GMR Institute of Technology, Quality Management System

InternalQuestion Paper (GMRIT : QMS)

U.G. Information Technology Degree Bachelor of Technology

Academic Year 2018 – 2019 Test 2 Sem. 6th
16IT005 (Open Course Title
Course Code
Elective) FUNDAMENTALS OF CLOUD COMPUTING
Duration 90 Minutes Maximum Marks 40 (FOURTY)
Remember (%) 5 Understand (%) 54.2 Apply (%) 39.9 Analyze (%) --
SECTION I (Short Answer Questions)
(Answer all the Questions)
5 x 2 = 10 Marks
No. Questions (1 to 5) RBT Level COs
1 Define RTO. Understand
The recovery time objective identifies how much downtime is
acceptable in the event of a disaster. If your RTO is 24 hours, you are
saying that up to 24 hours may elapse between the point when your CO4
system first goes offline and the point at which you are fully
operational again.

2 Explain the cloud security principle “Defense in Depth” Understand

Defense in Depth is the application of multiple layers of protection
wherein a subsequent layer will provide protection if a previous CO4
layer is breached.

3 Explain Back Door attack Remember

A Back-door attack takes place using dial-up modems or
asynchronous external connections. The strategy is to gain access to
CO5
a network through bypassing of control mechanisms, getting in
through a back-door such as a modem.

4 List any two security concepts characteristics. Remember

Integrity , utility, Confidentiality CO6

5 List any two requirements of modern data center Understand

High availability, Service oriented Infrastructures CO6

SECTION II (Long Answer Questions)

(Answer all the Questions)
3 x 10 = 30 Marks
No. Questions (6 to 11) RBT Level COs Marks
Explain “Scaling of Cloud Infrastructure “ in detail
• Scalability is the ability of the system to
accommodate larger loads just by adding
6 (a) Understand CO4 10
resources either making hardware stronger
(scale up) or adding additional nodes (scale
out).
Form No. AC 27. 00.2018 | GMR Institute of Technology, Rajam, Andhra Pradesh. Note to the Students: The
question papers are set in accordance with OBE capturing various cognitive levels of RBT as well as expected
AC 27 COs. This direct assessment tool of Descriptive Examinations is deployed to test the Cognitive Level of
Students w.r.t. Lower Order Thinking Skills.
 GMR Institute of Technology, Quality Management System
InternalQuestion Paper (GMRIT : QMS)

Cloud Planning
Cloud capacity Planning
Cloud management
OR
Demonstrate Cloud Scaling
• The cloud empowers you to alter your
computing resources to meet your load
requirements . You can alter your capacity both
manually (by executing a command on a
command line or through a web interface) and
7 (a) programmatically (through predefined changes Understand CO4 10
in capacity or through software that
automatically adjusts capacity to meet actual
demand).
• The term “Dynamic scaling” refers to proactive
scaling and “auto-scaling” refers to reactive
scaling.

Explain Cloud Disaster management

Definition: Disaster recovery is the practice of making a
system capable of surviving unexpected or extraordinary
failures. -2M
8 Understand CO5 10
Three key things in disaster recovery are:
• Backups and data retention -3M
• Geographic redundancy -3M
• Organizational redundancy.- 2M
OR
Explain Network Security with detailed diagrams
• What is network security?
• Firewalls and security groups are important in
securing your cloud environment and the information
stored in it, as well as preventing malicious activity
9 from reaching your servers or users. Understand CO5 10
• Firewall:
• Typically, a firewall protects the perimeter of one or
more network segments.
• figure given below illustrates how a firewall protects
the perimeter.

Demonstrate Cloud Security Objectives & Services with neat

examples

10 • The U.S. Department of Defense (DoD) Software Apply CO6 10

Assurance Initiative3 defines software assurance as
“the level of confidence that software functions as

Form No. AC 27. 00.2018 | GMR Institute of Technology, Rajam, Andhra Pradesh. Note to the Students: The
question papers are set in accordance with OBE capturing various cognitive levels of RBT as well as expected
AC 27 COs. This direct assessment tool of Descriptive Examinations is deployed to test the Cognitive Level of
Students w.r.t. Lower Order Thinking Skills.
 GMR Institute of Technology, Quality Management System
InternalQuestion Paper (GMRIT : QMS)

intended and is free of vulnerabilities, either

intentionally or unintentionally designed or inserted
as part of the software.”
• The Data and Analysis Center for Software (DACS)4
requires that software must exhibit the following
three properties to be considered secure:
• Dependability — Software that executes predictably
and operates correctly under a variety of conditions,
including when under attack or running on a
malicious host .
• Trustworthiness — Software that contains a
minimum number of vulnerabilities or no
vulnerabilities or weaknesses that could sabotage
the software’s dependability. It must also be resistant
to malicious logic.
• Survivability (Resilience) — Software that is
resistant to or tolerant of attacks and has the ability
to recover as quickly as possible with as little harm
as possible .
OR
Demonstrate Cloud Service Provider Risks with neat
examples

List of Cloud Service Provider Risks :

Back-Door,
Spoofing,
Man-in-the-middle
11 Replay Apply CO6 10
TCP Hijacking
Social Engineering
Social Engineering
Dumpster Diving
Password Guessing
Trojan Horses and Malware

Form No. AC 27. 00.2018 | GMR Institute of Technology, Rajam, Andhra Pradesh. Note to the Students: The
question papers are set in accordance with OBE capturing various cognitive levels of RBT as well as expected
AC 27 COs. This direct assessment tool of Descriptive Examinations is deployed to test the Cognitive Level of
Students w.r.t. Lower Order Thinking Skills.