or challenges of business processes and are commonly
used in performance management and decision-making.

20) Explain Reliability Pillar. (5M)

In the context of the Well-Architected Framework provided by cloud service providers, the Reliability
Pillar is one of the five pillars that guide organizations in building and maintaining reliable and
resilient cloud architectures. The Reliability Pillar emphasizes the importance of designing systems
that can recover from failures, meet customer expectations for availability, and continuously evolve
to handle changes in demand and requirements. The goal is to ensure that applications and
workloads operate dependably and consistently, even in the face of disruptions.

1) Conduct regular reviews to assess the reliability of architectures and identify areas for
improvement.

2) Implement a robust change management process to assess the impact of changes on reliability.

3) Use automation for making changes to reduce the risk of errors.

4) Analyse potential failure modes and implement mechanisms for mitigation.

5) Design for horizontal scalability to handle changes in demand and distribute traffic effectively.

6) Implement auto-scaling mechanisms to dynamically adjust resources based on demand.

7) Embrace a culture of continuous improvement to drive operational excellence.

8) Apply the best security practices to protect systems and data from unauthorized access or attacks.
Have an incident response plan in place to address security incidents promptly.

9) Implement feedback mechanisms to learn from incidents and continuously enhance reliability.

10) Implement distributed data management strategies for resilience.

21) Explain Design principles of Performance Efficiency Pillar. (5M)

1) Democratize Advanced Technologies: Make advanced technologies and best practices accessible
to all teams, enabling them to leverage the benefits of innovations. Provide training and resources to
empower teams to use these advanced technologies.

2) Go Global in Minutes: Leverage the global reach of cloud services to deploy applications and
workloads across multiple regions quickly. Use content delivery networks (CDNs) to distribute
content globally. Design applications for global deployment to improve user experience.

3) Use Serverless Architectures: Embrace serverless computing to eliminate the need for server
provisioning and management. Leverage serverless services like AWS Lambda, Azure Functions, or
Google Cloud Functions. Design applications to scale automatically and only consume resources
when needed.

4) Experiment More Often: Encourage a culture of experimentation to continuously improve

performance and efficiency. Establish processes for measuring and learning from experiments.

5) Mechanical Sympathy: Understand the underlying infrastructure and tailor applications to take
advantage of the characteristics of the cloud environment. Design applications that align with the
strengths and limitations of the cloud infrastructure.

22) Explain N-tier/Web-Queue-Worker/Microservices/Event-Driven/Big Data, BigCompute

architecture style. (5M)

 N-tier

N-tier architecture, also known as multi-tier architecture, is a design approach for software
applications that involves dividing the application logic into multiple layers or tiers. Each tier
represents a distinct functional unit with specific responsibilities, and the layers communicate with
each other to fulfil the overall functionality of the application. This architectural style is commonly
used in the development of large, scalable, and maintainable enterprise applications.

1) The "N" in N-tier stands for the number of tiers or layers in the architecture. The most common N-
tier architectures are 3-tier and 4-tier architectures, but more complex applications may have
additional tiers.

2) The primary tiers of the N-tier architecture are as follows:

a) Presentation Tier (Tier 1): Also known as the "client" or "user interface" tier, it is responsible for
presenting information to the user and handling user interactions.

b) Application Tier (Tier 2): Also known as the "business logic" or "middle" tier, it manages the
application's business logic and processes and also interacts with both the presentation tier and the
data tier.

c) Data Tier (Tier 3): Also known as the "data access" or "persistence" tier. Manages the storage and
retrieval of data. Interacts with databases, file systems, or other data storage mechanisms.

3) Components within each tier can be reused across different parts of the application or in other
projects.

4) Security measures can be implemented at each tier, providing a layered defence against potential
threats.

5) The structure facilitates easier maintenance, updates, and changes to specific components
without affecting the entire application.

 Web-Queue-Worker

The Web-Queue-Worker architecture is a design pattern that organizes the components of an

application into three main tiers or layers: the Web tier, the Queue tier, and the Worker tier. This
architectural style is often used to build scalable, distributed, and asynchronous systems where tasks
or processes can be offloaded from the main application flow to improve performance and
responsiveness. Each tier has specific responsibilities in handling different aspects of the application's
functionality.

a) Web Tier: Handles incoming user requests and manages the user interface and consists of web
servers, load balancers, user interfaces, and the components responsible for handling synchronous
tasks.

b) Queue Tier: Acts as an intermediary for asynchronous communication between the Web and
Worker tiers. Stores tasks or messages in a queue, allowing them to be processed independently.

c) Worker Tier: Processes tasks or messages asynchronously from the Queue tier. Executes
background jobs, performs resource-intensive operations, or handles long-running processes.

1) If the Worker tier experiences issues or becomes overloaded, tasks can be temporarily stored in
the queue, preventing loss of data and improving system resilience.

2) Performance of the Web tier is enhanced as it can quickly respond to user requests without
waiting for time-consuming tasks to complete.

3) Faults or failures in one tier (e.g., Worker tier) do not directly impact the other tiers, providing a
level of fault isolation.
  Microservices

Microservices is an architectural style that structures an application as a collection of small,

independent, and loosely coupled services. Each service is designed to perform a specific business
function and can run in its own process, communicate with other services through well-defined APIs
(Application Programming Interfaces), and can be developed and deployed independently. This
architectural approach contrasts with the monolithic architecture, where an application is built as a
single, tightly integrated unit.

1) Microservices break down the application into smaller, self-contained services, each responsible
for a specific business capability. This makes it easier to develop, test, deploy, and scale individual
services.

2) Microservices can be scaled independently based on the specific services that require additional
resources. This allows for more efficient resource utilization.

3) Failures in one microservice do not necessarily impact the entire application.

4) Microservices can have their own databases, and data consistency is maintained through
communication between services.

5) Different microservices within an application can use different technologies, databases, and tools
based on their specific needs. This flexibility enables teams to choose the best technology stack for
each service.

 Event-Driven

Event-Driven Architecture (EDA) is an architectural style that structures communication between

software components as a series of events. Event-Driven Architectures use a publish-subscribe (pub-
sub) model, where producers publish events, and consumers subscribe to them. The producers are
independent from the consumers, and consumers are independent from each other.

1) Events represent notable occurrences or state changes in the system. Examples include user
actions or changes in data. In an event-driven system, components or services communicate by
producing or consuming events.

2) Event producers are components or services that generate and emit events. They are responsible
for signalling changes or occurrences in the system.

3) Event consumers are components or services that subscribe to and react to events. They listen for
specific types of events and perform actions in response.

4) Components are decoupled, allowing for easier maintenance, updates, and changes.

5) Components can scale independently, making it easier to handle varying workloads.

6) Failures in one component do not necessarily impact the entire system, improving fault isolation.

 Big Data

Big Data Architecture refers to the design and organization of systems that handle the challenges
posed by large volumes of data, diverse data types, and the need for fast processing and analysis.
The goal of big data architecture is to provide a scalable and efficient infrastructure for collecting,
storing, processing, and analyzing vast amounts of data. This architecture is crucial for organizations
that deal with massive datasets and want to extract valuable insights to make informed business
decisions.

1) Big data architecture accommodates both structured data (e.g., databases, tables) and
unstructured data (e.g., text, images, videos) from various sources.

2) Big data architectures often use distributed file systems (e.g., Hadoop Distributed File System -
HDFS) to store and manage large datasets across multiple nodes.

3) Cloud-based object storage services (e.g., Amazon S3, Azure Blob Storage) are commonly used for
scalable and cost-effective storage.

4) Technologies like Apache Hadoop MapReduce, Apache Spark, and Apache Flink are used for
processing large datasets.

5) Data warehouses are used for structured data analytics and complex queries.

 Big Compute

The term "big compute" generally refers to the use of large-scale computing resources to tackle
complex and computationally intensive tasks. Big Compute Architecture, therefore, refers to the
design and organization of systems that are optimized for large-scale computational workloads.
These workloads often involve high-performance computing (HPC) scenarios and the need for
significant computational power. Big Compute is commonly used in scientific research, simulations,
data analysis, and other scenarios where traditional computing resources may be insufficient.

1) Big Compute architectures often involve the use of clustered computing resources. These clusters
may consist of multiple interconnected servers.

2) Big Compute architectures leverage parallel processing algorithms to distribute computational

tasks across multiple processors or nodes simultaneously.

3) Big Compute systems employ job schedulers to manage and schedule the execution of
computational tasks across the available resources.

4) Big Compute architectures often require high-speed and scalable storage systems to handle the
large volumes of data generated during computations.

5) Efficient data movement protocols are crucial for moving input and output data between storage
and computational nodes.

6) In certain scenarios, MapReduce models may be applied for distributed data processing.

7) Depending on the nature of the computational tasks, specialized hardware accelerators may be
employed to enhance performance.

23) Explain the advantages of Microservices. (5M)

1) Scalability: Microservices allow for individual components to be scaled independently based on

the specific needs of each service. This leads to more efficient resource utilization.

2) Modularity: Services in a microservices architecture are independent modules, making it easier to

develop, deploy, and maintain each service. Changes in one service don't necessarily affect others.
3) Technology Diversity: Different services within a microservices-based application can use different
technologies, programming languages, and frameworks, allowing teams to choose the best tools for
the specific requirements of each service.

4) Autonomous Development and Deployment: Microservices enable autonomous development and

deployment. Teams can work independently on different services, allowing for faster release cycles
and updates.

5) Resilience and Fault Isolation: Failures in one microservice do not necessarily impact the entire
application. The modular nature of microservices architecture allows for better fault isolation and
resilience.

24) Explain the challenges of Microservices. (5M)

1) Managing a distributed system introduces complexities related to communication and data

consistency.

2) Coordinating communication between microservices and managing data consistency can be

challenging.

3) Operating and monitoring a large number of microservices requires robust DevOps practices,
monitoring tools, and infrastructure management.

4) Ensuring consistency across distributed data stores can be complex.

5) Discovering and managing the locations of various microservices can be challenging.

6) Microservices introduce additional security considerations, such as securing inter-service

communication and implementing proper access controls.

7) Deciding how to partition and distribute data across microservices can be challenging.

Unit 2) Server Architecture

1) What is Service-oriented architecture (SOA)? (2M)

Service-Oriented Architecture (SOA) is an architectural style that structures software applications as

a collection of services. In a service-oriented architecture, services are the fundamental building
blocks, and they represent well-defined business functionalities. These services can be
independently developed, deployed, and consumed, allowing for a flexible approach to software
design. Services are loosely coupled, meaning they operate independently of each other and the
changes made to one service do not directly affect others. SOA provides flexibility and adaptability to
changes in business requirements.

2) What are the objectives of SOA? (3M)

1) Service: This objective aims to structure procedures or software components as services. Services
are designed to be loosely coupled to applications, so they're only used when needed. They're also
designed so software developers can easily use them to create applications in a consistent way.

2) Publishing: SOA also aims to provide a mechanism for publishing available services that includes
their functionality and input/output requirements. Services are published in a way that lets
developers easily incorporate them into applications.
3) Security: The third objective of SOA is to control the use of services to avoid security and
governance problems. SOA relies on the security of the individual components within the
architecture, the identity and authentication procedures related to those components, and the
security of the connections between the components of the architecture.

3) What is REST/SOAP? (2M)

 REST

REST stands for Representational State Transfer and it is a software architectural style that defines
the constraints to create web services. It was created by popular scientist Roy Fielding. It imposes
conditions on how an API should work and has become one of the most widely used approaches for
building web-based APIs. The web services that follow the REST architectural style are called RESTful
Web Services. REST API is a way of accessing web services in a simple and flexible way without having
any processing.

A request is sent from client to server in the form of a web URL as HTTP GET or POST or PUT or
DELETE request. After that, a response comes back from the server in the form of a resource which
can be anything like HTML, XML, Image, or JSON. For example, when a developer calls Instagram API
to fetch a specific user, the API will return the state of that user, including their name, the number of
posts that user posted on Instagram so far, how many followers they have, etc.

 SOAP

Simple Object Access Protocol is a network protocol for exchanging structured data between nodes.
It uses XML format to transfer messages. SOAP allows processes to communicate throughout
platforms, languages, and operating systems. SOAP is a light weight data interchange protocol
because it is based on XML. It is built on top of HTTP which is installed in most systems.

The SOAP message in XML format contains three parts: envelope, header, and body. The envelope
specifies that the XML message is a SOAP message. The header is not mandatory but when it is
present it can provide crucial information about the applications. The body contains the actual
message that is being transmitted.

4) What is a Server? Explain different types of Servers. (5M)

A server is a computer or system that is designed to provide services, resources, or functionality to

other computers, known as clients, within a network. Servers are essential components of network
infrastructure, and they respond to requests from clients, delivering data, applications, or services.
Servers are typically optimized to handle a higher volume of requests compared to client computers.

Types of Servers:

1) Web server: Web Servers handle requests from clients over the HTTP or HTTPS protocols and
deliver web pages, images, and other web content.

2) File server: File servers store and manage files that can be accessed and shared by clients within a
network. They provide centralized storage and file organization. File transfer protocols such as FTP
are commonly used.

3) Database Server: Database servers manage and provide access to databases, allowing clients to
retrieve, store, and manipulate data. Examples of database servers include MySQL, PostgreSQL,
Oracle Database, etc.
4) FTP (File Transfer Protocol) Server: FTP servers facilitate the transfer of files between clients and
servers. They allow users to upload and download files over a network.

5) Application server: Application servers execute and host applications, providing a runtime
environment for software applications to run. Examples include Java EE servers and Microsoft .NET
servers.

6) Real Time Communication Server: Real time communication server is also known as chat server or
IRC server. It refers to instant messaging servers. Real time communication server allows large
number of users to exchange the information instantaneously.

7) Open-Source Servers: Open-source server is a public domain software designed to deliver web
pages over www. It runs on computers that are connected to the internet. Open-source servers
support file uploading and downloading using FTP and also provide security features.

5) What are virtual servers? (2M)

Virtual servers, also known as virtual machines (VMs), are software-based emulations of physical
computers. They operate within a virtualized environment and share the resources of a physical
server, allowing multiple virtual servers to run on a single physical machine. Various virtualization
technologies are used to create and manage virtual servers. Example: VMware. It is also called a
virtual server and it typically is a compute resource that uses software instead of a physical computer
to run programs and deploy apps.

6) What is a bare-metal server? (2M)

A bare-metal server, also known as a dedicated server or physical server, is a type of server that runs
directly on the hardware without the need for virtualization. Unlike virtual servers that operate
within a virtualized environment, a bare-metal server is dedicated entirely to a single tenant or
customer, providing exclusive access to the entire physical server and its resources, including CPU,
memory, storage, and network bandwidth. The operating system (OS) interacts directly with the
physical hardware. The dedicated nature of bare-metal servers can contribute to enhanced security,
as there is no risk of "noisy neighbours" or security vulnerabilities associated with shared
virtualization environments.

7) What is CapEx and OpEx? Explain the importance of CapEx and OpEx in cloud. (5M)

When it comes to IT spending for businesses, there are typically two financial models: Capital
Expense (CapEx) and Operational Expense (OpEx).

 CapEx

Capital expenditures are funds used by a company to acquire, upgrade, and maintain physical assets
such as property, plants, buildings, technology, or equipment. CapEx is often used to undertake new
projects or investments by a company. They are business expenses made to gain long-term benefits
by buying expensive but valuable assets like office buildings, data centres, physical servers, desktops,
laptops, storage, printers, scanners, generators, software, etc. In such type of business expenses, you
make a heavy investment once and you can reap the benefits of these many years later in the future.

 OpEx

OpEx stands for operational expenditure. An operating expense is an expenditure that a business
incurs as a result of performing its normal business operations and these are a company's day-to-day
expenses. Operating expenses are essential for analysing a company’s operational performance.
Operating expenses reflect the operational activities, not the investing or financing activities of a
company. Operational activities are a company’s key commercial activities in generating revenue. The
operating activities primarily cover the commercial activities of the company. For example, the main
operating activity for a manufacturing company is to produce the product from raw materials, while
for a trading company, it is to buy products from the supplier and sell them to the end-users.

If you are tight on capital expenditure or want to start very quickly as what you are looking for is
already available on the public cloud, the public cloud's pay-as-you-go model could be the right
choice –that would be the OpEx financial model. On the other hand, if you would like to have
complete control of IT resources, you would instead prefer to build a private cloud -- this would be
the CapEx financial model. In this private cloud case, your organization will be responsible for all
expenditures.

The current trend is using the public cloud as this is where there are actual multi-facet advantages of
the cloud. However, organizations with tight, unique security and regulatory requirements tend to
think critically about public cloud adoption. In some cases, these organizations adopt a middle
ground of hybrid cloud where they migrate those applications which are non-essential and not in the
tight security and regulatory requirements realm. But keep critical and essential applications on
private cloud or on-premises data center as it is.

8) What is Virtualization? (2/5M)

Virtualization is the process of dividing a physical machine into multiple unique and isolated units
called virtual machines (VM) using virtualization software. A virtualization software (for instance,
VMware vSphere) is installed on the physical machine that enables virtual machines’ creation.
Virtualization is the technology which enables the creation and management of virtual servers,
providing flexibility, scalability, and resource optimization in a cloud environment. In virtualization,
techniques like hyperthreading can be used to improve the performance of virtual machines.
Virtualization helps organizations use their hardware more efficiently, save costs, and easily adapt to
changing demands while providing benefits like simplified management.

Virtualization simply enables us to run multiple operating systems with different configurations on a
physical machine. These operating systems run in a simulated environment which is known as a
virtual machine.

Types of Virtualization:

a) Storge Virtualization

b) Data Virtualization

c) Server Virtualization

d) Desktop Virtualization

e) Application Virtualization

Types of Virtualization Techniques:

a) Software Virtualization

b) Hardware-Assisted Virtualization

c) Para-Virtualization
d) Full Virtualization

9) Why do we need virtualization? (2M)

1) Virtualization allows multiple virtual instances or machines to run on a single physical server,
optimizing hardware usage and reducing the need for multiple physical servers.

2) By consolidating workloads onto fewer physical servers, organizations can save on hardware,
power, cooling, and space costs.

3) Virtualization enables easy scaling of resources by creating or removing virtual instances as

needed, providing flexibility to adapt to changing workloads.

4) Virtualization makes it easier to create and manage backup copies of virtual machines, enhancing
the ability to recover quickly in the event of hardware failure or other disasters.

10) What is a hypervisor? Explain types of hypervisors. (5M)

A component of virtualization software called hypervisor makes it possible to create virtual machines
on the same physical machine. It is also known as a virtual machine monitor (VMM) and it is a layer
of software or a hardware component required to run the virtual machines on a system. Hypervisors
play a crucial role in dividing and allocating the resources of a physical server among the virtual
machines. It controls all the hardware resources and can take resources from one VM and give it to
another. It is also responsible for the managing the state of all VMs at all times.

a) Type 1 Hypervisor (Bare Metal Hypervisor): They run directly on top of the hardware of the host
system. They generally offer better performance as these are closer to the hardware. They ensure
high availability of resources, stability, scalability. It communicates directly with the hardware rather
than relying on a host operating system. Example: VMware ESX, VMware ESXi, Microsoft Hyper-V.

b) Type 2 Hypervisor (Hosted Hypervisor): It is installed on the host operating system and is highly
suitable for development and testing. It eases and simplifies system configuration. It has slightly
more overhead compared to Type 1 hypervisors. Example: VMware Workstation, Oracle VirtualBox,
Microsoft Hyper-V.

11) What is hyper threading? (2M)

Hyper-Threading (HT) is a technology developed by Intel that allows a single physical processor core
to function as two logical processors. This technology is designed to improve overall processor
efficiency by enabling better utilization of CPU resources and improving multitasking capabilities.
With Hyper-Threading, each physical core is presented as two virtual cores to the operating system.
These virtual cores share the same physical execution resources. Hyperthreading is a technology that
allows a single physical processor core to behave like two logical processors. This means that a
processor with 4 physical cores and hyperthreading enabled can run 8 threads simultaneously.

12) What is a Cloud Server? (5M)

A cloud server is a virtual server that runs in a cloud computing environment. Instead of being hosted
on a physical server at your location, it operates on a virtualized platform provided by a cloud service
provider. A cloud server is powerful physical or virtual infrastructure that performs application
processing and information storage. Organizations use the infrastructure-as-a-service (IaaS) model
for this purpose and they can access virtual server functions remotely through an online interface.
The computing infrastructure can be physical (bare metal), virtual, or a mix of the two depending on
the user's needs and it has all the capabilities of an on-premises server.
  Why cloud servers?

1) Cost effectiveness: With cloud servers, organizations only pay for what they need and reduce the
expense that comes with maintaining hardware.

2) Scalability: Users can scale computing and storage resources to meet changing needs. This is
particularly helpful for organizations with fluctuating needs.

3) Flexibility: Access your cloud server and data from anywhere with an internet connection. This
flexibility is valuable for remote work and global collaboration.

4) Backup and Disaster Recovery: Cloud services often include built-in backup and disaster recovery
options, making it easier to protect your data and quickly recover from unexpected incidents.

13) What is Network/Server/Storage Virtualization? (5M)

 Network Virtualization
 Server Virtualization
 Storage Virtualization

14) Explain para-virtualization/host-based virtualization. (5M)?

 Para-virtualization
 Host-based virtualization

15) What is Server Failover? (2M)

Server failover is the practice of having a backup server (or servers) prepared to automatically take
over if the primary server goes offline. The goal of server failover is to improve a network or
website's fault tolerance, or its ability to continue operating when one of its parts fails. The workload
or responsibilities of a failed server are automatically transferred to another server to ensure
continuity of services. This helps maintain availability and reliability of systems, minimizing downtime
and ensuring a seamless experience for users.

 Difference between failover and switchover:

In failover, the shift to a redundant server happens automatically. Switchover is a similar process,
only the shift to the secondary server happens manually, creating a short period of downtime.
Because failover happens automatically, there is usually no downtime associated with a switch to a
secondary server.

16) What is Active-Standby failover? (2M)

In active-standby, there is a primary server and one or more secondary servers. The secondary server
monitors the primary one but otherwise remains inactive. If the secondary server senses any change
with the primary server, it will take over and advise the data center that the primary server needs
restoration. Once the primary server is restored, it takes over once again (referred to as failback), and
the secondary server resumes a standby position. The standby server quickly assumes the workload
and responsibilities, ensuring uninterrupted service. This setup enhances system reliability by
providing a backup mechanism, reducing downtime, and maintaining continuous availability of
applications and services.

17) What is Active-Active failover? (2M)

Active-Active failover is a server configuration in which multiple servers are actively serving traffic
simultaneously. In this setup, all servers are actively engaged in handling user requests, and they
share the overall workload. If one server fails or experiences issues, the others continue to handle
the traffic, ensuring that the system remains operational. This configuration is designed to distribute
the load efficiently, improve performance, and enhance overall system reliability by allowing multiple
servers to share the responsibility of serving requests.

Unit 3) Data Center Architecture

1) What are Uptime Institute’s Classification System? (5M)

The Uptime Institute's Tier Classification System is designed to evaluate the reliability and
performance of a data center's infrastructure.

1) Tier I: Basic Capacity: It has basic site infrastructure with non-redundant capacity components. No
built-in redundancy for power and cooling systems. Susceptible to disruptions or equipment failures.
Experiences 28.8 hrs of downtime each year.

2) Tier II: Redundant Capacity Components: It adds redundancy to critical infrastructure components.
Redundancy may include backup power and cooling, reducing the risk of disruptions. Still vulnerable
to some disruptions or equipment failures. Experiences 22 hrs of downtime each year.

3) Tier III: Concurrently Maintainable: Introduces additional redundancy and increased fault
tolerance. Maintenance and component replacements for this tier can be done without disrupting
operations or workflow. Offers a higher level of availability as compared to Tier I and II. Experiences
1.6 hrs of downtime each year.

4) Tier IV: Fault Tolerant: This tier provides the highest level of reliability and fault tolerance. All
systems are fully redundant, and there are multiple independent distribution paths. It can withstand
a single failure or event without impacting operations and offers the highest level of availability.
Experiences 0.04 hrs of downtime each year.

5) Tier V: Platinum: This is the highest level of data center infrastructure classification. It is designed
to provide the highest level of availability and reliability, even in the event of a major failure. Tier 5
data centers are typically used by organizations that require the highest level of availability and
reliability for their critical data and applications. Examples of such organizations include financial
institutions, government agencies, and telecommunications companies. Experiences very little to no
downtime each year.

2) What are Active-passive vs Active-Active Data center models? (5M)

 Active-Passive Data Center

1) In an Active-Passive data center model, there is a primary (active) data center that handles the live
production workload, while a secondary (passive) data center remains in standby.

2) The passive data center only becomes active when the primary one fails or experiences issues.

3) This model is commonly used for backup and disaster recovery scenarios.

4) The passive site serves as a backup that becomes operational in case of a failure, reducing
downtime and data loss.

5) Load balancing and sharing of workload is not found in active-passive data center models.
  Active-Active Data Center

1) In an Active-Active data center model, multiple data centers are active and operational
simultaneously, sharing the workload.

2) Each data center is capable of handling a portion of the overall traffic or services independently.

3) This model aims to distribute the load efficiently, improve performance, and enhance overall
system reliability.

4) If one data center encounters issues, the others continue to handle the workload, ensuring
continuous availability.

5) Load balancing also occurs in an active-active setup. This allows the system to evenly distribute
workloads in the data center so no single piece of equipment experiences overloading.

3) What is a Data Center? (5M)

A Data Center is a building that holds large quantities of computer systems and associated
components (servers, storage, network devices, etc.), almost always what we refer to as the “back
end” equipment.

1) A data center is a facility used to house computer systems and networking equipment for the
purpose of processing, storing, and managing large amounts of data.

2) It provides the necessary infrastructure, including power, cooling, and security, to ensure the
reliable and efficient operation of IT equipment.

3) Data centers play a crucial role in supporting various services, applications, and business
operations by managing the computing resources needed for information processing and storage.

4) Data centers provide connectivity both inside and outside the Data Center and also provide highly-
available power in a temperature-controlled environment which is needed to maintain IT equipment.

5) We express availability as the number of minutes of downtime per year we expect from a Data
Center. How well the Data Center Operator achieves this is the primary measure of a Data Center’s
reliability.

4) What are Primary Data Centers? (2M)

A “Primary” Data Center is the main Data Center that a company would use to run its operations.
Note that there can be more than one “Primary” Data Center. A large company can have many active
Primary Data Center sites, serving different company locations. A primary data center is the main
facility where an organization houses its critical computing and IT infrastructure. It serves as the
primary location for processing, storing, and managing data, as well as running applications and
services. The primary data center is responsible for handling the majority of the organization's
computing workload and is designed to ensure high availability, reliability, and performance. In
scenarios where redundancy is implemented, a secondary or backup data center may exist to take
over in case the primary data center experiences issues.

5) What are Disaster Recovery (or Business Continuity) Data Centers? (2M)

A Disaster-Recovery Data Center (usually referred to as the “DR-Site”) is designed to provide a Data
Center that can be “activated” if we lose Primary Data Center. In many instances, the DR site is a
smaller version of the Primary Data Center, sometimes with reduced capacity and sometimes not
supporting every application that runs in the Primary Data Center. It is a secondary facility set up by
an organization to ensure the continuation of critical business operations in the event of a disaster or
major disruption. This facility is equipped with duplicate IT infrastructure, servers, and data storage
systems to replicate and backup data and applications from the primary data center. The DR data
center takes over to minimize downtime and ensure the organization can continue its essential
functions. The goal is to provide a backup and recovery solution that safeguards data and maintains
business operations even in challenging circumstances.

6) What are Colocation Data Centers? (2M)

Colocation Data Centers (Colos) are large Data Centers where space, bandwidth, and equipment is
available for rental by outside customers. Customers can rent a small space or a larger spaces of
several thousand square feet or more. Not all colocation facilities offer the same range of service
options. In colocation, each client or tenant has control over their own IT infrastructure while sharing
the same physical space, power, cooling, and security provided by the colocation provider. This
arrangement allows businesses to benefit from the data center's infrastructure without the need to
build and maintain their own facility. Colocation services are popular for their cost-effectiveness and
scalability.

7) What are Corporate Enterprise Data Centers? (2M)

Corporate Enterprise Data Centers are facilities owned and operated by large organizations to house
their own computing infrastructure. These data centers are dedicated to supporting the
organization's IT needs, including servers, storage systems, networking equipment, and other critical
components. Corporate enterprise data centers play a central role in processing, storing, and
managing the organization's data and applications. They are designed to meet the specific
requirements of the company, ensuring high performance, security, and reliability for the IT services
and applications that the organization relies on for its day-to-day operations.

8) What are Wholesale Data Centers? (2M)

Wholesale Data Centers are a subset of the Colocation Model. Wholesale Data Centers will only rent
large blocks of space. Unlike retail colocation where smaller spaces are leased to multiple tenants,
wholesale data centers cater to larger-scale clients who require substantial infrastructure capacity.
Customers that buy wholesale space are either end users that need large Data Centers or resellers
that then subdivide the space into smaller spaces. In the past, the entry point was a 10,000-square-
foot room, however, that number has begun to shrink and some Data Center operators have
wholesale data centers as small as 2,000 square feet.

9) What are key drivers of Data Center cost? (5M)

1) Location: The location of the Data Center can have a substantial impact on the cost of relocating
there. That cost isn’t only the cost of the space but also the cost of a skilled workforce can vary wildly
too depending upon area.

2) Power: The cost of electricity to power IT equipment and the associated expenses for cooling
systems to maintain optimal operating temperatures also need to be accounted for. The size of the
data center can also affect power costs greatly.

3) Available Network Providers: It is one of the most important factors for your data center location
and finding out which network provider to opt for is a big decision that can greatly affect your data
center’s efficiency.
4) Datacenter Efficiency: PuE or Power Utilization Efficiency is essentially an indication of the overall
efficiency of the Data Center site. We’re talking about the electricity used to cool the site, keep the
lights on and run all the necessary systems. The more efficient the site is, the better.

5) Network Latency: Network Latency is the delay or lag in the transmission of data between two
points on a network. It is the time it takes for information to travel from the source to the
destination. The larger the time taken for data transmission the greater will be the cost of data
transfer and vice versa. Delays in communication can reduce overall system performance and
productivity, potentially requiring additional resources or infrastructure upgrades to meet
performance expectations.

10) What is Three-Tier Data Center Network Design? (5M)

The Three-Tier Data Center Network Design is an architectural model that organizes a data center's
network infrastructure into three distinct tiers or layers, each serving specific functions. It is
particularly well-suited for environments where there is a need for efficient and organized handling
of network traffic. Because this type of architecture is well structured, it is widely adopted in modern
data centers for flexibility, efficiency and manageability.

 Access Tier (First Tier):

1) The Access Tier is the first layer, and it is closest to the end-users and devices within the data
center.

2) It provides connectivity for individual devices such as servers, computers, and other end-user
equipment.

3) Access switches operate at this tier, facilitating the connection of devices to the network.

 Aggregation Tier (Second Tier):

1) Also known as the Distribution Layer.

2) The Aggregation Tier is responsible for aggregating and managing the traffic from the Access Tier.

3) It performs routing and directs traffic between devices in the Access Layer and the Core Layer.

4) Aggregation switches operate at this layer, providing a level of abstraction between the Access Tier
and the Core Tier.

 Core Tier (Third Tier):

1) The Core Tier serves as the backbone of the network.

2) Its primary function is to efficiently move high-speed, high-volume data between different parts of
the network.

3) The Core Tier focuses on optimizing data transfer without being concerned with the specific
source or destination of the data.

4) Core switches or routers operate at this layer, facilitating fast and efficient data transfer across the
entire network.
Key Benefits:

1) Scalability: The Three-Tier Design allows for easy scalability as the data center grows by providing
a modular and structured framework.

2) Flexibility: Each tier has specific functions, making it easier to manage and upgrade individual
components without disrupting the entire network.

3) Performance: The design optimizes network performance by efficiently directing traffic and
ensuring high-speed data transfer in the core.

11) What is Leaf-Spine Network Architecture? (5M)

The Leaf-Spine Network Architecture, also known as Clos architecture, is a network topology
commonly used in data centers to provide a highly scalable and efficient network infrastructure. It is
designed to address the challenges of increasing data traffic and the need for improved performance
and flexibility which was compromised in the traditional three-tier architecture.

The Leaf-Spine Network Architecture typically consists of two main layers:

 Leaf Layer

1) The leaf nodes represent the access layer where end devices, such as servers and storage, connect
to the network.

2) The leaf layer is closest to the end-users and devices within the data center.

3) Leaf nodes are connected to every spine node in the network, forming a mesh-like connectivity
pattern.

4) This design eliminates the need for hierarchical layering seen in traditional three-tier
architectures.

 Spine Layer

1) The spine nodes act as the backbone of the network.

2) They provide high-bandwidth connectivity between the leaf nodes.

3) Spine nodes are fully connected to every leaf node in the network.
4) This arrangement means there is always a direct path for data transfer between any two devices.

Key Benefits:

1) The Leaf-Spine architecture has become popular in modern data centers, especially those dealing
with large-scale cloud computing, virtualization, and high-performance computing workloads.

2) It offers a more efficient and scalable alternative to traditional network topologies.

3) The design allows for easy scalability by adding more leaf or spine nodes as the data center grows,
without disrupting the existing infrastructure.

4) If one path fails, there are alternative paths available for data transfer. Therefore, this design
provides redundancy and fault tolerance.

5) The fully connected nature of the architecture simplifies network management and reduces the
complexity associated with traditional hierarchical designs.

6) This network design model greatly decreases network latency and results in high throughput.

12) What is TOR? (5M)

TOR commonly stands for "Top of Rack." The Top of Rack switch (TOR switch) is a networking device
positioned at the top of a rack of servers in a data center. It serves as a connectivity point for the
servers within that rack and connects them to the broader data center network. This switch connects
the servers in the rack to each other and to the rest of the network. The switch can also be used to
connect the rack to other switches.

TOR switching, or Top of Rack switching, refers to the networking architecture where a switch is
located at the top of each server rack in a data center. In this setup, each server within a rack
connects directly to the Top of Rack (TOR) switch. The TOR switch serves as a local connectivity hub
for the servers within that specific rack, enabling communication between servers and with the
broader data center network. In the ToR approach, every rack in the data center network is a
separate entity. Any change, upgrade, or malfunction in the rack usually affects that rack only and
has no effect on the rest of the network.
Key Benefits:

1) Each server within a rack connects to the TOR switch, establishing a direct link for network
communication.

2) This design simplifies connectivity within the rack and provides a straightforward way to manage
network connections.

3) The TOR switching model is scalable, allowing for the addition of more racks and TOR switches as
the data center expands. This modular approach supports growth without necessitating major
changes to the overall network architecture.

4) Placing the switch at the top of the rack minimizes the physical distance between the servers and
the switch. This proximity helps reduce network latency, thus improving performance.

5) TOR switches play a role in distributing network traffic within the data center, ensuring efficient
communication between servers and other network components.

13) What is End of Row Switching? (5M)

End-of-row switching (EoR switching) is a data center network architecture that uses a switch at the
end of each row of servers. This can help to improve the performance and scalability of the data
center network. In this setup, each row of server racks is typically connected to a switch located at
the end of that row. This design contrasts with the Top of Rack (TOR) switching model, where
switches are placed at the top of individual racks.

In a traditional data center network architecture, all of the servers in a row are connected to a single
switch. This can lead to congestion and performance problems, especially in large data centers. EoR
switching solves this problem by using a switch at the end of each row of servers. This allows each
server to have its own dedicated connection to the switch, which can improve performance and
scalability. The major disadvantage of the End of Row architecture is that it still requires a large
amount of copper cabling.
Key Features:

1) Each server rack within a row connects to the End of Row switch. This switch serves as a local
point for network connectivity for all the servers in that row.

2) The EoR switching design allows for easy scalability as the data center grows. Additional rows of
servers can be accommodated by adding more switches, providing an expandable network
architecture.

3) EoR switches play a role in distributing network traffic within the data center, ensuring efficient
communication between servers and with other network components.

4) Placing the switch at the end of the row helps minimize the physical distance between servers and
the switch, contributing to lower network latency.

5) The localized nature of EoR switching allows for more control and management of the network
within each row of server racks.

Unit 4) Virtualized Data Center Architecture

1) Explain Cloud Adoption Strategy of AWS/Google/Azure. (5M)

 AWS
 Google
 Azure

2) What is Virtual LAN(VLAN)? (5M)

VLANS, or Virtual Local Area Networks, are a way to logically segment a physical network into
multiple virtual networks. VLANs enable devices to communicate with each other as if they are on
the same physical network, even if they are located in different parts of the actual network.

1) VLANs allow you to create separate, isolated networks within the same physical infrastructure.

2) VLANs offer a way to improve network efficiency, security, and organization by creating logical
networks within a physical network.

3) Devices in one VLAN can be kept separate from devices in another VLAN, enhancing security and
network management.

4) VLANs provide flexibility in organizing devices based on factors like department, function, or
project, regardless of their physical location.

5) Broadcast traffic is limited to devices within the same VLAN, reducing network congestion and
improving performance.
6) A VLAN can be created from one or multiple LANs.

7) A VLAN is a virtual network formed through the logical grouping of devices on a LAN. The devices
are, typically, switches, and the LAN is Ethernet.

8) With LAN, a network packet is received by all devices on it. With VLAN, the network packet is sent
to only a specific set of devices that constitute what is called, broadcast domain.

9) VLANs partition the network at Layer 2.

10) Without VLANs, a broadcast message sent from a host reaches all network devices increasing
CPU overhead on each device and reducing the overall network security.

3) What are two types of VLANS? (2M)

1) Port-based (Untagged) VLANs: A single physical switch is simply split into multiple logical switches.
Untagged VLANs refer to Virtual Local Area Networks in which the network frames do not have VLAN
tags associated with them. In contrast to tagged VLANs, untagged VLANs do not have an additional
identifier in the Ethernet frame to specify the VLAN to which the frame belongs. Untagged VLANs
allow devices within the same VLAN to communicate without the need for additional VLAN tagging.

2) Tagged VLANs refer to a method of separating different Virtual Local Area Networks (VLANs)
within a network infrastructure. When traffic from multiple VLANs needs to travel over the same
physical network link, it is necessary to "tag" the traffic to differentiate between the VLANs. Each
frame of data in a network has a VLAN tag added to it, indicating the VLAN to which the frame
belongs. Tagged VLANs allow multiple VLANs to share the same network link while keeping their
traffic separate.

4) What is Subnetwork? (2M)

A subnetwork, commonly referred to as a subnet, is a logical subdivision of an IP network. It involves

dividing a larger network into smaller, more manageable parts for various purposes, including better
organization, improved security, and efficient use of IP addresses.

The Internet Protocol (IP) is used for sending data from one computer to another over the internet. A
subnet is defined to subdivide large IP networks into smaller, more efficient subnetworks. A subnet
aims to divide a large network into smaller, interconnected networks to minimize the broadcast
traffic on a single network segment, thereby improving available network bandwidth. It also
optimizes the usage of available IP address space.

5) What is Subnetting? (2M)

Subnetting is the process of dividing a larger IP network into smaller, more manageable subnetworks,
or subnets. This is done to achieve efficient use of IP addresses, improved network performance, and
enhanced security. Subnetting allows for the more efficient allocation of IP addresses by dividing a
network into smaller segments, each with its own range of addresses. Subnets can be used to isolate
and secure different parts of a network. Subnetting provides a logical way to organize and manage a
network. In simple terms, a subnetwork is like breaking down a large neighbourhood into smaller
blocks, with each block having its own address range. Subnetting helps in organizing, managing, and
securing a network more effectively.

6) What is North-South traffic in Data center? (2M)

The "North-South traffic" refers to the flow of data between the internal network (within the data
center) and external networks outside of the data center. This traffic typically involves
communication between servers or devices inside the data center and users, applications, or services
that are located outside of the data center, such as clients accessing a website hosted in the data
center. North-South traffic involves data moving into and out of the data center, connecting the
internal infrastructure with external entities.

7) What is East-West traffic in Data center? (2M)

In a data center, "East-West traffic" refers to the flow of data between servers or devices that are
located within the same data center or between different segments of the internal network. This
traffic typically involves communication between servers, applications, or services that reside within
the data center infrastructure. East-West traffic involves data moving within the data center and does
not involve any external entities.

8) What is Micro segmentation? (2M)

Micro segmentation is a network security strategy that involves dividing a network into smaller,
isolated segments to enhance security by restricting communication between different segments. It
is a method of segmentation to create zones in data centers and cloud environments to divide the
network into distinct secure segments at the individual workload level. It enables the isolation of
workloads from one another and secures them. Each segment operates like its own security zone,
with specific rules governing communication. It adds an extra layer of security within the network,
making it more challenging for unauthorized access.

9) What are two solution patterns in backup and restore? (2M)

1) Agent-based backup/restore pattern: A small software component called an "agent" is installed on

each individual device or system that needs to be backed up. The agent assists in the restoration
process. The agent does backup to a backup server or to a direct storage pool. The "agent" provides
granular control over what data gets backed up on the device, allowing customization. It enables
selective restoration of specific files or data on a device. The backup process is typically managed
centrally from a backup server and the restoration activities can be monitored.

2) Agentless backup/restore pattern: There is no need to install specific software agents on individual
devices and restoration activities are performed without relying on dedicated agents. The backup
process is centrally managed from a backup server or management console. This simplifies
management by eliminating the need for agent installations on each device. Just one instance of a
backup solution is deployed on a server which connects with all the servers on the network and
performs the backup of required data.

10) What are three different types of backups? (3M)

1) Full Backup: It represents a complete backup of all the data and can be used for recovery without
additional efforts. It takes time to do a full backup, depending on the size of the data and the number
of systems on which full backup needs to be done. A quite simple and straightforward restoration
process, as all data is in one backup. It consumes more storage space and takes longer to perform
compared to other backup types.

2) Incremental backup: Backup is taken of changes made since the last backup (full or incremental).
The last full backup is used during restoration, and subsequent incremental backups are applied in
the correct order. It makes efficient use of storage space and makes the backup process faster as
compared to full backups. However, restoration requires multiple backup sets.

3) Differential backup: Differential backup makes a copy of data that has changed since the full
backup. During restore, the last full backup is used, and then the differential backup is applied on top
of it, thus saving time. These consume more storage space as compared to incremental backups.

11) What is Disaster Recovery? Explain RPO & RTO? (3M)

Disaster recovery is the capability to be able to recover successfully from a disaster. Disaster
Recovery is a set of processes and tools designed to help an organization recover from a major IT-
related disaster or disruption. The goal is to restore critical business operations and minimize the
impact of the disruption on business functions.

RPO: RPO is the Recovery Point Objective, which is the maximum allowable data that may be lost in
the event of a disaster. It is measured in terms of time and dependent on the maximum age of the
data or files in backup storage. It represents the maximum tolerable amount of data loss that an
organization is willing to accept. It indicates the point in time to which data must be restored after a
disaster to meet business continuity requirements.

RTO: RTO is the Recovery Time Objective, which is the maximum time taken to recover from the
adverse incident and restoration of normal operations of the system. It is the targeted duration
within which a business process must be restored after a disaster or disruption to avoid adverse
consequences. It measures the time it takes to recover and resume normal operations.

12) Explain the Disaster Recovery Process. (5M)

The Disaster Recovery (DR) process involves a series of steps and measures to restore critical IT
systems and business operations after a disruptive event. It includes identifying potential risks and
threats to IT systems and business operations and developing a comprehensive disaster recovery
plan based on the identified risks. Disaster recovery, therefore, has two aspects to it - preparation
and execution.

 Preparation: A proactive step before that involves preparing for a disaster scenario, called
business continuity planning. Only when business continuity planning is done right can
disaster recovery (DR) be successful.

1) Establish DR operational characteristics, RPO and RTO.

2) Setup alternate or secondary DR site with the right model (Active-Active or Active-Passive)

3) Form a DR operations team who is aware of a clear and well-documented approach to be

employed in the event of a disaster.

4) The DR team should maintain the DR infrastructure and define procedures and processes to be
employed during DR. The team should also conduct DR tests at regular intervals to be DR ready.

5) Replicate the data to the alternate DR site.

6) Declare DR when the disaster event occurs.

 Execution: All the preparation activities seen above will result in execution if and when a
disaster occurs.
1) Recover shared infrastructure platforms and services like network components, servers, block
storage, file storage, etc.

2) Recover shared application platforms and services like SQL Server, Oracle RDBMS, mainframe, etc.

3) Recover business application and services.

4) Test and switch all traffic to the secondary site.

13) What is replication for disaster recovery? (5M)

Replication is the process of copying the data from the primary data center to the secondary data
center for disaster recovery. Multiple copies of the data are made and preserved at one or more
locations for operational recovery, if the actual data is corrupted or unavailable for some reason. This
practice ensures that in the event of a disaster or disruptive event, the organization can quickly
switch to the replicated data and systems at a secondary location, minimizing downtime and data
loss.

1) The replicated data is typically stored in a geographically separate location from the primary data
center.

2) By having up-to-date copies of data and systems at a secondary site, organizations can achieve
faster recovery times in the event of a disaster.

3) Replication can be applied not only to data but also to entire applications and system
configurations. This ensures that the entire IT environment can be quickly restored at the secondary
site.

Types of replication for DR:

1) Host-based replication: Replication software is installed on the physical or virtual server and the
data is replicated using the software

2) Appliance-based replication: Appliances are installed in primary and secondary sites and the data
that needs to be replicated is duplicated in the appliance and then replicated.

3) Hypervisor-based replication: The replication software plugs into the hypervisor and copies data
from the primary site to the secondary site.

4) Array-based replication: The data in SAN storage array may be replicated at storage-level by
employing specific tools for replication.

5) VM-Snapshot replication: VM-level snapshots are taken at the primary site and sent to the
secondary site for replication purposes.

14) What is IT Infrastructure Monitoring (ITIM)? (2M)

IT Infrastructure Monitoring (ITIM) is the real-time monitoring of infrastructure hardware, processes,

and equipment in the data center or cloud. It typically involves monitoring the availability of servers,
hypervisors, storage, network, and database instances to collect resource utilization data and
perform historical data analysis and reporting. IT infrastructure monitoring involves the continuous
observation and analysis of an organization's IT systems, networks, and components to ensure they
operate efficiently, securely, and meet performance expectations.

15) What are the key areas of application monitoring? (3M)

1) Application uptime/availability monitoring: Continuously checks to see if the application is up and
running and responding to the requests it receives.

2) Application performance monitoring (APM): Tracks application performance metrics.

3) Application error monitoring: Finds bugs in the application to enable developers to prioritize and
fix them. There are two types of error monitoring; Front-end monitoring and Back-end monitoring.

4) Application log monitoring: Gathers, analyses, and draws correlation from any application log data
to provide insights on status and issues.

5) Application database monitoring: Monitors interactions between the application and its database
and performance of the database to identify issues that could affect the efficient working of the
overlying application. Tools like Dynatrace can perform database monitoring.

6) Application security monitoring: Monitors the application for security issues, including malware
and other threats. Tools such as those from Contrast Security are used for this purpose.

Unit 5) Cloud Storage

1) Explain Block Storage/File Storage/Object Storage. (3M)

 Block Storage

1) Block storage is a type of storage in which data is stored in fixed-size blocks.

2) Metadata is maintained by the storage system for each block which is later used to locate the
desired blocks for data retrieval.

3) It is a type of data storage that breaks up data into small, fixed-sized chunks called blocks.

4) Each block is assigned a unique identifier and can be individually accessed.

5) Block storage can be used for storing any type of data. It is commonly used in storage area
networks (SANs) and is known for providing high-performance and efficient data handling, making it
suitable for applications that require fast and direct access to data.

 File Storage

1) File storage is like organizing digital information in a way that mimics how we organize files in
folders on a computer.

2) In file storage, data is grouped into files, and these files are organized within directories or folders.

3) Each file has a unique name, and the folders help to create a hierarchical structure, making it easy
to find and organize information.

4) Imagine it as a digital filing cabinet where you have folders for different categories, and within
those folders, you have individual files containing your data.

5) File storage is commonly used in personal computers and servers providing a familiar and user-
friendly way to manage and access data.

 Object Storage

1) Object storage is a way of storing and managing data as distinct, independent objects rather than
in a traditional file hierarchy.
2) Each object contains both data and metadata.

3) Unlike file storage, object storage places data into a flat address space, making it easier to scale.
Think of it like storing things in a giant room where each item has its unique tag (metadata) and can
be easily retrieved without needing to know its exact location in a folder or directory.

4) Object storage is highly scalable, efficient for handling large amounts of unstructured data.

5) It is often used in cloud storage services for things like photos, videos, and backups.

2) What is Storage Area Network (SAN)? (5M)

A Storage Area Network (SAN) is a specialized network that connects storage devices to servers. In a
SAN, storage devices (like hard drives) are connected to a network, allowing multiple servers to
access and share the storage resources. This helps in centralizing storage management and
improving efficiency. SANs are often used in large-scale business environments where fast and
reliable access to data is crucial, such as in data centers. SAN is a network of disks that is accessed by
a network of servers. SAN is generally accessed using Fibre Channel over Ethernet (FCoE). There is
greater cost for the network setup for the Fibre channel and maintenance but it also gives a greater
performance. Dell’s PowerMax is an example of SAN storage.

There are three main layers in SANs:

1) Storage Layer: The storage layer is an important part of a SAN. It provides the physical data storage
resources that are needed by the servers in the host layer. The storage layer must be reliable,
scalable, and manageable to meet the needs of the organization. The storage layer stores data that is
accessed by the servers in the host layer. The storage layer can protect data and it must provide high
performance to the servers in the host layer. The storage layer must be scalable to meet the growing
needs of the organization. The storage layer must be manageable to simplify the administration of
storage resources.

2) Fabric Layer: The storage layer is connected to the fabric layer of the SAN using Fibre Channel or
other highspeed networking protocols. It is responsible for connecting the servers and storage
devices in the SAN, and for providing high availability and performance. The fabric layer is designed
to be redundant, so that if one switch fails, the other switches can continue to provide connectivity.
The fabric layer is designed to provide high performance, so that data can be transferred between
the servers and storage devices quickly and efficiently. The fabric layer is designed to be highly
available, so that data is always accessible, even if there is a failure in the SAN.
3) Host Layer: The host layer is responsible for ensuring that data is transferred reliably between the
servers and the storage devices and for providing a high-performance interface between the servers
and the SAN fabric.

Benefits of SAN:

1) The three layers of a SAN work together to provide high performance, availability, and scalability
for storage resources.

2) SANs can provide high availability by replicating data across multiple storage devices.

3) SANs can be scaled to meet the growing needs of the organization.

3) What is Storage Layer in SAN? (2M)

Storage Layer: This is the bottom most layer in SAN and here you have your storage devices, like hard
drives or storage arrays. This is the actual layer where your data is stored. The servers access these
storage devices through the middle layer which is the fabric layer. It is configured with RAID options
to improve storage capacity and reliability. RAID (redundant array of independent disks) protects the
data in case of a disk/drive failure.

4) What is Fabric Layer in SAN? (2M)

Fabric Layer: Think of this as the middle layer, the layer that connects everything together. It allows
data to travel between the servers and the storage devices. Fibre Channel switches or Ethernet
switches are common components in this layer. The layer with SAN switches and routers constitutes
the fabric layer over which the host layer accesses data in the storage layer.

5) What is Host Layer in SAN? (2M)

Host Layer: This is the topmost layer of the SAN and this is where your servers or computers are
located. Servers in this layer communicate with the SAN to access and store data. They use a specific
protocol, often Fibre Channel to talk to the SAN. The hosts that connect with the SAN storage via the
fabric layer constitutes the host layer.

6) What is Virtual SAN? (2M)

Virtual SAN, or vSAN, stands for Virtual Storage Area Network. In simple terms, vSAN is a technology
that virtualizes storage in a data center by pooling together the storage capacity of multiple physical
servers. This creates a shared storage infrastructure that is more flexible, scalable, and efficient. This
storage is accessible over Ethernet and has the advantage of lower-cost by using available storage
capacity through the means of a software.

Unit 6) Cloud Security Measures

1) What is Intrusion Prevention System/Intrusion Detection System (IPS/IDS)? (2M)

Together, they help keep computer networks safe by identifying and dealing with potential threats or
unauthorized access. An Intrusion Prevention System (IPS) and an Intrusion Detection System (IDS)
are like digital security guards for computer networks.

 Intrusion Detection System (IDS)

An Intrusion Detection system (IDS) is a system that monitors network packets and raises alerts on
detecting known signatures of threats such as malware. It watches for signs of potential cyber-
attacks. Think of it as a security camera that alerts you if it sees something suspicious but doesn't
actively stop the threat. It identifies and alerts administrators about potential security incidents.

 Intrusion Prevention System (IPS)

Intrusion Prevention System (IPS) takes alerts to the next level of controls by rejecting network
packets representing security threats. It not only detects suspicious activities but also takes action to
prevent or block them. It is like a security guard not only spotting something fishy but also
intervening to stop it. Similar to an IDS, but it takes proactive measures to block or prevent detected
threats in real-time.

2) What is Web Application Firewall (WAF)? (2M)

Web Application Firewall: A web application firewall (WAF) is an application firewall for HTTP
applications. Think of it as a digital bouncer for websites and web applications. It is a security tool
that monitors, filters, and blocks malicious traffic trying to reach a web application. Think of it as a
barrier between the internet and a web application, identifying and stopping potential cyber threats,
such as hacking attempts, before they can reach and harm the website or application. The WAF helps
protect against things like unauthorized access, data breaches, and other web-based attacks. WAFs
may be stateless or stateful.

3) What is Data Leakage Prevention (DLP)? (2M)

Also called Data Loss Prevention, it involves the detection and prevention of data loss through
unwanted destruction of sensitive data (e.g., ransomware attack) and data leakage by the
unauthorized transmission of data from within an organization to an external recipient. Data Leakage
Prevention (DLP) is like a guardian for sensitive information. It is a set of tools and practices designed
to prevent unauthorized access, sharing, or transmission of confidential data. DLP helps organizations
keep a close eye on their data, making sure it doesn't end up in the wrong hands, whether
accidentally or intentionally. It can involve monitoring and controlling data transfers and setting up
safeguards to ensure that private data stays within authorized boundaries, reducing the risk of data
breaches or leaks.

4) What is SAST/DAST/IAST? (3M)

SAST, DAST, and IAST are all types of security testing methods used in software development.

 SAST

1) Stands for Static Application Security Testing.

2) Analyses the source code or binary code of an application without executing it.

3) It is a white box testing method to test the code for vulnerabilities

4) Typically, it is plugged into IDEs to run scans on the code

5) It is like reviewing a recipe before cooking, checking ingredients and instructions for potential
issues.

6) Examples of SAST tools are: klocwork, SpectralOps, and Veracode.

 DAST

1) Stands for Dynamic application security testing.

2) It is a black-box testing method performed by running tests on applications in execution.

3) It simulates external attacks and identifies vulnerabilities based on outcomes.

4) Tests a running application to find vulnerabilities by simulating real-world attacks.

5) It is like tasting the food as it's being cooked to see if there are any issues with the final product.

6) Examples of DAST tools are: AppScan and Netsparker.

 IAST

1) Stands for Interactive Application Security Testing.

2) Combines aspects of SAST and DAST, testing the application in real-time as it runs.

3) Identifies the problematic code lines from a security perspective and notifies the developer of it.

4) It's like having a chef constantly checking the cooking process, adjusting ingredients based on real-
time observations.

5) Examples of IAST tools are: Synopsys Seeker and Veracode.

5) What is Cyber Security? (3M)

1) Cyber Security is also known as information technology security or electronic information security.

2) Cyber security is the discipline of security that involves processes, practices, and tools to protect
applications in the data center or cloud from attack, damage, or unauthorized access.

3) Cyber security protects information technology systems from cybercrime (for financial gain or
disruption), cyber-attack (to gain access to information) or cyber terrorism (to spread panic and fear).

4) Cybersecurity refers to the practice of protecting computer systems, networks, and data from
theft, damage, unauthorized access, and other cyber threats.

5) It involves implementing measures and technologies to safeguard digital information and ensure
the confidentiality, integrity, and availability of data.

6) What is cryptography? (3M)

1) The term cryptography was formed by fusing two Greek terms, “Krypto” (which means “hidden”)
and “graphene” (which means writing).

2) Cryptography is a method of protecting information and communications through the use of

codes, so that only those for whom the information is intended can read and process it.

3) It refers to secure information and communication techniques derived from mathematical

concepts and algorithms, to transform messages in ways that are hard to decipher.

4) Cryptography is closely related to the disciplines of cryptology and cryptanalysis.

5) This helps protect sensitive data during transmission or storage from unauthorized access or
tampering. In simple terms, cryptography keeps your messages and information safe by turning them
into secret codes that can only be understood by those who have the right "key" to decode it.
7) What are Modern cryptography’s four objectives? (3M)

1) Confidentiality: The information cannot be understood by anyone for whom it was not intended.

2) Integrity: The information cannot be altered in storage or transit between sender and receiver
without the alteration being detected.

3) Non-repudiation: The sender of the information cannot deny at a later stage their intentions in the
transmission or communication of the information.

4) Authentication: The sender and receiver can confirm each other's identity and the origin and
destination of the information.

8) Explain any 5 Cryptographic attacks. (5M)

1) BFA (Brute Force Attack): Here, the intruder tries to find the decryption key by trying all possible
combinations of keys until the correct one is found. A possible solution against such attacks could be
using longer and more complex keys so that it takes longer for the attacker to successfully decrypt
the key.

2) Birthday Attack: This is a subtype of the brute force approach. Attackers use this tactic to exploit
the probability of two different inputs producing the same hash value. Once the intruder finds two
inputs that produce similar values, a collision occurs and the hash function is broken causing a
breach in the system.

3) MIM Attack (Man in the Middle Attack): It involves intercepting and possibly altering
communication between two parties without their knowledge. A solution to protect your
information from such attacks is to implement secure communication channels, such as using
encryption and authentication.

4) SCA (Side Channel Attack): In such attacks, the attackers ignore the system’s algorithms and digital
protection and focus on exploiting the information that was leaked during the cryptographic process.
A possible solution could be to prevent or reduce side channel information leakage.

5) Fault Analysis Attacks: In such attacks, the intruder looks for errors produced by the system. These
errors are then used to breach the system’s defences and gain access to the encrypted information.

6) Timing Attacks: Attackers use the fact that different calculations require different processing times.
They acquire additional information about the message by measuring the time taken by the
computer to perform its calculations.

7) Power Analysis Attacks: Attackers use the amount of power consumed by the computer system to
gain data about the nature of the message being transmitted.

8) KPA (Known Plaintext Attack): With this tactic, the attacker should know some parts of the
plaintext. They make use of this knowledge to obtain the rest of the message.

9) What is a DoS attack? (3M)

A Denial of Service (DoS) attack is a malicious attempt to disrupt the regular functioning of a
computer system, network, or service, making it temporarily or indefinitely unavailable to its
intended users. The primary goal of a DoS attack is to overwhelm the targeted system with an
excessive volume of traffic, requests, or other forms of malicious activity. In case of occurrence of a
DOS attack, the operations of your organization can be crippled. Such attacks have been a threat to
computer network for numerous years. DOS attacks consume a lot of processing power hence they
have a direct effect on the speed and availability of the cloud services. In case a DOS attack occurs,
there is nothing you can do, but just to relax and wait. DDoS attacks involve multiple computers or
devices, forming a coordinated effort to flood the target. DDoS attacks are often more challenging to
mitigate due to the distributed nature of the attack. Engaging in DoS attacks is illegal in many
jurisdictions, and individuals or groups responsible for such attacks can face legal consequences.

10) What is IAM Policy? (3M)

IAM (Identity and Access Management) policies are like a set of rules that determine who has access
to what in a computer system. It is a way to control and manage access to resources, ensuring that
only authorized individuals or entities can perform specific actions.

1) Identity management should involve authenticating users and determining whether they will be
permitted to access certain systems.

2) Governance is also an important part of identity management. It involves administering the

processes and policies that guide how the users access systems and applications across the business
environment.

11) What are different types of cryptographic protocols? (3M)

Cryptosystems use a set of procedures known as cryptographic algorithms, or ciphers, to encrypt and
decrypt messages to secure communications among computer systems, devices and applications.

Single-key or symmetric-key encryption algorithms create a fixed length of bits known as a block
cipher with a secret key that the creator/sender uses to encipher data (encryption) and the receiver
uses to decipher it. One example of symmetric-key cryptography is the Advanced Encryption
Standard (AES).

Public-key or asymmetric-key encryption algorithms use a pair of keys, a public key associated with
the creator/sender for encrypting messages and a private key that only the originator knows (unless
it is exposed or they decide to share it) for decrypting that information. An example of public-key
cryptography includes RSA.

1) public and private key generation for data encryption/decryption

2) digital signing and verification for message authentication

3) key exchange

12) What is Phishing/Malware/Social engineering/DDos/APTs/MitM/Ransomware/Password Attacks?

(2M)

 Phishing

Phishing: Fraudulent emails or messages meant to deceive users as being reputable or known
sources to steam sensitive data. Tools for protection against phishing include: SpamTital, Proofpoint,
Mimecast. Example: Fake emails asking for login credentials, pretending to be from a bank.
  Malware

Malware: Malicious software that can be used to cause harm to a user. Malicious software designed
to harm or exploit computers, networks, or users. Viruses, worms, Trojans, and spyware are all
different forms of malware. Tools for protection against malware include: Avast Antivirus, Kaspersky,
Trend.

 Social engineering

Social engineering: Uses human interaction to trick users into revealing sensitive information.
Manipulating individuals to disclose confidential information or perform actions that may not be in
their best interest. Example: Pretending to be a colleague and asking for sensitive information. Tools
for protection against social engineering include: Policies and Training programs for users.

 DDos

Distributed denial-of-service (DDoS) attacks: Flooding the target system with messages from multiple
sources to disrupt the traffic of the largest system to prevent it from functioning or affect its
performance. It involves overwhelming a system, network, or website with a flood of traffic, making
it inaccessible to users. Tools for protection include: SolarWinds Security Event Manager, AWS Shield,
Indusface AppTrana

 APT

Advanced persistent threats (APTs): Sustained targeted attacks to infiltrate a network and remain
undetected for an extended period to steal data. They are long-term, targeted cyberattacks often
carried out by highly skilled and organized groups with specific goals. Example: Infiltrating a network
to gather intelligence over an extended period. Tools for protection: Security Information and Event
Management (SIEM) Tools such as SolarWinds Security Event Manager, Splunk Enterprise Security.

 MitM

Man-in-the-middle (MitM): Attacks involve an interception and relay of messages between two
parties who believe they are communicating. An attacker intercepts and potentially alters the
communication between two parties without them knowing. Tools for protection: Hetty, Bettercap,
Mitmproxy.

 Ransomware

Ransomware: Involves locking the user’s computer system files and demanding a payment to unlock
them. It is essentially malicious software that encrypts a user's files, demanding payment for their
release. Tools for protection: Bitdefender Antivirus, AVG.

 Password Attacks

Password Attacks: Passwords have become the most used mechanism to authenticate users to a
system. Brute-force attacks and Dictionary attacks are often used by hackers to get to know the
password by trial-and-error method. It involves attempts to gain unauthorized access to an account
by guessing, stealing, or cracking passwords. Example: Brute force attacks, where an attacker
systematically tries all possible password combinations. Password policies, including account lockout,
password change at regular intervals, and password complexity, mitigate password attacks.