Write short notes on any three. a) Host Level Security b) Network Level Security c) Application Level Security d) Virtual Machine Security

2 years ago
Cloud Computing

1. Host Security

Host security describes how your server is set up for the following tasks:

  • Preventing attacks.
  • Minimizing the impact of a successful attack on the overall system
  • Responding to attacks when they occur.

It always helps to have software with no security holes. Good luck with that! In the real world, the best approach for preventing attacks is to assume your software has security holes. As I noted earlier in this chapter, each service you run on a host presents a distinct attack vector into the host. The more attack vectors, the more likely an attacker will find one with a security exploit. You must therefore minimize the different kinds of software running on a server.

Given the assumption that your services are vulnerable, your most significant tool in preventing attackers from exploiting a vulnerability once it becomes known is the rapid rollout of security patches. Here’s where the dynamic nature of the cloud really alters what you can do from a security perspective. In a traditional data center, rolling out security patches across an entire infrastructure is time-consuming and risky. In the cloud, rolling out a patch across the infrastructure takes three simple steps:

  1. Patch your AMI with the new security fixes.
  2. Test the results.
  3. Relaunch your virtual servers.

2. Network Level Security

All data on the network need to be secured. Strong network traffic encryption techniques such as Secure Socket Layer (SSL) and Transport Layer Security (TLS) can be used to prevent the leakage of sensitive information. Several key security elements such as data security, data integrity, authentication and authorization, data confidentiality, web application security, virtualization vulnerability, availability, backup, and data breaches should be carefully considered to keep the cloud up and running continuously.

3. APPLICATION-LEVEL SECURITY

Studies indicate that most websites are secured at the network level while there may be security loopholes at the application level which may allow information access to unauthorized users. Software and hardware resources can be used to provide security to applications. In this way, attackers will not be able to get control over these applications and change them. XSS attacks, Cookie Poisoning, Hidden field manipulation, SQL injection attacks, DoS attacks, and Google Hacking are some examples of threats to application-level security which resulting from the unauthorized usage of the applications.

4. Virtual Machine Security

Recent years have seen great advancements in both cloud computing and virtualization On one hand there is the ability to pool various resources to provide software-as-a-service, infrastructure-as-a-service, and platform-as-a-service. At its most basic, this is what describes cloud computing. On the other hand, we have virtual machines that provide agility, flexibility, and scalability to the cloud resources by allowing the vendors to copy, move, and manipulate their VMs at will. The term virtual machine essentially describes sharing the resources of one single physical computer into various computers within itself. VMware and virtual boxes are very commonly used virtual systems on desktops. Cloud computing effectively stands for many computers pretending to be one computing environment. Obviously, cloud computing would have many virtualized systems to maximize resources.

Keeping this information in mind, we can now look into the security issues that arise within a cloud-computing scenario. As more and more organizations follow the “Into the Cloud” concept, malicious hackers keep finding ways to get their hands on valuable information by manipulating safeguards and breaching the security layers (if any) of cloud environments. One issue is that the cloud-computing scenario is not as transparent as it claims to be. The service user has no clue about how his information is processed and stored. In addition, the service user cannot directly control the flow of data/information storage and processing. The service provider usually is not aware of the details of the service running in his or her environment. Thus, possible attacks on the cloud-computing environment can be classified into:

  1. Resource attacks: These kinds of attacks include manipulating the available resources into mounting a large-scale botnet attack. These kinds of attacks target either cloud providers or service providers.
  2. Data attacks: These kinds of attacks include unauthorized modification of sensitive data at nodes, or performing configuration changes to enable a sniffing attack via a specific device These attacks are focused on cloud providers, service providers, and also on service users.
  3. Denial of Service attacks: The creation of a new virtual machine is not a difficult task, and thus, creating rogue VMs and allocating huge spaces for them can lead to a Denial of Service attack for service providers when they opt to create a new VM on the cloud. This kind of attack is generally called a virtual machine sprawling.                
  4. Backdoor: Another threat in a virtual environment empowered by cloud computing is the use of backdoor VMs that leak sensitive information and can destroy data privacy.
  5. Having virtual machines would indirectly allow anyone with access to the host disk files of the VM to take a snapshot or illegal copy of the whole This can lead to corporate espionage and piracy of legitimate products.
3
Dipti KC
Dipti KC
Dec 19, 2022
More related questions

1. What are the steps for creating a simple cloud application using Azure. Explain with the help of an example.

2. Write down the steps involved in deployment of an application to windows Azure cloud.

3. Explain the complete Azure life cycle in detail.

4. Explain types of storage in windows azure.

5. Write about worker role & web role while configuring an application in windows Azure.

6. Explain how to deploy application using windows Azure subscription.

7. Give the steps to create virtual machine.

8. Explain how window Azure maximize data availability and minimize security risks.

9. What is provisioning in cloud computing. How Virtual machine can be provision in Azure cloud?

10. How the cloud application deploy on to the windows Azure cloud?

11. Write a program in C# to design calculator as console based application.

12. Explain step by step how to create console application using ADO, NET? Consider any example.

13. Why there is need of ADO.Net? Explain how to use ADO.Net in any web application.

14. Give the anatomy of .ASPX page & also explain with an example how to create a web page using ASP .Net.

15. Write and explain code in ASP. NET to create login page.

16. Explain the Architecture of ADO. Net

17. Write a program in C#.net- to demonstrate object oriented concept: Design user Interface.

18. Explain object oriented concept in C# .net.

19. Explain Identity Access management.

20. Write short note on Infrastructure security in cloud Computing.

21. Explain the Contracting Models in Cloud

22. Justify cloud security challenges in detail.

23. What do you mean by cloud contract? Explain in details

24. Explain Identity Access Management?

25. Explain virtual machine security in cloud computing.

26. What are different cloud security challenges?

27. Explain the three tiers of Big data framework.

28. Explain Hadoop core component.

29. Explain with diagram HDFS architecture?

30. List the different techniques used for clustering the big data. Explain k-means clustering

31. Define big data, explain the characteristics of big data in detail.

32. Explain in steps starting & stopping Hadoop cluster.

33. Explain Hadoop Map Reduce job execution with the help of neat diagram.

34. List the characteristics of HDFS. And explain HDFS operations.

35. Explain the clustering Big data and also gives classification of Big data.

36. List & explain the advantages & limitations of different deployment models in cloud computing.

37. Define virtualization. What is the need of virtualization in cloud computing?

38. Explain the role of Networks in cloud computing and also define the various protocols used in it.

39. Explain infrastructure as a service (Iaas) using openstack/ owncloud.

40. Write in brief about virtualization applications in enterprises.

41. What do you mean by virtualization? Explain the pitfalls of virtualization.

42. Explain deployment models of cloud in detail.

43. Explain DAAS and NAAS?

44. List and explain three service model of cloud computing.

45. What are the role of web services in cloud computing?

46. Explain cloud computing architecture.(6M)(S-17)(W-18)

47. Explain the advantages & limitations of cloud computing.

48. With the help of architecture give the overview of mobile cloud.

49. Explain the challenges & legal issues in cloud computing.

50. What do you understand by cloud computing? Explain the characteristics of cloud computing.

51. What are the difference between cluster computing. grid computing and cloud computing.

52. What is cloud computing? Explain essential characteristics of cloud computing?

53. Explain with diagram cloud computing stack?

54. What are different legal issues in cloud computing?

55. Explain Virtualization Security Management and virtual Threats

56. Write short notes on Brokered cloud storage access and Storage location and tenancy.

57. Explain in detail about object storage. File systems or object storage

58. Discuss the design considerations for storage network

59. Write short notes on (i) Software Virtualization (ii) Network Virtualization

60. Explain in detail the various aspects for the need of virtualization in cloud computing.

61. Discuss the operational and economic benefits of SaaS

62. Explain in detail about cloud delivery model

63. Discuss the Regulatory Issues of Cloud Computing and the Government Policies

64. Explain briefly the security concerns of cloud computing.

65. Write short notes on origins of cloud computing.

66. What is the goal of encrypted cloud storage?

67. What is ISCSI?

68. State the limitations of virtualization.

69. State the types of hardware virtualization?

70. What is Google app engine?

71. What is PaaS?

72. State the benefits of cloud computing.

73. State any three essential characteristics of cloud computing.

74. What is GRID AND CLOUD?

75. What is Virtual Engine and Cloud Environment.

76. What is Rules Engine.

77. List out SLA MANAGEMENT IN CLOUD

78. What is Negotiation.

79. What are the steps in SLA?

80. List out Application SLA:

81. What is Admission Control?

82. What is Internal Threats

83. What is External Threats?

84. What are the SECURITY CONSIDERATIONS in cloud?

85. Role of Service Manager.

86. What is Elasticity?

87. What is Dynamic Elasticity.

88. What are the challenges in infrastructures provider?

89. List out three tier architecture.

90. What is SAP Systems?

91. What is Grid Gain?

92. What is meant by Skynet?

93. What is MapReduce.NET.

94. What is Disco in cloud computing?

95. What is Hadoop MapReduce?

96. What is Hadoop.

97. List out features of Map Reduce Model.

98. What is Map Reduce Programming Model?

99. What is Quality.

100. Note on Dynamic ICT Services.

101. What is Changing Markets?

102. What is T-System.

103. What is Basic CometCloud Operations.

104. What are the behaviors in Autonomic Cloudbursts?

105. What is Image Registration.

106. What is Fault Tolerance.

107. List out types of policies in cloudbridging.

108. What is Autonomic Cloudbriding?

109. What is Load Dynamic.

110. What is the goal of Autonomic Cloud bursting?

111. Note on CometCloud.

112. What is Resource Pool?

113. What is Workload Monitoring.

114. What are the resources in Aneka cloud?

115. What is Aneka Cloud platform?

116. What is Customer information Protection.

117. What is Logical Attacks.

118. Difference between Authentication and Authorization.

119. What is PDP.

120. Note on Data privacy protection.

121. What is Multimedia data security?

122. What is WAN.

123. What is LAN.

124. What is Job Monitoring?

125. Note on CaaS.

126. What is RVMS design.

127. What is meant by Microsoft Windows Azure?

128. What is Google App Engine?

129. What is Amazon EC2.

130. What is Leasing Model?

131. What is VM Management.

132. What is meant by anatomy of cloud computing?

133. What is Hypervisor and Xen Server?

134. What is virtual machine monitor?

135. List out types of Virtualization in Cloud Computing

136. What is Virtualization Technology?

137. What is VLAN.

138. What is Transition Challenges?

139. Define Cloud Supply chain.

140. What is Google app engine?

141. What is virtualization?

142. What are the challenges of SaaS Paradigm?

143. Why we use Migrating?

144. What is mean by migrating in cloud computing?

145. Write down note on PaaS?

146. What is mean by IaaS?

147. What is mean by SaaS?

148. Note on Hybrid cloud.

149. What did you meant by community cloud?

150. 4. What is Public cloud?

151. What are the types in cloud services?

152. What is Cloud computing?

153. List out the Phases of CDLC.

154. What is CDLC.

155. What is known as Network Virtualization?

156. Define Server Virtualization.

157. Define Cloud Stack.

158. What are the Components of a Virtual Network?

159. List out the primary types of Storage Virtualization.

160. What is Clustering?

161. List out the Disadvantage of OS Virtualization.

162. What are the Advantages of OS Virtualization?

163. List out the Need for Server Virtualization

164. What are the types of Virtualization?

165. Define Virtual Machine

166. What is Virtualization?

167. Define Cloud Federation.

168. List out the three key Principles of Cloud Computing.

169. What is called Combined Cloud?

170. What are Factors to be considered which designed Cloud based Architecture?

171. What is CDM?

172. List out the types on Cloud is based on its infrastructure.

173. What are the Four types of Cloud Services available in IBM Company?

174. What are the pros and cors of Cloud Computing and Cloud basic Device?

175. What is SaaS?

176. What is PaaS?

177. What is the Step to get Cloud Computing infrastructure for his Business?

178. What are the other Cloud-related techniques?

179. What are Models in Cloud Service?

180. What is Private Cloud?

181. What is Public Cloud?

182. What are the types of Cloud Computing for the Business Purpose?

183. What is the area to process the Cloud Migrations?

184. What are the Disadvantage of Cloud Computing?

185. What are the Advantage of Cloud Computing?

186. What are the types of Cloud Computing?

Questions Bank

View all Questions