Assessment 2 Cloud Security and Economics
CSE1CFX Cloud Foundations
Background
This assessment covers the cost and security of cloud computing. These factors play a vital role in the decision to move infrastructure to the cloud.
Instructions
The word limit for the assessment is between 1300 and 2500 words not meeting this specification would lead to penalty. The word limit excludes references and appendices.
Your answers should be supported by related literature. You can find many resources online and can also look for research papers at https://scholar.google.com/. Include citations and references and ensure that you use the Harvard format with these.
The following links will help you to produce your bibliography using the Harvard referencing style:
- Referencing at La Trobe
- Bibliographies with Word 2016 (also applies to Harvard style)
Tasks
The assessment is divided into two tasks which carry equal marks. The first task is about cloud economics while the second task covers the different aspects of cloud security.
Task 1 [8 marks]
The cost of cloud computing services is determined by the cost of running datacentres. As shown in Figure 1 AWS has multiple datacentres across the globe.
Figure 1: AWS Global Infrastructure
In this task you would compare the cost of running a cloud datacentre against inhouse IT infrastructure costs. A good starting point for this investigation should be research articles or other online sources. There have been numerous research studies in this area so finding content should not be a challenge. The challenge however would be to find the latest information which is related to comparing costs between Cloud datacentres and inhouse infrastructure.
You should present the results in the form of graphs showing the cost breakdown for running cloud datacentres and inhouse infrastructure. A sample graph has been given below.
Task 2.1 [3 marks]
Is moving to the cloud the best option for every organization no matter their size, security or other requirements? If this is not the case, provide example scenarios to support your answer.
Task 2.2 [2 mark]
Detail a potential threshold at which when moving to the cloud becomes the ideal option.
Task 2.3 [3 marks]
AWS promises a very high level of reliability but what happens when its services break down? Use EC2 as an example and go through the AWS SLA (service level agreement) to identify the liabilities and compensation for customers in case of a failure.
Task 3
This task consists of eight sub-tasks about cloud security which are given below:
Your responses should include examples or real-world scenarios to support your answers.
Task 3.1 [2 marks]
Identify the best practices for securing a user’s data/resources on the cloud. Use AWS as an example to support your answer.
Task 3.2 [2 marks]
What is a DDoS attack? Include two AWS services that can be used to mitigate DDoS attacks in your response.
Task 3.3 [2 marks]
Does AWS provide a built-in firewall for safeguarding users’ virtual machines? If it does, describe the firewall, including cost details.
Task 3.4 [2 marks]
Explain role-based access control in the context of cloud computing. Use AWS as an example to describe the use of roles.
Task 3.5 [1 mark]
List the AWS roles that have been added/granted to your user account.
Task 3.6 [1 mark]
Which security policy is attached to the AWSServiceRoleForSupport role? For this task you will need to login to the AWS console and find the roles that are associated with your account. You should find the security policy there.
Task 3.7 [2 marks]
AWS employs the rule of “least privilege”. What is this and how does it help with security?
Task 3.8 [2 marks]
What is the purpose of AWS security policies? Describe the “CloudWatchEventsServiceRolePolicy” policy and also include your user permission details for this policy.