CompTIA Cloud+ Study Guide. Ben Piper
Чтение книги онлайн.

Читать онлайн книгу CompTIA Cloud+ Study Guide - Ben Piper страница 31

СКАЧАТЬ potential security threats. The vulnerability scanner is an application that has a database of known exploits and runs them against your deployment to see whether your cloud deployment may be susceptible or have security holes that need to be remediated. The scanner will detect and report on weaknesses in your cloud deployment. For example, if you're running an older version of a content management system (CMS) that's easily hacked, a vulnerability scan can alert you to this before you become a victim.

      Penetration Testing

      Penetration testing is the process of trying to exploit vulnerabilities that exist in your infrastructure. Pentesting is usually performed from outside your cloud deployment to assess the ability to access systems into your cloud from, for example, the Internet. Cloud providers have strict rules for how and when you can perform penetration testing, typically requiring advance permission and coordination with the provider. Some examples of penetration testing include trying default or easy-to-guess usernames and passwords and looking for open Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports.

      Performance Testing

      Performance testing (sometimes called load testing) puts a demand or load on your application or compute system and measures the response. By performing load testing, you can determine how your applications and cloud deployment can be expected to perform in times of heavy production usage. Load testing helps you determine a system's behavior under both normal and anticipated peak load conditions. All systems will fail at some point when under heavy loads, and by performing tests, you can identify and rectify any issues on your design.

      Regression Testing

      Frequent software updates are a part of the IT landscape. When you upgrade software to a new version, there's always a chance that a previously working function will break. This phenomenon is called a regression. Regression testing is designed to identify these regressions so that you can decide whether or not to update.

      There was a time when organizations would postpone software updates because they would routinely break things and create troubleshooting headaches for everyone. Although this isn't as much of a problem anymore, it does happen from time to time, so it's important to perform regression testing in a controlled test environment prior to rolling out major software updates.

      Functional Testing

      Usability Testing

      Usability testing considers how easy or difficult it is for end users to use a system. A piece of software might pass all other tests, but the user may still find it difficult, confusing, or frustrating. Such flaws are usually not technical flaws in the code or architecture of a system, but rather flaws in the user interface or a process the user has to follow. Usability testing is designed to catch such flaws early.

      In its simplest form, usability testing consists of having a user attempt to complete a specified task. Usability testing is, in a sense, a more subjective version of functional testing. Functional testing is designed to test whether the software performs a specified function. Usability testing tests whether the user can use the software.

      After you have completed your assessments and needs analysis, you'll have then defined your requirements and which cloud service and deployment models best meet them. The next step is to select a pilot application to migrate to the cloud from your existing data center.

      Prior to performing the migration, the engineering team should sit down and review the complete design, from the application, configuration, hardware, and networking to the storage and security. As part of this verification, it is helpful to stage the system in the cloud as a proof-of-concept design. This allows everyone to test the systems and configuration in a cloud environment prior to going live.

      Correct Scaling for Your Requirements

      The ability of the cloud to scale resources up or down rapidly to match demand is called elasticity. For IaaS services, this can be done automatically as needed using autoscaling. This allows cloud consumers to scale up automatically as their workload increases and then have the cloud remove the services after the workload subsides. For SaaS and PaaS services, dynamic allocation of resources occurs automatically and is handled by the cloud provider. (Later in the chapter, we'll discuss the division of responsibilities between you and the provider.) With elastic computing, there is no longer any need to deploy servers and storage systems designed to handle peak loads—servers and systems that may otherwise sit idle during normal operations. Now you can scale the cloud infrastructure to the normal load and automatically expand as needed when the occasion arises.

      Pay as you grow (PAYG) is like a basic utility, such as power or water, where you pay for only what you use. This is very cost effective because there are minimal up-front costs, and the ongoing costs track your actual consumption of the service. The elasticity of the cloud lets you add resources on-demand, so there's no need to overprovision for future growth. With a normal data center operation, the computing must be overprovisioned to take into account peak usage or future requirements that may never be needed.

      Making Sure the Cloud Is Always Available

      In this section, you'll become familiar with common deployment architectures used by many of the leading cloud providers to address availability, survivability, and resilience in their services offerings.

      Regions

Schematic illustration of cloud regions.

      All of the regions are interconnected to each other and the Internet with high-speed optical networks but are isolated from each other, so if there is an outage in one region, it should not affect the operations of other regions.

СКАЧАТЬ