Question Bank

1. CS8791 Cloud Computing
Question Bank
Prepared By
Kaviya.P
Assistant Professor / Information Technology
Kamaraj College of Engineering & Technology
(Autonomous)

2. CS8791 CLOUD COMPUTING
UNIT I – INTRODUCTION
Introduction to Cloud Computing – Definition of Cloud – Evolution of Cloud Computing –
Underlying Principles of Parallel and Distributed Computing – Cloud Characteristics – Elasticity
in Cloud – On-demand Provisioning.
PART – A (2 Marks)
1. Define cloud computing. (Buyya)
A Cloud is a type of parallel and distributed system consisting of a collection of
interconnected and virtualized computers. They are dynamically provisioned and
presented as one or more unified computing resources based on service-level
agreements established through negotiation between the service provider and consumers.
2. Define cloud computing. (NIST)
“The National Institute of Standards and Technology (NIST) defines cloud
computing as a "pay-per-use model for enabling available, convenient and on-
demand network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage, applications and services) that can be
rapidly provisioned and released with minimal management effort or service provider
interaction."
3. What are the convergences of various advances leading to the advent of cloud
computing?

3. 4. What is Service Oriented Architecture (SOA)?
Describe, compose, and orchestrate services,package, and transport messages between
services, publish and discover services, represent quality of service (QoS) parameters,
and ensure security in service access.
5. What are the advantages and disadvantages of distributed computing?
Advantages
• Extensibility and Incremental Growth
• Economics
• Speed
• Inherent distribution of applications and
Reliability
Disadvantages:
• Complexity
• Network Problem
• Security
6. What are the desirable features of Cloud?
• On-Demand Self-service
• Per-usage metering and billing (Measured service)
• Rapid Elasticity
• Resource Pooling
• Broad Network Access
7. List down the types of clouds based on deployment models.
• Public / Internet Clouds
• Private / Enterprise Cloud
• Hybrid / Mixed Cloud
• Community
8. Differentiate private and public cloud.
Private Cloud Public Cloud
It is hosted at Service Provider site.
It is hosted at Service Provider site or
enterprise
It is connected to the public internet
It only supports connectivity over the private
network.
Scalability is very high, and reliability is
moderate.
Scalability is limited, and reliability is very
high.
Example: Amazon VPC and Azure Private
Cloud
Example: Amazon Web Services (AWS),
Google App Engine

4. 9. What are cloud service models?
The three main categories of cloud service models:
Infrastructure as a Service (IaaS): The delivery of technology infrastructure (mostly
hardware) as an on demand, scalable service. Example: Amazon EC2
Platform as a Service (PaaS): A complete development and deployment environment in the
cloud, with resources that enable the user to develop and run their applications
Software as a Service (SaaS): SaaS is a licensed software offering on the cloud and pay per
use. Example: Google Docs
10. Write a short note on community cloud.
Community cloud is a cloud infrastructure that allows systems and services to be
accessible by a group of several organizations to share the information.
Example: Our government organization within India may share computing infrastructure
in the cloud to manage data.
11. List the advantages and disadvantages of cloud computing.
Advantages
• No upfront commitment
• Cost efficiency
• On Demand Self-service
• Disaster Recovery
• Excellent accessibility
• Scalability
• Flexibility
Disadvantages:
• Downtime
• Security
• Vendor Lock-In
• Limited Control
• Legal Issues
12. Define parallel computing.
Parallel computing is a type of computing architecture in which several processors
simultaneously execute multiple, smaller calculations broken down from an overall
larger, complex problem.
The term parallel computing refers to a model in which the computation is divided
among several processors sharing the same memory.

5. 13. Define distributed computing.
• The term distributed computing encompasses any architecture or system that allows
the computation to be broken down into topics and executed concurrently on
different computing elements, whether these are processors on different nodes,
processors on the same computer, or cores within the same processor.
• In Distributed Computing the processors communicate with one another through
communication lines such as high-speed buses or telephone lines
• Each processor has its own local Memory
• Examples: ATM, Internet, Intranet /Workgroups.
14. Define cluster computing
Cluster Computing is a type of parallel or distributed computer system consists of a
collection of inter-connected stand-alone computers working together as a single integrated
computing resource.
Types of Clusters
• High Availability or Failover clusters
• Load Balancing Clusters
• Parallel / Distributed Processing Clusters.
15. Differentiate parallel computing vs. distributed computing
Parallel Computing Distributed Computing
Many operations are performed
simultaneously
System components are located at different
locations
Single computer is required Uses multiple computers
Multiple processors perform multiple
operation
Multiple computers perform multiple
operations
It may have shared or distributed memory It has only distributed memory
16. Differentiate grid and cloud computing.
Grid Computing Cloud Computing
Cloud computing is a centralized executive. Grid computing is a decentralized executive.
In cloud computing, resources are used in
centralized pattern.
In grid computing, resources are used in
collaborative pattern.
Cloud computing is a high accessible service. Grid computing is a low accessible service.
It is highly scalable as compared to grid
computing.
Grid computing is low scalable in comparison to
cloud computing.

6. 17. Differentiate tightly coupled vs. loosely coupled system.
Tightly coupled System Loosely coupled system
All the processors are connected to a single
global memory
All processors have a local memory.
The communication between PEs in this
model takes place through the shared
memory
The communication between PEs in this model
takes place through the interconnection network,
the inter process communication channel, or
IPC.
It has Memory conflicts Memory conflicts don’t take place
18. Give examples of Message Passing Interface.
• Remote Procedure Call (RPC)
• Distributed Objects
• Distributed agents and Active Objects
• Web Service
19. Identify the model for Message based communication.
• Point-to-point message model
• Publish and Subscribe message model
o Push Strategy
o Pull Strategy
• Request-reply message model
20. What is “elasticity” in cloud computing?
• Elasticity is defined as the ability of a system to add and remove resources (such as CPU
cores, memory, VM and container instances) to adapt to the load variation in real time.
• Elasticity is a dynamic property for cloud computing.
• Elasticity is the degree to which a system is able to adapt to workload changes by
provisioning and deprovisioning resources in an autonomic manner.
Elasticity = Scalability + Automation + Optimization
21. Name the policies used in elasticity “add or remove resources”.
• Elasticity can be provided either manual or automatic.
• A manual elastic solution would provide their users with tools to monitor their
systemsand add or remove resources but leaves the scaling decision to them.

7. • Automatic mode: All the actions are done automatically, and this could be
classified intoreactive and proactive modes.
• Elastic solutions can be either reactive or predictive.
• Reactive mode: The elasticity actions are triggered based on certain thresholds or
rules, the system reacts to the load (workload or resource utilization) and triggers
actions to adapt changes accordingly.
• Proactive mode: This approach implements forecasting techniques, anticipates the
future needs, and triggers actions based on this anticipation.
22. Differentiate horizontal scaling and vertical scaling.
Horizontal Scaling Vertical Scaling
Moving a virtual machine instance to another
physical machine with a different overall load
changes its available resources
The process of adding/removing instances,
which may be located at different locations.
It is harder to upgrade and may involve
downtime.
The process of modifying resources (CPU,
memory, storage or both) size for an instance
at run time.
It is not flexible for the cloud systems to cope
with the varying workloads
It gives more flexibility for the cloud systems
to cope with the varying workloads
23. What is post-copy and pre-copy in live migration?
Post-copy migration:
• Post-copy migration suspends the migrating VM, copies minimal processor state to the
target host, resumes the VM and then begins fetching memory pages from the source.
Pre-copy migration:
• In pre-copy approach, the memory pages are copied while the VM is running on the
source.
• If some pages are changed (called dirty pages) during the memory copy process, they will
be recopied until the number of recopied pages is greater than dirty pages, or the source
VM will be stopped.
• The remaining dirty pages will be copied to the destination VM.

8. 24. Differentiate static resource provisioning vs. dynamic resource provisioning.
Static Resource Provisioning Dynamic Resource Provisioning
The provider prepares the appropriate
resources in advance of start of service.
The provider allocates more resources as
customer needed and removes them when
they are not.
The customer is charged a flat fee or is
billed on a monthly basis
The customer is billed on a pay-per-use
basis
25. List the parameters of resource provisioning.
• Response time
• Minimize cost
• Revenue maximization
• Fault tolerant
• Reduced SLA Violation
• Reduces Power Consumption
26. State the types of dynamic resource provisioning.
• Local On-demand Resource Provisioning
• Remote On-demand Resource Provisioning
27. List the applications of cloud computing.
• Scientific / Technical Applications
• Business Applications
• Consumer / Social Applications
• Art
• Data storage and back-up
• Education
• Entertainment
• Management

9. Part – B
1. Explain in detail about evolution of cloud computing.
2. Elaborate the underlying principles of cloud computing.
3. Explain the characteristics/desired features of cloud computing with suitable examples.
4. Illustrate how “elasticity” is a major advantage in cloud computing
5. Explain on-demand resource provisioning in cloud computing.

10. CS8791 CLOUD COMPUTING
UNIT II – CLOUD ENABLING TECHNOLOGIES
Service Oriented Architecture – REST and Systems of Systems – Web Services – Publish-
Subscribe Model – Basics of Virtualization – Types of Virtualization – Implementation Levels of
Virtualization – Virtualization Structures – Tools and Mechanisms – Virtualization of CPU –
Memory – I/O Devices –Virtualization Support and Disaster Recovery.
PART – A (2 Marks)
1. Define the term Web Service.
• Prominent technology for implementing SOA systems and applications.
• They leverage Internet technologies and standards for building distributed systems.
Based on well-known and vendor-independent standards such as HTTP, SOAP, and
WSDL.
2. List the major roles in SOA.
There are two major roles within SOA:
• Service Provider: Develop and provides services
• Service Consumer: Accessing services over Internet
3. State the components of service discovery.
Service discovery consists of three components:
• Service Register
• Service Requestor
• Service Provider
4. What are the properties of SOA?
• Logical view
• Message orientation
• Description orientation:
• Granularity
• Network orientation
• Platform-neutral

11. 5. What is the impact of SOA in cloud?
• A service-oriented approach that allows multiple service entities to communicate and share
information through a single system. SOA does this by implementing a method called
“loose coupling.”
• An SOA is a set of multiple services. Applications can be formed by making use of those
facilities available across different platforms regardless of the languages or vendors.
• It improves business workflows while providing:
o Access management services
o Ease of monitoring and management
o Easy data exchange
o Interoperability
o Platform-neutral approach
o Reliability
o Reusable codes and services
o Service change impact
6. Justify that Web and Web architecture are SOA based.
• SOA is an architectural style for building software applications that use services available
in a network such as the web.
• It promotes loose coupling between software components so that they can be reused.
• Applications in SOA are built based on services.
• A service is an implementation of a well-defined business functionality, and such services
can then be consumed by clients in different applications or business processes.
• SOA allows for the reuse of existing assets where new services can be created from an
existing IT infrastructure of systems.
7. Write a short note on REST.
REST is a software architecture style for distributed systems, particularly distributed
hypermedia systems.
REST stands for Representational State Transfer. REST itself is not a standard, while it
uses various standards such as HTTP, URL, XML/HTML/GIF/JPEG (Resource
Representations) and text/xml, text/html, image/gif, image/jpeg, etc (MIME Types).
8. State the four principles of REST.
The REST architectural style is based on four principles

12. • Resource Identification through URIs
• Uniform, Constrained Interface
• Self-Descriptive Message
• Stateless Interactions
9. Identify the technologies that make up web services.
The technologies that make up the core of today’s web services are as follows:
• Simple Object Access Protocol (SOAP): SOAP provides a standard packaging
structure for transmission of XML documents over various Internet protocols, such as
SMTP, HTTP, and FTP.
• Web Services Description Language (WSDL): It standardizes the representation of
input and output parameters of its operations as well as the service’s protocol binding,
the way in which the messages will be transferred on the wire.
• Universal Description, Discovery, and Integration (UDDI): UDDI provides a global
registry for advertising and discovery of web services, by searching for names,
identifiers, categories, or the specification implemented by the web service.
10. What is virtualization in cloud computing? (or) Give the role of VM.
• Virtualization is a computer architecture technology by which multiple virtual
machines (VMs) are multiplexed in the same hardware machine.
• The purpose of a VM is to enhance resource sharing by many users and improve
computer performance in terms of resource utilization and application flexibility.
• Hardware resources such as CPU, memory, I/O devices, or software resources such as
OS, software libraries can be virtualized.
11. Give the basic operation of VM.
• Multiplexing: VMs can be multiplexed between hardware machines.
• Suspension: VM can be suspended and stored in stable storage.
• Provision (Resume): A suspended VM can be resumed or provisioned to a new
hardware platform.
• Migration: A VM can be migrated from one hardware platform to another.

13. 12. Define Virtual Machine Monitor (VMM).
• Hardware-level virtualization inserts a layer between real hardware and traditional
operating systems.
• This layer is commonly called the Virtual Machine Monitor (VMM) and it manages
the hardware resources of a computing system.
• Each time programs access the hardware the VMM captures the process
• Three requirements for a VMM:
o VMM should provide an environment identical to the original machine.
o Programs run in this environment should show, only minor decreases in speed.
o VMM should be in complete control of the system resources.
13. List the implementation levels of virtualization.
• Application level
• Library Support level
• Operating System level
• Hardware Abstraction layer level
• Instruction Set Architecture level
14. State the merits of virtualization at various levels.
15. Write a short note on Xen hypervisor.
• Hypervisor supports hardware-level virtualization on bare metal devices such as CPU,
memory, disk and network interfaces.
• Hypervisor sits directly between physical hardware and its OS.
• Xen is a microkernel hypervisor, which separates the policy from the mechanism.
• It implements all the mechanisms, leaving the policy to be handled by Domain 0.
• Xen does not include any device drivers natively.

14. 16. What is binary translation in virtualization?
• Binary translation is one specific approach to implementing full virtualization that does
not require hardware virtualization features.
• It involves examining the executable code of the virtual guest for "unsafe" instructions,
translating these into "safe" equivalents, and then executing the translated code.
• Alternatives to binary translation are binary patching, and full system emulation.
17. State the advantages and disadvantages of virtualization. (or) “Although
virtualization is widely accepted today, it does have its limits”. Comment on the
statement.
Advantages:
• Utilization of hardware efficiently
• Availability increases with Virtualization
• Disaster recovery is efficient and easy
• Virtualization saves energy
• Cloud migration becomes easy
Disadvantages:
• Data can be at risk
• Learning new infrastructure
• High initial investment
18. List the classes of Virtual Machine (VM) architecture.
• Hypervisor Architecture
• Paravirtualization
• Host-based virtualization
19. Differentiate full virtualization vs para virtualization.
S.No. Full Virtualization Paravirtualization
1.
In Full virtualization, virtual machine
permits the execution of the
instructions with running of
unmodified OS in an entire isolated
way.
In paravirtualization, virtual machine does not
implement full isolation of OS but rather
provides a different API which is utilized
when OS is subjected to alteration.
2. Full Virtualization is less secure.
Paravirtualization is more secure than the Full
Virtualization.
3.
Full Virtualization uses binary
translation and direct approach as a
technique for operations.
While Paravirtualization uses hypercalls at
compile time for operations.

15. S.No. Full Virtualization Paravirtualization
4.
Full Virtualization is slow than
paravirtualization in operation.
Paravirtualization is faster in operation as
compared to full virtualization.
5.
Full Virtualization is more portable
and compatible.
Paravirtualization is less portable and
compatible.
6.
Example: Microsoft and Parallels
systems
Example: VMware and Xen.
20. Differentiate critical and non-critical instructions.
Critical Instruction Non-Critical Instruction
The instructions that can run only in kernel mode
are called critical instruction.
The instructions that can run only in user mode
are called non-critical instruction.
Example: Content Switching, Clear the memory Example: Generate any trap instruction
21. List the categories of critical instructions.
Critical instructions are divided into three categories:
• Privileged instructions: Execute in a privileged mode and will be trapped if executed
outside this mode
• Control Sensitive Instructions: Attempt to change the configuration of resources used
• Behaviour- Sensitive Instructions: Load and store operations over the virtual memory
22. What are the ways to implement I/O virtualization?
There are three ways to implement I/O virtualization:
• Full device emulation: All the functions of a device or bus infrastructure, such as
device enumeration, identification, interrupts, and DMA, are replicated in software.
This software is in the VMM and acts as a virtual device. The I/O access requests of
the guest OS are trapped in the VMM which interacts with the I/O devices.
• Para-virtualization: Typically used in Xen. It is also known as the split driver model
consisting of a frontend driver and a backend driver.
• Direct I/O: Lets the VM access devices directly. It can achieve close-to-native
performance without high CPU costs.

16. 23. Give the significance of virtualization for disaster recovery?
• The cloning of VMs offers an effective solution.
• The idea is to make a clone VM on a remote server for every running VM on a local
server. Among all the clone VMs, only one needs to be active.
• The remote VM should be in a suspended mode.
• A cloud control center should be able to activate this clone VM in case of failure of
the original VM, taking a snapshot of the VM to enable live migration in a minimal
amount of time.
PART – B
1. Explain how virtualization is implemented in different layers. (or) Explain various levels
of virtualization implementation.
2. Elucidate the virtualization of CPU, Memory, and I/O devices.
3. Analyze how virtualization technology supports cloud computing.
4. What is virtualization? Describe para and full virtualization architectures. Compare and
contrast them.
5. Explain in detail about load balancing in virtualization.

17. CS8791 CLOUD COMPUTING
UNIT III – CLOUD ARCHITECTURE, SERVICES AND STORAGE
Layered Cloud Architecture Design – NIST Cloud Computing Reference Architecture – Public,
Private and Hybrid Clouds - laaS – PaaS – SaaS – Architectural Design Challenges – Cloud
Storage – Storage-as-a-Service – Advantages of Cloud Storage – Cloud Storage Providers – S3.
PART – A (2 Marks)
1. List the actors in cloud computing.
The five major participating actors in cloud computing are
• Cloud Consumer
• Cloud Provider
• Cloud Broker
• Cloud Auditor
• Cloud Carrier
2. State the role of cloud auditor.
A cloud auditor is a party that can perform an independent examination of cloud service
controls with the intent to express an opinion thereon. A cloud auditor can evaluate the
services provided by a cloud provider in terms of security controls, privacy impact,
performance, etc.
3. What is the responsibility of cloud broker?
Cloud Broker is an entity that manages the use, performance, and delivery of cloud
services, and negotiates relationships between cloud providers and cloud consumers. As
cloud computing evolves, the integration of cloud services may be too complex for cloud
consumers to manage alone.
4. Mention the characteristic features of cloud.
• On-demand self-service
• Broad network access
• Multi-tenancy and resource pooling
• Rapid elasticity and

18. • scalability
• Measured service
5. Differentiate PaaS, SaaS and IaaS
Cloud Players IaaS PaaS SaaS
IT administrators /
cloud providers
Monitor SLAs
Monitor SLAs and
enable service
platforms
Monitor SLAs and
deploy software
Software developers
To deploy and
store data
Enabling platforms
via configurators
and APIs
Develop and deploy
software
End users or business
users
To deploy and
store data
To develop and test
web software
Use business software
Example Amazon EC2 Google App Engine
Google Apps like Gmail,
Google Docs, etc
6. Differentiate private cloud and public cloud.
Private Cloud Public Cloud
Single Tenancy Multi-Tenancy
It only supports connectivity over the private
network.
It is connected to the public internet
Scalability is limited, and reliability is very
high.
Scalability is very high, and reliability is
moderate.
Dedicated Servers Shared Servers
Eg: Microsoft KVM, HP, RedHat
&VMWare.
Eg: Amazon Web Service (AWS) and Google
App Engine.
7. Why do we need a hybrid cloud?
• Hybrid cloud is a solution that combines a private cloud with one or more public cloud
services, with proprietary software enabling communication between each distinct
service.
• Hybrid cloud allows companies to combine their own data center and/or private cloud
setup with public cloud resources such as Software as a Service, or SaaS. Software

19. touch points are used between the two infrastructures to help move data back and
forth between them as needed.
8. Write a short note on community cloud.
• A community cloud model is a collaborative effort where infrastructure is shared and
jointly accessed by several organizations from a specific group that share specific
computing concerns such as, security, compliance, or jurisdiction considerations.
• Eg: IBM soft layer cloud
9. Who are the major players of cloud?
• Amazon Web Services (AWS)
• Microsoft Azure
• Google Cloud
• IBM Cloud
• Oracle
• Salesforce
10. Identify the architectural design challenges in cloud.
Challenge 1: Service Availability and Data Lock-in Problem
Challenge 2: Data Privacy and Security Concerns
Challenge 3: Unpredictable Performance and Bottlenecks
Challenge 4: Distributed Storage and Widespread Software Bugs
Challenge 5: Cloud Scalability, Interoperability, and Standardization
Challenge 6: Software Licensing and Reputation Sharing
11. Define cloud storage (Storage as a Service) with examples.
• Cloud storage is a cloud computing model that stores data on the Internet through a
cloud computing provider who manages and operates data storage as a service.
• Stored data can be accessed from anywhere and in anytime over Internet.
• Eg: Apple (iCloud), Amazon (Amazon Web Services), Dropbox, and Google

20. 12. State the advantages and disadvantages of cloud storage.
Advantages
• Usability and accessibility
• Security
• Cost-efficient
• Convenient sharing of files
• Automation
• Multiple users
• Synchronization
Disadvantages
• Internet Connection
• Costs
• Hard drives
• Support
• Privacy
13. Write a short note on Amazon S3.
• Amazon Simple Storage Service (Amazon S3) is a scalable, high-speed, web-based cloud
storage service. The service is designed for online backup and archiving of data and
applications on Amazon Web Services (AWS).
• Amazon S3 provides a simple web services interface that can be used to store and retrieve
any amount of data, at any time, from anywhere on the web.
• S3 provides the object-oriented storage service for users.
• Users can access their objects through Simple Object Access Protocol (SOAP) with
either browsers or other client programs which support SOAP.
14. What is Amazon EBS?
• The Elastic Block Store (EBS) provides the volume block interface for saving and
restoring the virtual images of EC2 instances.
• The status of EC2 is saved in the EBS system after the machine is shut down.
• Users can use EBS to save persistent data and mount to the running instances of EC2.
• EBS allows you to create storage volumes from 1 GB to 1 TB that can be mounted as EC2
instances.
15. State the purpose of Amazon SimpleDB.
• SimpleDB provides a simplified data model based on the relational database data
model.

21. • Structured data from users must be organized into domains.
o Each domain can be considered a table.
o The items are the rows in the table.
• A cell in the table is recognized as the value for a specific attribute (column name) of
the corresponding row.
• This is like a table in a relational database and possible to assign multiple values to
a single cell in the table.
PART – B
1. Explain in detail about NIST Cloud Computing Reference Architecture.
2. With architecture, elaborate the various deployment models and reference models of cloud
computing.
3. List the cloud deployment models and give a detailed note about them.
4. What are the pros and cons of public, private and hybrid cloud?
5. Compare and contrast the cloud deployment models.
6. Describe service and deployment models of a cloud computing environment with
illustrations. How do they fit in NIST cloud architecture?
7. Describe the different working models of cloud computing.
8. Give the importance of cloud computing and elaborate the different types of services
offered by it.
9. Illustrate the cloud delivery models in detail.
10. Describe Infrastructure-as-a-service (IaaS), Platform-as-a-Service (PaaS) and Software-as-
a-Service (SaaS) with an example.
11. Explain in detail about architectural design challenges in cloud.
12. What is cloud storage? Elucidate Amazon cloud storage in detail.

22. CS8791 CLOUD COMPUTING
UNIT IV – RESOURCE MANAGEMENT AND SECURITY IN CLOUD
Inter Cloud Resource Management – Resource Provisioning and Resource Provisioning Methods
– Global Exchange of Cloud Resources – Security Overview – Cloud Security Challenges –
Software-as-a-Service Security – Security Governance – Virtual Machine Security – IAM –
Security Standards.
PART – A (2 Marks)
1. Define Intercloud.
• Intercloud is a network of cloud s that are linked with each other. This includes private,
public, and hybrid clouds that come together to provide a seamless exchange of data.
• Combining many different individual clouds into one seamless mass in terms of on-
demand operations.
2. What are the challenges of Intercloud?
• Identification: A system should be created where each cloud can be identified and
accessed by another cloud, like how devices connected to the internet are identified by
IP addresses.
• Communication: A universal language of the cloud should be created so that they are
able to verify each other’s available resources.
• Payment: When one provider uses the assets of another provider, a question arises on
how the second provider will be compensated, so a proper payment process should be
developed.
3. What are extended cloud computing services?
• Hardware as a Service (HaaS)
• Network as a Service (NaaS)
• Location as a Service (LaaS)
• Security as a Service (SaaS)
• Data as a Service (DaaS)
• Communication as a Service (CaaS)

23. 4. List the information available in VM template.
The information available in VM template are:
• The number of cores or processors to be assigned to the VM
• The amount of memory the VM requires
• The kernel used to boot the VM’s operating system
• The disk image containing the VM’s file system
• The price per hour of using a VM
• The address of the physical machine hosting the VM
• The VM’s network configuration
5. What is the responsibility of Virtual Infrastructure Engine (VIE)?
• Users submit VMs on physical machines using different kinds of hypervisors.
• VIEs (Virtual Infrastructure Engine) can create and stop VMs on a physical cluster
6. How does InterGrid Gateway (IGG) allocates resources?
An InterGrid gateway (IGG) allocates resources from one organization's local cluster and
interacts with another IGG that can allocate resources from a cloud computing provider.
Intergrid gateway (IGG) allocates resources from a local cluster three steps:
• Requesting the VMs (Resources)
• Enacting (Validate) the leases
• Deploying (install) the VMs as requested
7. Find the actors present in Intercloud?
• Cloud Broker: An entity that manages the use, performance, and delivery of cloud
services, and negotiates relationships between cloud providers and cloud consumers.
• Cloud Coordinator: It evaluates the available resources
• Supported services:
o Application scheduling
o Resource allocation
o Migration of workloads
• Cloud Exchange: It acts as a market maker for bringing together service producers
and consumers.

24. 8. What is resource provisioning in cloud?
• Cloud provisioning is the allocation of a cloud provider's resources and services to
a customer.
• The growing catalogue of cloud services that customers can provision includes
infrastructure as a service, software as a service and platform as a service, in public or
private cloud environments.
• Resource-provisioning methods:
o Demand-driven method
o Event-driven method
o Popularity-Driven Resource Provisioning
9. Differentiate under-provisioning and over-provisioning.
Under Provisioning Over Provisioning
Allocating fewer resources than required,
otherwise the service cannot serve its users
with a good service.
The peak load causes heavy resource
waste
Leads to broken SLA and penalties. Leads to resource underutilization.
10. List the types of resource provisioning methods.
• Demand-Driven: Adds or removes nodes (VM) based on the current utilization level
of the allocated resources.
• Event-Driven: Adds or removes machine instances based on a specific time event.
• Popularity-Driven: Based on Internet traffic monitored.
11. List the Gartner’s security issues in cloud.
• Privileged user access
• Regulatory compliance
• Data location
• Data segregation
• Recovery
• Investigative support
• Long-term viability

25. 12. What are the threats occurring while transferring or saving data in cloud? (or) list
out the key privacy issues in cloud.
• Handling of data by third party
• Cyber attacks
• Insider threats
• Government intrusion
• Legal liability
• Lack of standardization
• Lack of support
13. Define Man-in-Middle attack.
• Information shared between two parties could be hacked by the middle (third) party.
• Caused due to improper configuration of Secure Socket Layer (SSL).
• A general term for when a perpetrator positions himself in a conversation between a
user and an application either to eavesdrop or to impersonate one of the parties, making
it appear as if a normal exchange of information is underway.
14. What is Cross-Site Scripting attack?
• Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts
are injected into otherwise benign and trusted websites.
• User enters the correct URL of a website, whereas on another site, hacker redirects the
user to his/her website and hacks its identification.
15. List the security services offered by cloud.
• Availability: Data never loss and Machine never fail
• Confidentiality: Authorized to know the information
• Integrity: Data has not been tampered
16. Define data integrity, confidentiality, and availability.
• Data integrity: Refers to the technique for ensuring that the data is genuine, correct and
protected from illegal user alteration. Mechanisms Used: Digital Signature, Hashing
methods and message verification codes.

26. • Confidentiality: Refers to limiting data access only to authorized users and stopping
access to unauthorized ones. Mechanisms Used: Access control, Biometric,
Encryption, Privacy, Ethics.
• Availability: Availability of data resource. Mechanisms Used: Data backup, recovery
plan.
17. List the phases of secure SDLC.
• Investigation
• Analysis
• Logical design
• Physical design
• Implementation
• Maintenance
18. What is security governance?
• A security steering committee is developed whose objective is to focus on providing
guidance about security initiatives and alignment with business and IT strategies.
• A charter: First deliverables from the steering committee.
• Charter clearly defines the roles and responsibilities of the security team and other
groups involved in performing information security functions.
19. How can the data security be forces in cloud?
• Security need at the data level, so enterprises can be sure that their data is protected
wherever it goes.
• Provides compliance with Payment Card Industry Data Security Standard (PCIDSS).
• Ensures data security using:
o Authentication: OTP
o Encryption and Decryption algorithms
o Data integrity: Hashing techniques (Message Digest, SHA)

27. 20. Define application security.
• Application security is one of the critical success factors for a world-class SaaS
company.
• Application security processes, secure coding guidelines, training, and testing scripts
and tools are typically a collaborative effort between the security and the development
teams.
• SaaS providers should secure their web applications by following Open Web
Application Security Project (OWASP) guidelines for secure application
development, by locking down ports and unnecessary commands.
21. What is Virtual Machine security?
• In the cloud environment, physical servers are consolidated (combined) to multiple
virtual machine instances.
• Following are deployed on virtual machines to ensure security:
o Firewalls
o Intrusion detection and prevention
o Integrity monitoring
o Log inspection
22. What is Identity Access Management (IAM)?
• IAM refers to a framework of policies and technologies for ensuring that the proper
people in an enterprise have the appropriate access to technology resources.
• IAM Services are:
o Authentication
o Authorization
o Auditing
PART – B
1. Explain in detail about cloud resource provisioning methods.
2. Explain in detail about cloud security challenges.
3. Elaborate the security services in detail.
4. Explain data security, application security and virtual machine security.
5. Illustrate Identity Access Management (IAM) architecture.
6. What is the purpose of IAM? Describe its functional architecture with an illustration.
7. How is the identity and access management established in cloud to counter the threats?

28. CS8791 CLOUD COMPUTING
UNIT V – CLOUD TECHNOLOGIES AND ADVANCEMENTS
Layered Cloud Architecture Design – NIST Cloud Computing Reference Architecture – Public, Private and
Hybrid Clouds - laaS – PaaS – SaaS – Architectural Design Challenges – Cloud Storage – Storage-as-a-
Service – Advantages of Cloud Storage – Cloud Storage Providers – S3.
PART – A (2 Marks)
1. Give the significance of heartbeat message in Hadoop.
• A Heartbeat is a signal from Datanode to Namenode to indicate that it is alive.
• In HDFS, absence of heartbeat indicates that there is some problem and then
Namenode, Datanode cannot perform any computation.
• The default heartbeat interval is 3 seconds.
2. “HDFS is fault tolerant”. Is it true? Justify your answer.
• HDFS is highly fault tolerant.
• It creates a replica of users' data on different machines in the HDFS cluster.
• So whenever if any machine in the cluster goes down, then data is accessible from other
machines in which the same copy of data was created.
3. What is distributed file system?
• A file system that is distributed on multiple file servers or multiple locations.
• It allows programs to access or store isolated files as they do with the local ones,
allowing programmers to access files from any network or computer.
4. How MapReduce framework executes user jobs?
• MapReduce program executes in three stages.
• Map stage: The map or mapper's job is to process the input data. Generally, the input
data is in the form of file or directory and is stored in the Hadoop file system (HDFS).
• Reduce stage: This stage is the combination of the Shuffle stage and the Reduce stage.
The Reducer’s job is to process the data that comes from the mapper. After processing,
it produces a new set of output, which will be stored in the HDFS.

29. 5. Name the different modules in Hadoop framework.
• Hadoop is made up of 4 core modules:
o Hadoop Distributed File System (HDFS)
o Yet Another Resource Negotiator (YARN)
o Hadoop Common
o MapReduce
6. What are the advantages of using Hadoop?
• Fault-Tolerant
• Performance
• Highly Available
• Low Network Traffic
• High Throughput
• Open Source
• Cost Effective
7. Write a short note on VirtualBox.
• Oracle VM VirtualBox is cross-platform virtualization software.
• It allows users to extend their existing computer to run multiple operating systems
including Microsoft Windows, Mac OS X, Linux, and Oracle Solaris, at the same time.
8. List the technologies used by GAE.
• Google File System (GFS): For storing large amounts of data.
• MapReduce: For application program development and performing computation.
• Chubby: For distributed application lock services.
• BigTable: Offers a storage service.
9. Write a short note on BigTable.
• It provides a service for storing and retrieving structured and semistructured data.
• BigTable applications include storage of web pages, per-user data, and geographic
locations.

30. • The database needs to support very high read/write rates and the scale might be millions
of operations per second.
• A single value in each row is indexed; this value is known as the row key.
10. List the components of OpenStack.
Seven core components of OpenStack are:
• Nova (Compute)
• Glance (Image Service)
• Swift (Object Storage)
• Horizon (Dashboard)
• Keystone (Identity Service)
• Neutron (Networking)
• Cinder (Block Storage)
11. What is cloud federation?
• A Federation cloud is an Inter-Cloud where a set of cloud providers willingly
interconnect their cloud infrastructures to share resources among each other.
• The cloud providers in the federation voluntarily collaborate to exchange resources.
• This type of Inter-Cloud is suitable for collaboration of governmental clouds.
• Types of federation clouds are Peer to Peer and Centralized clouds.
12. State the benefits of cloud federation.
• Allows client to optimize enterprise IT service delivery.
• Allows a client to choose best cloud service providers.
• Flexibility cost and availability of services to meet a particular business or
technological need within their organization.
• Allows applications to run in the most appropriate infrastructure environments.
13. List the four levels of federation.
• Permissive: Occurs when a server accepts a connection from a peer network server
without verifying its identity using DNS lookups or certificate checking.

31. • Verified: Occurs when a server accepts a connection from a peer after the identity of
the peer has been verified.
• Encrypted: Server accepts a connection from a peer if and only if the peer supports
Transport Layer Security (TLS) as defined for XMPP in Request for Comments (RFC)
3920. The peer must present a digital certificate.
• Trusted: A server accepts a connection from a peer only under the stipulation that the
peer supports TLS and the peer can present a digital certificate issued by a root
certification authority (CA) that is trusted by the authenticating server.
14. Differentiate Permissive vs. Verified vs. Encrypted vs. Trusted Federation.
Permissive Federation
• Permissive federation occurs when a server accepts a connection from a peer network
server without verifying its identity using DNS lookups or certificate checking.
• The lack of verification or authentication may lead to domain spoofing.
Verified Federation
• This type of federation occurs when a server accepts a connection from a peer after the
identity of the peer has been verified.
• It uses information obtained via DNS and by means of domain-specific keys exchanged
beforehand.
• XMPP real time communication protocol uses XML.
Encrypted Federation
• Server accepts a connection from a peer if and only if the peer supports Transport Layer
Security (TLS) as defined for XMPP in Request for Comments (RFC) 3920.
• The peer must present a digital certificate.
• Server Dial back uses the DNS as the basis for verifying identity.
Trusted Federation
• A server accepts a connection from a peer only under the stipulation that the peer
supports TLS and the peer can present a digital certificate issued by a root certification
authority (CA) that is trusted by the authenticating server.
• The use of digital certificates results not only in a channel encryption but also in strong
authentication.

32. • The use of trusted domain certificates effectively prevents DNS poisoning attacks.
15. Write a short note on future of federation.
• The implementation of federated communications is a precursor to building a
seamless cloud that can interact with people, devices, information feeds, documents,
application interfaces, and other entities.
• It enables software developers and service providers to build and deploy such
applications without asking permission from a large, centralized communications
operator.
PART – B
1. With an illustration, emphasize the significance of MapReduce paradigm in Hadoop
framework. List out the assumptions and goals set in HDFS architecture for processing the
data based on divide-and-conquer strategy.
2. Discuss MAPREDUCE with suitable diagram.
3. Elaborate HDFS concepts with suitable illustrations.
4. Give detailed note on Hadoop framework.
5. Illustrate dataflow in HDFS during file read/write operation with suitable diagrams.
6. Explain the Hadoop distributed file system architecture with a diagram.
7. Illustrate the Hadoop implementation of MapReduce framework.
8. Analyze how MapReduce framework supports parallel and distributed computing on large
datasets with a suitable example.
9. Illustrate Google App Engine (GAE) architecture in detail.
10. Explain the architecture and components of OpenStack.
11. What is cloud federation? Elaborate the different levels of cloud federation.