EMC IT-as-a-Service Expert Exam for Cloud Architects Sample Questions:

1. You have been hired by a large, global manufacturing company to conduct a consolidation assessment.
During the interview process, you determine which applications are most important to the business. Key performance metrics are also collected. You also find:
-Some applications see little or no use -SLAs for mission critical applications are 99.99% -Corporate email is considered proprietary and confidential information -Country specific regulations apply to certain applications
What should you use to determine proper application placement?

A) Application level gap analysis
B) Cloud services assessment
C) Cloud security alliance controls matrix
D) Workload analysis for right-sourcing

2. A government department has converted their internal software development environment into a cloud services offering. The department is actively marketing the capability to other agencies. The other agencies are interested, but identity compliance is a serious concern.
How can the department improve trust within their service offering?

A) Establish a single sign-on capability in the cloud and federate with each subscribing agency using strong authentication policies and end-point access control.
B) Harden the cloud service infrastructure stack. Use geographic location to ensure agencies can only access servers that host their development environment.
C) Identify the confidentiality, integrity and availability requirements for agency data. Use rights management software to restrict access to the agency's own data.
D) Provide a self-service portal that describes how the department's security policy is implemented. Require users to accept the policy each time it is amended.

3. An IT security team is concerned about the authentication traffic patterns that may be required to integrate the private and public clouds. As a result, IT has elected to federate their active directory using ADFS from the private cloud to the public cloud.
One of the design decisions is whether to use a Layer 2, 3, or 7 firewall / switch mechanism between the public and private clouds. There are trade-offs with each choice.
Which network layer would best address this situation, and why?

A) Layer 2, because it provides the best performance and it is easy to isolate problems.
B) Layer 7, because it allows control at the application layer and is policy driven.
C) Layer 2, because it provides the simplest configuration to manage and it is easy to isolate and troubleshoot problems.
D) Layer 3, because it allows segment isolation while still providing high performance levels.

4. A bank is building a private cloud. They plan to offer services to customers and administrative staff. Each group has access to different levels of sensitive data with different performance characteristics. In addition, the bank must comply with PCI regulations when handling certain types of data on a small number of services.
What should a cloud architect recommend to the bank during the cloud design phase?

A) Implement multi-tenancy trust zones through the service catalog for regulated data. Implement
RBAC through the service catalog to protect customer and staff data.
Create resource pools to support the performance characteristics.
B) Implement multi-tenancy trust zones through the service catalog for customers and staff.
Implement RBAC through the service catalog to protect regulated data.
Create resource pools to support the performance characteristics.
C) Implement multi-tenancy trust zones through the service catalog for customers and staff.
Implement service orchestration to support the performance requirements.
Create resource pools to restrict access to regulated data.
D) Implement multi-tenancy trust zones through the service catalog for customers and staff.
Implement IT security mechanisms to protect regulated data.
Create resource pools to support the performance characteristics.

5. Refer to Scenario 3.
A US company has deployed web services within a private cloud. They wish to provide additional web services elastically and distribute them around the globe using a public cloud provider.
The web services have a dependency on a database resource in the private cloud. The web services are deployed through a service catalog as a standardized service offering, which includes an intrusion prevention system that periodically polls a central management server for security updates. The IPS management server is located within the private cloud.
The web services collect highly regulated personal health information about consumers who are located around the world.
Once the web services were deployed into the public cloud, users started complaining about poor performance. Which solution would most likely improve performance of the web services?

A) Allocate additional virtual network interface cards to each web service to increase bandwidth.
B) Select a new internet service provider with a better peering relationship for end users.
C) Implement a global load balancing service as a front-end for the web services.
D) Re-architect the web service to be loosely coupled.

Solutions: