✍️ Get Writing Help
WhatsApp
Our customer support team is here to answer your questions. Ask us anything!
Agent
👋 How can we help with you?
💬 Hi, how can I help?

Service Management & Security Concerns

/ Uncategorized / By

MOD005714 Data Centre & Cloud Infrastructures Assignment Part 2 (011)

Service Management & Security Concerns

A cloud service provider for DoDo.Com uses 50 percent of its data centre equipment to setup a cloud infrastructure. The remaining equipment is used for internal operations and for testing. The cloud infrastructure consists of a hypervisor cluster. A resource pool is created by aggregating the available resources of the hypervisor cluster. The cloud infrastructure is used to provide compute services. The services are allocated necessary processing power and memory resources from the resource pool.

The hypervisor cluster is composed of 10 identical physical compute systems containing 2 redundant (passive) compute systems. This means that the cluster can absorb up to two compute system failures and continue to support all services at the same level of performance. The available processing power and memory per physical compute system in the cluster is equal to 20.8 GHz and 96 GB respectively. The existing resources in the data centre can meet capacity requirement of services in short‐term. However, the provider should procure and provision additional resources as required to avoid the capacity issues in future. Further, the provider is concerned about security attacks that may compromise the hypervisors running on the physical compute systems. The provider should take control measures to protect against such attacks.

The capacity management process in a service provider’s organization is shown in the figure. The process comprises several activities, shown in rectangular boxes. The process also consists of conditions. They allow the process to branch into different directions, depending on whether the conditions are met or not.

Given: The thresholds for over utilization and underutilization of resources are 70 percent and 40 percent utilization of total resource capacity respectively. These are used to determine whether the resource pool is over utilised or underutilised.

Assignment Deliverables

Part (a) (500 words maximum)

DoDo.Com is asking you as its cloud provider to establish the required capacity management activities marked by ‘X1’ and ‘X2’ in the previous figure for below cases:

  • Case 1: Processing power already allocated to services from the resource pool is equal to 48 GHz and memory capacity already allocated to services from the resource pool is equal to 122 GB
  • Case 2: Processing power already allocated to services from the resource pool is equal to 112 GHz and memory capacity already allocated to services from the resource pool is equal to 340 GB

Document your calculations and recommend what actions the server provider should take in each scenario with appropriate justifications.

Part (b) (2500 words maximum)

In a formal report, justify to the client what security control measures should be undertaken to address their security concerns especially with regard to cloud compute functions and in particular hypervisor vulnerabilities especially with regard to cloud service providers.

The service provider needs to know what current vulnerabilities exist “out in the wild” with respect to hypervisors affecting service providers and what you predict may become a problem in the future, justified by the use of literature.

Evidence of respected research in to both the theory of hypervisor attacks and documented vulnerabilities is expected. Hint: use of CVE/NVD documented vulnerabilities.

You are expected to minimise any desire you may have to explain basic cloud concepts as this already well known and ignorance will be frowned upon.

You are expected to provide examples of how both current and future vulnerabilities can be mitigated against.

DO NOT JUST MAKE BULLET LISTS OF POINTS COPIED FORM REFERENCE MATERIAL OR THE MODULE NOTES AS WILL ATTRACT MINIMAL MARKS.

Recommendations should be backed with appropriate authoritative accredited references and case study material. Students are expected to compare and contrast between reference material to be able to demonstrate critical analysis.

Part© (1000 words) Lab Portfolio

Reflect on what you’ve learnt from each lab exercise and provide evidence of successful lab completion (screenshots), 1% for each lab exercise that you have successfully completed and provided a reflective summary of (up to a maximum of 10 lab exercises).

Students are required to complete a minimum of 10 self-study weekly exercises (consisting of Cisco CCNA Introduction to Network v7 exams, NDG on line “Cloud and Virtualisation Concepts” Labs and Netlab VMware VCA DCV 6 Labs )as scheduled in the Syllabus

For each lab exercise students should write a Word document which contains:

  • 3-4 screenshots of undertaking the lab exercise (NOT stolen from the worksheet) ideally showing your URL.
  • a 100-word reflection of the lab exercise containing
  • What you learnt from the exercise?
  • What further follow-up research you’ve done following the exercise and evidence in terms of references given (this is crucial otherwise you could fail the component) including at least two URL’s and explain how the research is relevant.
  • What problems you might have encountered?

Each document should be

  • Saved under a MOD005714 Data Centres and Cloud Infrastructures Portfolio heading.
  • Add each lab as a separate page, labelled as the completed lab exercise (with a correct identifying title and lab number e.g MOD005714 Lab 1) and the Word document uploaded.
  • Uploaded to the Canvas e-Portfolio

When a minimum of 10 have been completed, please make the portfolio public to be marked.

The student needs to complete “Lab Portfolio Completion” sheet which contains the details of the completed lab exercises (the files you’ve uploaded to the e-Portfolio), module details, the URL of the completed portfolio and your SID.

This should be submitted on Turnitin by the deadline

Assessment Resources (see Canvas assignment page)

CIS Lab Portfolio Submission Sheet 2020-2021.docx

Adding a student ePortfolio on Canvas

Mark Breakdown

Part (a)

Question PartMark BreakdownWeighting
Part (a) Case 1Resource Calculation & Justification5%
Resource Recommendations for DoDo.com’s Service Provider based on calculations.5%
Part (a) Case 2Resource Calculation & Justification.5%
Resource Recommendations for DoDo.com’s Service Provider based on calculations.5%
Part (b) Security RecommendationsIdentification of current hypervisor vulnerabilities including case study details of potential live exploits.15%
Control measures necessary to protect against known existing vulnerabilities.25%
Prediction of future vulnerabilities that the server provider might need to protect against based on reputable and respected sources.10%
Future control measures needed to protect against unknown attacks.10%
Part© Lab PortfolioFor each summary and evidence of each lab completed, 1% earnt per exercise up to a maximum of 10%10%
OverallReport Presentation & Referencing – Remember formal report guidelines (3rd person) and Harvard Referencing10%

Assignment Part 2 – Hints & tips

  1. http://theinvisiblethings.blogspot.co.uk/2006/06/introducing-blue-pill.html
  2. https://www.symantec.com/avcenter/reference/Virtual_Machine_Threats.pdf
  3. https://www.grc.com/sn/sn-054.pdf
  4. https://www.owasp.org/index.php/OWASP_Cloud_Security_Project
  5. https://www.gartner.com/newsroom/id/3797963
  6. http://www.tomsitpro.com/articles/virtual-security-tips-hyper-jumping,2-776.html
  7. https://downloads.cloudsecurityalliance.org/whitepapers/Best_Practices_for%20_Mitigating_Risks_Virtual_Environments_April2015_4-1-15_GLM5.pdf
  8. https://www.scmagazineuk.com/researchers-query-hypervisor-security-in-future-amd-zen-processors/article/578489/

For faster services, inquiry about  new assignments submission or  follow ups on your assignments please text us/call us on +1 (251) 265-5102