Table of Contents
Preface xvii
Acknowledgments xxi
Introduction xxiii
Part I Cloud Computing Introduction
1 The Principles of Cloud Computing 3
Identifying Cloud Computing Characteristics 4
Elasticity and Scalability 4
Self-service 6
Broad Network Access 6
Pay-as-You-Go 8
Availability 8
Identifying Cloud Service Models 9
Software as a Service (SaaS) 10
Infrastructure as a Service (IaaS) 10
Platform as a Service (PaaS) 11
Other Cloud Service Models 11
Identifying Cloud Deployment Models 12
Understanding Cloud Shared Responsibility 12
Shared Responsibility Examples 13
Exercise 1-1 Sign Up for a Free Microsoft Azure Cloud Subscription 13
Certification Summary 17
Two-Minute Drill 18
Q&A Self Test 19
Self Test Answers 22
2 The Business Side of Cloud Computing 25
The Business Case for Cloud Computing 26
Ongoing Operating Expenses (OPEX) 26
Information Technology Infrastructure Library (ITIL) and the Cloud 27
Service Level Agreements 28
Chargeback 30
Managing Cloud Costs 30
Reserved and Spot Instances 31
Cloud Subscription Types 32
Licensing 32
Exercise 2-1 Microsoft Azure Pricing Calculator 33
Exercise 2-2 Microsoft Azure Budgets and Alerts 33
Certification Summary 34
Two-Minute Drill 35
Q&A Self Test 36
Self Test Answers 39
Part II Cloud Design Requirements
3 Cloud Planning 45
Cloud Feasibility 46
Feasibility Study 47
Cloud Pilot Program 47
Solving Business Problems with the Cloud 48
Map Computing Requirements to Cloud Services 48
Data Sovereignty and Privacy 48
Cloud Migration Strategies 52
Lift and Shift 53
Rip and Replace 55
Exercise 3-1 Run an On-Premises Cloud Migration Assessment for Microsoft SQL Server 55
Certification Summary 57
Two-Minute Drill 58
Q&A Self Test 59
Self Test Answers 62
4 Compliance and the Cloud 65
Laws, Regulations, and Security Standards 66
Legal and Regulatory Compliance 66
Cloud Service Provider Compliance 68
NIST SP 800-53 68
ISO/IEC 27017:2015 68
FedRAMP 69
Sarbanes-Oxley Act 71
Business Requirements and Cloud Solutions 71
Data Artifacts 71
Cloud Service Provider Security Control Implementation 73
Exercise 4-1 Review Amazon Web Services
Regulatory Compliance 75
Certification Summary 76
Two-Minute Drill 76
Q&A Self Test 77
Self Test Answers 80
Part III Cloud Infrastructure
5 Cloud Storage Infrastructure 85
Storage Media 86
Drive Types 86
IOPS 87
Cloud Storage Configuration 88
File and Object Storage 88
Hot and Cold Storage 89
Replication and Encryption 90
Databases in the Cloud 91
Database Types 92
Content Delivery Networks 93
Exercise 5-1 Create a Microsoft Azure Storage Account 94
Exercise 5-2 Upload Content to a Microsoft Azure Storage Account 95
Certification Summary 97
Two-Minute Drill 98
Q&A Self Test 99
Self Test Answers 102
6 Cloud Network Infrastructure 105
Cloud Network Components 106
Connecting to Cloud Environments 106
Site-to-Site VPNs 108
Client-to-Site VPNs 109
Cloud Virtual Networks 110
Network Protocols 112
Cloud Load Balancing 113
Exercise 6-1 Create a Microsoft Azure Virtual Network 114
Exercise 6-2 Configure a Microsoft Azure ExpressRoute Circuit 115
Certification Summary 117
Two-Minute Drill 117
Q&A Self Test 119
Self Test Answers 122
7 Cloud Compute Infrastructure 125
Virtualization in the Cloud 126
Virtual Machine Sizing 126
Cloud Virtual Machine Components 128
Operating System Selection 128
Virtual Network Interface Cards 131
Routing Table Entries 133
High-Performance Computing 133
Exercise 7-1 Deploy a Windows-Based Virtual Machine in the Cloud 135
Exercise 7-2 Remotely Manage a Cloud Windows Virtual Machine 135
Certification Summary 137
Two-Minute Drill 137
Q&A Self Test 139
Self Test Answers 142
8 Applications and Big Data in the Cloud 145
Service-Oriented Architecture 146
Microservices 146
Content Management Systems 148
Blockchain 149
Crypto currency Miners 151
Cryptocurrency Implementations 151
Application Containers 153
Container Images 153
Containers 154
Big Data Analytics 154
Internet of Things 156
Machine Learning 156
Exercise 8-1 Create a Microsoft Azure Queue 157
Exercise 8-2 Create a Microsoft Azure Container Registry 159
Certification Summary 160
Two-Minute Drill 161
Q&A Self Test 163
Self Test Answers 166
9 Cloud DevOps 169
Software Development in the Cloud 170
Application Programming Interfaces 170
Data Exchange Formats 172
Software Testing 173
Sandboxing 173
Testing Types 175
Continuous Integration and Delivery 175
Code Repositories 176
How CI/CD Works 176
Cloud Resource Deployment 177
Cloud Automation 177
Cloud Orchestration 178
Exercise 9-1 Deploy Cloud Virtual Machines Using Templates 178
Certification Summary 179
Two-Minute Drill 180
Q&A Self Test 182
Self Test Answers 185
Part IV Securing the Cloud
10 Security and the Cloud 191
Confidentiality 192
Encryption 192
Transport Layer Security 195
Data Integrity and Message Authentication 196
Hashing 197
Digital Signatures 197
Availability 197
Identity and Access Management 198
Identity Providers 199
Single Sign-On 199
Multifactor Authentication 200
Exercise 10-1 Check Virtual Machine Disk Encryption Compliance 201
Exercise 10-2 Create a Microsoft Azure Active Directory Tenant 204
Certification Summary 206
Two-Minute Drill 206
Q&A Self Test 208
Self Test Answers 211
11 Managing Cloud Risk 215
Risk Management 216
Risk Assessments 216
Risk Treatments 217
Assets and Threats 218
Asset Inventory 218
Threat Prioritization 219
Threat Mitigation 220
Security Policies 220
Control Objectives and Security Controls 220
Disaster Recovery 221
Continuous Monitoring 222
Security Testing and Auditing 224
Vulnerability Scanning 224
Penetration Testing 225
Exercise 11-1 Secure Data at Rest 226
Certification Summary 228
Two-Minute Drill 229
Q&A Self Test 231
Self Test Answers 234
Part V Appendix and Glossary
A About the Online Content 239
System Requirements 240
Your Total Seminars Training Hub Account 240
Privacy Notice 240
Single User License Terms and Conditions 240
TotalTester Online 242
Ebook PDF 242
Technical Support 243
Glossary 245
Index 259