Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
24 views3 pages

Cloud Computing QA Module5

The document discusses various surfaces of attacks in cloud computing, including network-based, hypervisor, and application layer attacks, along with insider threats. It lists the top cloud security threats from CSA 2016, such as data breaches and weak identity management, and outlines four fair information practices for consumer-oriented websites. Additionally, it covers design goals of Xoar, mobile devices and cloud security, reputation system design options, important cloud platform capabilities, and the steps involved in MapReduce.

Uploaded by

shivaganesh00004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views3 pages

Cloud Computing QA Module5

The document discusses various surfaces of attacks in cloud computing, including network-based, hypervisor, and application layer attacks, along with insider threats. It lists the top cloud security threats from CSA 2016, such as data breaches and weak identity management, and outlines four fair information practices for consumer-oriented websites. Additionally, it covers design goals of Xoar, mobile devices and cloud security, reputation system design options, important cloud platform capabilities, and the steps involved in MapReduce.

Uploaded by

shivaganesh00004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Q.

07 a) Demonstrate surfaces of attacks in a cloud computing environment with neat

diagram.

Surfaces of attacks in cloud computing include:

1. Network-based attacks: Unauthorized access via insecure APIs or data transmission.

2. Hypervisor attacks: Exploiting vulnerabilities in virtual machine monitors.

3. Data storage attacks: Breaches in stored data confidentiality and integrity.

4. Application layer attacks: Cross-site scripting, SQL injection.

5. Insider threats: Malicious actions by authorized personnel.

[Diagram: A conceptual diagram showing various attack vectors like user to API, VM to hypervisor,

etc.]

Q.07 b) List out the top cloud security threats of CSA2016.

Top Cloud Security Threats (CSA 2016):

1. Data Breaches

2. Weak Identity and Access Management

3. Insecure Interfaces and APIs

4. System Vulnerabilities

5. Account Hijacking

6. Malicious Insiders

Q.07 c) Select four widely-accepted fair information practices.

Four Fair Information Practices for consumer-oriented commercial websites:

1. Notice/Awareness Inform users about data collection.

2. Choice/Consent Give users control over their information.

3. Access/Participation Allow users to review and correct data.

4. Integrity/Security Protect data from unauthorized access.


Q.08 a) Summarize the design goals of Xoar.

Design Goals of Xoar:

1. Strong isolation of virtual machines.

2. Scalability for multi-core systems.

3. Simplicity and maintainability in the hypervisor codebase.

4. Security by minimizing trusted computing base.

Q.08 b) Explain mobile devices and cloud security.

Mobile Devices and Cloud Security:

1. Data synchronization and access risks.

2. Device loss/theft leading to data leakage.

3. Use of secure apps and VPNs for cloud access.

4. Authentication and encryption of mobile-cloud communication.

Q.08 c) Model an overview of reputation system design options.

Reputation System Design Options:

1. Centralized vs Decentralized systems.

2. Rating aggregation methods (average, weighted).

3. Identity management (verified users).

4. Feedback quality control and fraud prevention.

Q.09 a) Outline Important Cloud Platform Capabilities.

Important Cloud Platform Capabilities:

1. Self-service provisioning.

2. Elastic resource scaling.

3. Resource pooling and multi-tenancy.

4. Metered billing and usage tracking.

5. Service orchestration and automation.


Q.09 b) Organize the steps involved in MapReduce.

Steps in MapReduce:

1. Input Splitting Data is divided.

2. Mapping Processes input to key-value pairs.

3. Shuffling Intermediate keys sorted and grouped.

4. Reducing Final output is generated from grouped data.

5. Output Results stored in HDFS.

Q.10 a) Explain how data flows in a MapReduce job with diagram.

Data Flow in MapReduce Job (Hadoop):

1. Client submits job to JobTracker.

2. JobTracker assigns tasks to TaskTrackers.

3. Map tasks read input splits, emit key-value pairs.

4. Shuffle and sort intermediate data.

5. Reduce tasks aggregate results.

[Diagram: Flow from HDFS Map Shuffle Reduce Output]

Q.10 b) Explain Data mutation sequence in GFS with diagram.

Data Mutation in GFS:

1. Client sends write request to master.

2. Master selects replicas and sends locations to client.

3. Client pushes data to replicas.

4. Client sends write command to replicas.

5. All replicas apply changes in agreed order.

[Diagram: Client Master Replicas Commit]

You might also like