Cloud Studyguide cv0-002 Samplelesson

Copyrighted Material
The Official CompTIA
Cloud+
Study Guide
Exam CV0-002
Official CompTIA Content Series for CompTIA Performance Certifications

The Official
CompTIA® Cloud
+® Study Guide
(Exam CV0-002)
The Official CompTIA® Cloud+® Study

Guide (Exam CV0-002)
Course Edition: 1.0
Acknowledgements
PROJECT TEAM
Bob Carver, Author

Peter Lammers, Author
Brian Sullivan, Media Designer
Peter Bauer, Content Editor
Thomas Reilly, Vice President Learning
Katie Hoenicke, Director of Product Management
James Chesterfield, Manager, Learning Content and Design
Becky Mann, Senior Manager, Product Development
James Pengelly, Courseware Manager
Rob Winchester, Senior Manager, Technical Operations
Notices
DISCLAIMER
While CompTIA, Inc. takes care to ensure the accuracy and quality of these materials, we cannot guarantee their accuracy, and all
materials are provided without any warranty whatsoever, including, but not limited to, the implied warranties of merchantability or
fitness for a particular purpose. The use of screenshots, photographs of another entity's products, or another entity's product name
or service in this book is for editorial purposes only. No such use should be construed to imply sponsorship or endorsement of the
book by nor any affiliation of such entity with CompTIA. This courseware may contain links to sites on the Internet that are owned
and operated by third parties (the "External Sites"). CompTIA is not responsible for the availability of, or the content located on or
through, any External Site. Please contact CompTIA if you have any concerns regarding such links or External Sites.
TRADEMARK NOTICES
® ®
CompTIA , Cloud+ , and the CompTIA logo are registered trademarks of CompTIA, Inc., in the U.S. and other countries. All other
product and service names used may be common law or registered trademarks of their respective proprietors.
COPYRIGHT NOTICE
Copyright © 2018 CompTIA, Inc. All rights reserved. Screenshots used for illustrative purposes are the property of the software
proprietor. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any
form or by any means, or stored in a database or retrieval system, without the prior written permission CompTIA, 3500 Lacey Road,
Suite 100, Downers Grove, IL 60515-5439.
This book conveys no rights in the software or other products about which it was written; all use or licensing of such software or
other products is the responsibility of the user according to terms and conditions of the owner. If you believe that this book, related
materials, or any other CompTIA materials are being reproduced or transmitted without permission, please call 1-866-835-8020 or
www.help.comptia.org.
The Official CompTIA®

Cloud+® Study Guide
(Exam CV0-002)
Lesson 1: Preparing to Deploy Cloud Solutions............... 1

Topic A: Describe Interaction of Cloud Components and Services... 2
Topic B: Describe Interaction of Non-cloud Components and
Services....................................................................................10
Topic C: Evaluate Existing Components and Services for Cloud
Deployment............................................................................. 16
Topic D: Evaluate Automation and Orchestration Options............. 19
Topic E: Prepare for Cloud Deployment........................................ 26
Lesson 2: Deploying a Pilot Project............................... 35

Topic A: Manage Change in a Pilot Project.................................... 36
Topic B: Execute Cloud Deployment Workflow.............................. 40
Topic C: Complete Post-Deployment Configuration......................48
Lesson 3: Testing Pilot Project Deployments................. 55

Topic A: Identify Cloud Service Components for Testing............... 56
Topic B: Test for High Availability and Accessibility...................... 61
Topic C: Perform Deployment Load Testing.................................. 68
Topic D: Analyze Test Results.......................................................70
| The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) |
Lesson 4: Designing a Secure and Compliant Cloud

Infrastructure.................................................................77
Topic A: Design Cloud Infrastructure for Security................................... 78
Topic B: Determine Organizational Compliance Needs............................84
Lesson 5: Designing and Implementing a Secure Cloud

Environment.................................................................. 91
Topic A: Design Virtual Network for Cloud Deployment.......................... 92
Topic B: Determine Network Access Requirements................................. 95
Topic C: Secure Networks for Cloud Interaction...................................... 98
Topic D: Manage Cloud Component Security........................................ 105
Topic E: Implement Security Technologies............................................ 113
Lesson 6: Planning Identity and Access Management for

Cloud Deployments..................................................... 119
Topic A: Determine Identity Management and Authentication
Technologies....................................................................................120
Topic B: Plan Account Management Policies for the Network and
Systems........................................................................................... 126
Topic C: Control Access to Cloud Objects............................................. 130
Topic D: Provision Accounts................................................................. 134
Lesson 7: Determining CPU and Memory Sizing for Cloud

Deployments............................................................... 141
Topic A: Determine CPU Size for Cloud Deployment............................. 142
Topic B: Determine Memory Size for Cloud Deployment....................... 150
Lesson 8: Determining Storage Requirements for Cloud

Deployments............................................................... 155
Topic A: Determine Storage Technology Requirements......................... 156
Topic B: Select Storage Options for Deployment................................... 159
Topic C: Determine Storage Access and Provisioning Requirements......162
Topic D: Determine Storage Security Options....................................... 166
Lesson 9: Analyzing Workload Characteristics to Ensure

Successful Migration.................................................... 173
Topic A: Determine the Type of Cloud Deployment to Perform............. 174
Topic B: Manage Virtual Machine and Container Migration....................180
Topic C: Manage Network, Storage, and Data Migration........................185
Lesson 10: Maintaining Cloud Systems............................... 191

Topic A: Patch Cloud Systems...............................................................192
Topic B: Design and Implement Automation and Orchestration for
Maintenance.....................................................................................196
Lesson 11: Implementing Backup, Restore, Disaster

Recovery, and Business Continuity Measures................203
Topic A: Back Up and Restore Cloud Data............................................. 204
Topic B: Implement Disaster Recovery Plans......................................... 208
Topic C: Implement Business Continuity Plans...................................... 211
Lesson 12: Analyzing Cloud Systems for Performance........ 217

Topic A: Monitor Cloud Systems to Measure Performance.....................218
Topic B: Optimize Cloud Systems to Meet Performance Criteria............ 221
Lesson 13: Analyzing Cloud Systems for Anomalies and

Growth Forecasting......................................................227
Topic A: Monitor for Anomalies and Resource Needs............................ 228
Topic B: Plan for Capacity..................................................................... 231
Topic C: Create Reports on Cloud System Metrics.................................234
Lesson 14: Troubleshooting Deployment, Capacity,

Automation, and Orchestration Issues......................... 239
| Table of Contents |
Topic A: Troubleshoot Deployment Issues............................................ 240

Topic B: Troubleshoot Capacity Issues..................................................246
Topic C: Troubleshoot Automation and Orchestration Issues................248
Lesson 15: Troubleshooting Connectivity Issues................. 257

Topic A: Identify Connectivity Issues.................................................... 258
Topic B: Troubleshoot Connectivity Issues............................................ 262
Lesson 16: Troubleshooting Security Issues........................267

Topic A: Troubleshoot Identity and Access Issues.................................268
Topic B: Troubleshoot Attacks.............................................................. 272
Topic C: Troubleshoot Other Security Issues.........................................278
Appendix A: Taking the Exams........................................................... 285
Appendix B: Mapping Course Content to the CompTIA® Cloud+®

Exam CV0-002........................................................................... 289
Solutions............................................................................................ 307
Glossary............................................................................................. 313
Index.................................................................................................. 319
About This Guide
While IT professionals today are expected to understand some basic cloud terminology and
concepts, and have likely worked with public cloud or Software-as-a-Service solutions, the
ability to analyze, evaluate, design, and test cloud computing solutions are hard skills to find,
and are in high demand. In this guide, you will apply the skills required to evaluate and
implement standard deployments. You will implement, maintain, and deliver cloud
technologies including network, storage, and virtualization technologies to create cloud
solutions. You will manage workload migrations, manage cloud vendors to control costs,
use automation and orchestration to bring business value from cloud solutions, and ensure
security of cloud implementations through the use of cybersecurity best practices. In
addition, this guide prepares you to pass the CompTIA® Cloud+® exam and earn the
corresponding certification.
Guide Description
Target Student
This guide is designed for IT professionals who wish to develop cloud computing skills to
enable them to move IT workloads to the cloud and integrate products and services from
different providers and industries. Their focus is to ensure that cloud deployments are
secure, that automation and orchestration are used effectively to bring business value from
the cloud, and that costs are controlled through effective management of cloud vendors.
This guide is also designed for learners who are preparing to take the CompTIA Cloud+
certification exam CV0-002, or who plan to use Cloud+ as the foundation for more
advanced cloud certifications or career roles.
Guide Prerequisites
To ensure your success in this guide, you should have 24-36 months’ experience with IT
networking, network storage, and data center administration. You should also have
familiarity with any major hypervisor technologies for server virtualization, basic knowledge
of common cloud service models, and common cloud deployment models.
Guide Objectives
In this guide, you will deploy, test, secure, manage, optimize, and troubleshoot a cloud
solution.
You will:
• Prepare to deploy cloud solutions.
• Deploy a pilot project.
• Test a pilot project deployment.
• Design a secure network for cloud deployment.
• Determine CPU and memory sizing for cloud deployments.

• Determine storage requirements for cloud deployments.
• Plan Identity and Access Management for cloud deployments.
• Analyze workload characteristics to ensure successful migration to the cloud.
• Secure systems to meet access requirements.
• Maintain cloud systems.
• Implement backup, restore, and business continuity measures.
• Analyze cloud systems for required performance.
• Analyze cloud systems for anomalies and growth forecasting.
• Troubleshoot deployment, capacity, automation, and orchestration issues.
• Troubleshoot connectivity issues.
• Troubleshoot security issues.
How to Use This Book

As You Learn
This book is divided into lessons and topics, covering a subject or a set of related subjects. In most
cases, lessons are arranged in order of increasing proficiency.
The results-oriented topics include relevant and supporting information you need to master the
content. Each topic has various types of information designed to enable you to solidify your
understanding of the informational material presented in the guide. Information is also provided for
reference and reflection to facilitate understanding and practice.
At the back of the book, you will find a glossary of the definitions of the terms and concepts used
throughout the guide. You will also find an index to assist in locating information within the
instructional components of the book.
As a Reference
The organization and layout of this book make it an easy-to-use resource for future reference.
Taking advantage of the glossary, index, and table of contents, you can use this book as a first
source of definitions, background information, and summaries.
Guide Icons
Watch throughout the material for the following visual cues.
Icon Description
A Note provides additional information, guidance, or hints about a topic or task.
A Caution note makes you aware of places where you need to be particularly careful
with your actions, settings, or decisions so that you can be sure to get the desired
results of an activity or task.
| About This Guide |

1 Preparing to Deploy
Cloud Solutions
Lesson Time: 2 hours, 30 minutes
Lesson Introduction
Before you can analyze, evaluate, or design cloud computing solutions, you must have a
strong fundamental understanding of the different components commonly used in cloud
computing solutions, and how they interact with cloud-based and non-cloud-based
components and services. Once you have that fundamental understanding, you can evaluate
existing components, applications, and services for potential cloud deployment, and prepare
for those deployments.
Lesson Objectives
In this lesson, you will:
• Describe the interaction of cloud components and services.
• Describe the interaction of non-cloud components and services with the cloud.
• Evaluate the existing components and services for deployment to the cloud.
• Implement automation processes for the cloud.
• Prepare for deployment to the cloud.
2 | The Official CompTIA® Cloud+® Study Guide (Exam CV0-002)
TOPIC A
Describe Interaction of Cloud Components and
Services
Before you can analyze, evaluate, or design cloud computing solutions, you must have a strong
fundamental understanding of the different components commonly used in cloud computing
solutions, and how they interact.
Technical Benefits of Cloud Computing

Technical Benefits of Cloud computing is a disruptive force in Information Technology (IT), with many estimates
Cloud Computing stating that spending on cloud services will outpace that of general IT spending in 2017. There are
both technology and business benefits that are driving cloud adoption. The technology benefits are
perhaps best summed up in the five principles of cloud computing as defined by The National
Institute of Standards and Technology (NIST), which describe the core benefits of cloud
computing:
• Resource pooling: Cloud Service Providers (CSPs) offer a highly scalable environment with
what appears to be infinite resources for their customers. That means anyone who wants access
to computing resources can get access to the resources they need, as long as they pay for it.
• On-demand self service: Customers themselves can add resources they need, when they need
them. This includes compute, memory, storage, or other resources when their workloads call for
it. They can add resources ahead of time or just when needed. Self-service means that
provisioning resources won't be delayed due to CSP processes or staffing.
• Rapid elasticity: Customers can scale their resources up or down through automation and
orchestration. Scripts, programs, Application Programming Interfaces (APIs), and Graphical
User Interface (GUI) components offered by providers allow organizations to automate
provisioning and configuration of resources, which means one or multiple resources can be
rapidly deployed to a fully configured and deployed state. These changes can appear seamlessly
to clients, and eliminates the need to maintain additional, underutilized hardware to
accommodate times of peak workloads.
• Measured services: Services are metered, and customers pay only for what they use, for the
duration that they use them. While there are many ways of measuring cloud service usage, the
concept of paying only for what you need, and only for what you are using, is a core benefit of
cloud computing. This allows organizations to scale up or down as business requirements and
load changes. Any changes made will be reflected in the subsequent month's bill.
• Broad network access: This allows a range of devices, including desktop computers, tablets,
smartphones, and Internet of Things (IoT) devices access to applications and data stored in
the cloud. With more and more people using and relying on these types of devices, this allows
for connectivity from anywhere that has a connection to the Internet to almost any type of
device. This allows for more people to work remotely with the same level of access to
applications, data, and service they would have in a corporate office.
Additional Information
You can view the NIST definition of cloud computing in publication 800145 at this link: http://
nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.
Business Benefits of Cloud Computing

Business Benefits of These technical benefits have been operationalized by organizations of all types to realize the
Cloud Computing business benefits of cloud computing, including:
Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) | 3
• Movement of IT expenses from Capital Expenditures (CapEx) to Operational

Expenditures (OpEx). Organizations no longer need to invest large sums of money up front to
build a computer room and buy computer hardware for their infrastructure. Cloud data centers
have become the computer rooms for many companies. This allows for savings on buying
computer hardware, square footage required for a computer room, as well as things like cooling,
fire suppression systems, security, and so forth.
• Improvement of service quality. Cloud data centers are run by IT experts. These staff do IT
infrastructure maintenance and support, all day, every day. While it's certainly possible for any
organization to hire the same level of expertise, most organizations will be gaining better quality
service and support of their infrastructure by using cloud-based IT services.
• Access to new technologies and services. New services and capabilities, like the ability to
process big data, the ability to add Artificial Intelligence (AI) to applications, and the ability to
render large videos requires massive storage and compute resources. These services would not be
available to many small or medium organizations without large cloud data centers and the
services offered by cloud providers.
Common Types of Cloud Services

The following are some common types of cloud services offered by CSPs. Common Types of Cloud
Services
Service Description
Software-as-a-Service Software, and an app or set of apps, delivered to end users over the
(SaaS) Internet, via web browsers or web apps. Common examples include
Office 365®, Google Apps™, or Quickbooks™ Online.
Platform-as-a-Service Essentially an application development platform including computer,
(PaaS) memory, storage, database, and other app services to developers or
developer organizations as a service. Developers may build software that
is offered as a SaaS offering for sale or use internally to the public.
Infrastructure-as-a- Provides compute, memory, storage, networking, and related software,
Service (IaaS) such as operating systems and databases, as a service to replace traditional
on-premises data center infrastructure.
There are many other services offered by CSPs, including such things as Graphics-as-a-Service
(GaaS), Desktop-as-a-Service (DaaS), and Disaster Recovery-as-a-Service (DRaaS).
Cloud Service Providers

There are many different CSPs, and different types of providers. Four CSPs are the largest, most Cloud Service Providers
well known, and have the largest global cloud resources. There are, however, many more cloud (2 Slides)
providers that are smaller and growing that offer specific cloud services, or that service a specific Consider viewing the
cloud computing market niche. The following table lists the four major CSPs and some of the niche Amazon Web Services,
CSPs: Microsoft Azure, or
Google Cloud Platform
Provider Description home pages as you
review the list of
The "Big 4" Cloud Service Offers SaaS, PaaS, IaaS, and many other cloud services at global providers.
Providers scale.
Amazon Web Services Offers SaaS, PaaS, IaaS, and many other cloud services at global
(AWS™) scale.
Microsoft® Azure® Offers SaaS, PaaS, IaaS, and many other cloud services at global
scale.

Provider Description
Google Cloud Platform™ Offers SaaS, PaaS, IaaS, and many other cloud services at global
(GCP) scale.
IBM Cloud® Offers SaaS, PaaS, IaaS, and many other cloud services at global
scale.
Smaller and "Niche" Cloud
Service Providers
Heroku™ A large provider of PaaS services, including app development,
management, deployment, and scaling.
DigitalOcean™ Another large provider of PaaS services, including app
development, management, deployment, and scaling.
GitHub® A large version control repository service used for collaborative
app development. Developers and developer managers can
review code, manage projects, and build software collaboratively.
QuickBooks Online Provides a cloud-based SaaS version of QuickBooks accounting
software.
BackBlaze Provides cloud-based data backup and data recovery for personal
and business uses.
ClearDATA Provides cloud-related services and solutions specific to the
highly regulated healthcare industry.
This is by no means an exhaustive list. This is just a sample of the different types of CSPs operating
today, with information about how to differentiate their services.
Core Cloud Solution Components

Core Cloud Solution Each cloud provider offers a different mix of components that can be used to create solutions for
Components their customers. The core components listed in the following table are offered by many providers.
Quickly review the Components offered may have slight variations such as the operating systems, database versions, or
entries in the table, and other differentiators supported.
ask students if they have
any examples of each Component Description
type of component as
you mention it. Compute Compute resources are fundamental components of cloud computing
infrastructure and are made of one or more processors, available in
various speeds, coupled with various memory configurations.
Virtual servers and Virtual servers and machines allow customers to configure compute
machines resources that are logically separated from other compute resources you
control.
Containers A type of lightweight image that holds a standalone executable package
that contains everything needed to run a piece of software, including
runtime, system tools, system libraries, and settings. Containers isolate
software from their surroundings and other software. For example, a
container might have all the software and settings to quickly spin up a
new, pre-configured SQL Server® database instance. They also typically
require fewer resources than full virtual machines (VMs), allowing
organizations to put more containers on physical hardware.

Component Description
Storage Another fundamental component of cloud computing infrastructure,
storage can be SSD- or HDD-based and available in a variety of sizes and
speeds, and with various high-availability or disaster recovery options.
Storage is often available by itself to provide file storage, or as part of
systems to support application services.
Database Also a fundamental component of cloud computing infrastructure, both
SQL-based and NoSQL-based databases are offered by most providers to
support application deployment and services.
Network and content Another fundamental component of cloud computing infrastructure,
delivery networking services may include bandwidth guarantees, connectivity
services such as DNS, load balancing for performance and high
availability, and ways to accelerate website and content delivery.
Security, identity, and These might include Identity Management and Access services for
compliance managing user IDs and authentication on-premises and in the cloud, and
any number of services to secure, monitor, and protect your
infrastructure as well as help you maintain compliance with regulations
such as PCI-DSS and HIPAA, while using cloud services.
Application services These services are designed to help developers and organizations deploy
and integrate highly scalable, secure applications using the provider's
cloud-based infrastructure. These services might include coding
frameworks, reference architectures, APIs, and other services.
Developer tools Tools that help developers write code and applications that will perform,
scale, and function securely on cloud platforms, while being able to take
full advantage of any application services that are offered.
Additional Cloud Computing Components

Additional types of cloud computing components may only be offered by some providers, Additional Cloud
depending on the market they serve. Computing Components
Analytics These services allow cloud clients to monitor and measure performance
of their cloud applications and services to gather insights from data and
applications.
Migration Some providers offer services that make it easier to move existing data,
applications, and services from on-premises, or even other cloud
providers, to their cloud platform.
Management tools These are command-line and GUI tools, along with services and
applications that allow cloud service system operators to manage,
provision, maintain, and automate tasks on systems, services, and
applications on the cloud platform.
Artificial intelligence Artificial Intelligence (AI) is software that can perform analysis and
critical decision making normally done by humans. Some cloud providers
provide services, APIs, and frameworks that allow clients to integrate
artificial intelligence services into applications and services.
Mobile services Some cloud providers may offer services, APIs, Software Development
Kits (SDKs), and integrations that allow access to cloud services and
applications from mobile devices and mobile apps.

Messaging These are services and APIs made available by cloud platforms to allow
services and applications to send and receive messages to clients and each
other as part of their operations. Messages may entail queuing services,
notification services, email services, or other services.
Business productivity These are common Software-as-a-Service offerings such as Office 365
and Google Apps used for office productivity.
Desktop and streaming These services are offered by some providers as Desktop-as-a-Service.
They allow a full desktop with apps, files, and data to be accessible from
anywhere.
Software development Many providers such as Apple, Google, Azure, and Amazon have
and publishing marketplaces where app publishers can sell software applications such as
games for applications for general use, or apps that can enhance cloud
services.
Internet of Things The Internet of Things devices are connected devices that can access and
utilize data and services in the cloud to provide enhanced, or smart,
functionality.
Common Cloud Deployments

Common Cloud There are three common cloud computing architectures.
Deployments (2 Slides)
Ask students if their Deployment Type Description
organization has any
cloud services, and if so, Public cloud In a public cloud architecture, a CSP makes computing components
what architecture those available to the general public. Public cloud clients share the resources
services are deployed available from the CSP through multi-tenant hosting, which shares
with. hardware with multiple clients, but provides each client with dedicated
compute, memory, storage, and other resources. Public cloud is very
popular because it is generally a low-cost cloud option, and hardware is
managed by the provider.
Private cloud In a private cloud architecture, an organization sets up their own
centralized data center to provide compute components for their offices.
This way, the organization gets some of the advantages of cloud
computing such as a centralized, well-managed data center that is
accessible to their users in all locations, while retaining full control of the
hardware, software, and data. Larger enterprises, or organizations that use
data that is heavily regulated, such as banks or other financial institutions,
may use private clouds. The downside is the expense of setting up a
centralized data center, staffing it with experts, and maintaining
components.
Hybrid cloud In a hybrid cloud architecture, an organization has some compute
resources in public clouds, while others remain in on-premises data
centers. The advantage of hybrid cloud is that, for the infrastructure,
applications, and services which reside in the public cloud, the
organization gets to take full advantage of cloud technology, and business
benefits. At the same time, they can keep sensitive or regulated
infrastructure, applications, and data on-premises. Many organizations of
all sizes opt for this best of both worlds approach.

Deployment Type Description

Community cloud A community cloud is similar to a public cloud, but the community cloud
is designed to support a specific community with similar needs, concerns,
and services required. These might be security, compliance, jurisdiction,
and so forth. Community cloud might be started by a group of
organizations, or provided by a CSP to those types of organizations. For
example, a CSP may provide community cloud services to healthcare
providers concerned about the HIPAA act.
Further Deployment Differentiation

Cloud deployments may be further categorized in the following ways:
• Single server. A small business may deploy a single server, all-in-one solution through a cloud
provider to house all of their internal applications and data to avoid the need to have a computer
room, and to gain the key benefits offered by cloud environments. Essentially, if a small business
only has one server on premises, then they may opt to create the same infrastructure in the
cloud. A new small business that requires only a few apps may choose a single server deployment
to keep management simple, and costs low.
• Single cloud architecture. Of course, as organization's grow and their needs change, they may
add services independent of application infrastructure such as storage, or SaaS applications such
as email or office productivity suites. In many instances, all of these services are provided
through a single Cloud Service Provider (CSP). In both cases of the single server and the
multiple services offered through one cloud provider, the architecture is considered a single
cloud architecture. Microsoft, with its popular productivity suite, Office 365, and robust cloud
services through Azure, has many customers that use a Microsoft-only, single cloud architecture.
Using a single cloud architecture offers some advantages as CSPs usually provide APIs and tools
that allow clients to easily integrate their different services. Clients risk vendor lock-in. If a CSP
suffers an outage, their clients may be offline for the duration. Also, if a CSP depreciates a
service that a client needs, they may be forced to move to a new provider to get similar services.
• Multi-cloud architecture. More common, and becoming the de facto cloud standard, are multi-
cloud architectures where an organization uses services from multiple cloud vendors. These
applications often need to integrate and communicate with each other, creating a multi-cloud
architecture. An example of a multi-cloud architecture might be an organization that uses
Microsoft's Office 365 productivity suite, Slack messaging for internal communications,
Dropbox™ to share files, and Google Cloud to create and deploy software applications.
SLAs
To obtain cloud services, organizations sign contracts with their selected CSPs. For the agreed-upon SLAs
fee, the CSP agrees to provide a defined set of resources such as compute, storage, and so forth, for
a period of time. There may be any number of other qualifying factors or specifications in the
contract. The contracts often automatically renew at a specified interface, such as monthly or
annually. What the CSP is obligated to deliver is specified in their Service Level Agreement (SLA).

Figure 1-1: Microsoft Azure SLAs.
CSPs have different types of agreements that may include:

• Master Subscription Agreements (MSAs): These typically define the roles and responsibilities
of the CSP and client. They also describe what procedures and processes will be used while the
contract is in place.
• Service Level Agreements (SLAs): These detail a set of service key performance objectives
such as up time and response time, and may also specify security and compliance objectives.
SLAs usually also define remedies for clients if the CSP fails to meet the objectives defined in the
SLA. Cloud administrators should read, understand, and compare SLAs when evaluating CSPs.
You should have a good understanding of what your organization needs from a CSP in order to
use cloud services successfully, and should make sure those needs are met by the performance
objectives documented in the SLA. If they don't, a custom SLA may need to be negotiated, or a
different CSP selected. Deployment pilots and test phases are also critical in determining if cloud
services are responsive enough to meet organizational needs.
• Quality of Service (QoS) Frameworks: These contracts may be between clients and CSPs, or
clients and their Internet Service Provider (ISPs) who provide high-speed links to the cloud. QoS
tracks high speed network communication parameters including bandwidth, latency, jitter (which
is fluctuations in latency), and reliability. QoS frameworks use routing and processing algorithms
to measure and improve network performance, and in many cases guarantee network
performance. ISPs may offer QoS services, including hardware and software, to guarantee
network performance.
Most small, medium, and event enterprise customers will end up using the standard CSP, but very
large organizations, and other organizations with special requirements, can and do negotiate special
SLAs with CSPs for additional cost. Custom SLAs are becoming very rare for off-the shelf services.
They may be negotiated as part of a large migration or service purchase from a CSP.

Additional Information
You can see the SLA summary for Microsoft's Azure services here: https://
azure.microsoft.com/en-us/support/legal/sla/summary/.
Cloud Component Interaction

Components in the cloud interact much like they do in an on-premise network. There is a physical Cloud Component
host server that has VMs running on it. Those VMs will access resources on the host such as CPU Interaction
and memory. The VMs will also have access to the cloud network defined for that cloud
environment. This gives the VMs access to other objects in the cloud such as databases, other VMs,
etc. Any apps running on those VMs will also have access to the cloud network and objects.
Figure 1-2: Interaction of cloud components.
Guidelines for Describing Cloud Component Interaction

When analyzing trends that make cloud computing desirable, consider the following guidelines: Guidelines for
• When justifying your cloud project to management and key stakeholders, remember to map Describing Cloud
Component Interaction
cloud benefits to organizational goals, increased organizational capabilities, and costs savings.
• Research common cloud architectures used by other organizations that have deployed cloud
projects similar to those your organization is considering. Review the pros and cons of each
architecture to help decide which is best for you.
• Consider calling cloud administrators who have implemented cloud projects similar to those
you're considering, to see if they are happy with their architectural decisions or if they would
make changes or additions based on their experience.
• When planning a cloud project or moving into a cloud deployment, map out all cloud
components and how they will interact. Documenting this will help you identify possible
problem areas, and troubleshoot issues that might arise and may illuminate the need for
additional services or configurations.
• When considering cloud services, compare MSAs and SLAs from multiple vendors.

TOPIC B
Describe Interaction of Non-cloud Components
and Services
In most scenarios, outside of using isolated Software-as-a-Service solutions, cloud solutions will
have to interact with non-cloud services that run on-premises. Prior to deploying any cloud
solutions, your cloud project team should have a thorough understanding of any expected
interaction with non-cloud services, and should take steps to ensure that those interactions can take
place efficiently and securely. In this topic, you will describe the interaction of non-cloud
components with cloud solutions.
Non-cloud Network Resources

Non-cloud Network Cloud-based solution components and services will communicate with one another using cloud
Resources provider networks. Cloud providers are responsible for ensuring their components can access each
other, and have adequate bandwidth to accommodate customer needs. However, CSP customers
must provide network access to allow their employees, partners, and customers to use cloud
services. Organizations must carefully plan network access and calculate requirements, especially if
moving applications from on-premises to the cloud. On-premises communications often happen
over high-speed gigabit Ethernet connections, whereas connections to cloud services will likely
happen over much lower speed wide area network types of connections.
Figure 1-3: Non-cloud network resources.
Before deploying a cloud solution, measure network load generated by users, and any expected
communications required between the cloud solutions and any non-premises compute resources
such as:
• Authentication requests.
• Database queries for apps and directory services.
• Data transfer for both apps and file storage.
• Any application-related notifications or other types of communications.
Before deploying a cloud solution, ensure you have adequate bandwidth to support access and use
of cloud solutions at both non-peak and peak workload. It's often desirable to use network protocol
analyzers and other tools to measure communications between prospective cloud solutions and non-
cloud components for days or even weeks to get an accurate estimate of the bandwidth needed.
Lesson 1: Preparing to Deploy Cloud Solutions | Topic B

Non-cloud Security Apparatus

Networks are often guarded by multiple security mechanisms as part of a layered security, or Non-cloud Security
defense-in-depth, approach. Apparatus
Ask students what types
of security apparatus is
in use on their networks.
Figure 1-4: Non-cloud security apparatus.
These security mechanisms may be software- or hardware-based and many include any or all of the
following:
• Firewalls
• Proxy servers
• Encryption technologies
• Antivirus software
• Anti-malware software
• Intrusion detection and prevention systems
Security apparatus must be configured to allow all necessary and proper communications between
cloud solution components and on-premises systems and services. The firewalls and proxy services
must allow requests and responses to pass back and forth. The solution should work with
encryption technologies as required and appropriate. Antivirus, anti-malware, and intrusion
prevention systems should not see normal solution communications and traffic from cloud
components as a threat. To ensure this, normal communications traffic, and the ports and protocols
used, should be documented and security apparatus configured to pass traffic, and act—or not act—
on traffic as required for cloud solutions to operate successfully.
On-premises Computing Services

On-premises software and resources are installed on corporate controlled servers and devices that On-premises Computing
are located in corporate controlled data centers rather than in cloud-based data centers. Many cloud Services
solutions must have access to these non-cloud apps and resources in order to function correctly,
especially in hybrid cloud deployments. Organizations that are deploying cloud solutions must
ensure that those solutions can access any non-cloud computing services required to provide
required services.

Figure 1-5: On-premises computing services.
For example, a cloud-based payroll application may access on-premises systems through an API to
look up employee wage scales, commission data, or other data necessary to create paychecks. That
same cloud solution may need to save payroll reports to a file share on an on-premises file server.
Cloud solutions often need to access more than one computing service. For example, a cloud-based
app may need to access an on-premise inventory database during a purchase, and on-premises email
systems to send a confirmation after a purchase.
When deploying cloud solutions, work with application developers, users, consultants, and other
knowledgeable parties to understand which non-cloud systems a cloud solution will require access
to, and to develop post-deployment tests that will verify the cloud solution can access the non-cloud
systems it needs to function.
Authentication
Authentication Users must authenticate in order to access an organization's compute resources, which includes
This course addresses cloud-based resources and solutions. Cloud service providers offer authentication and identity
cloud security generally, management mechanisms, but organizations often desire to provide single sign-on for their end
and identity access and users. This allows users both on-premises and cloud resources using a single set of credentials, and is
management more secure. In many cases, authentication and identity management will be handled by on-
specifically, in later premises, non-cloud systems. Any cloud solutions that you wish to access using identities managed
lessons. by on-premises systems will need to integrate in some way with the on-premises identity and access
management services. In the same way, any cloud solutions or services that must access on-premises
components will need to authenticate in order to gain access to those services. Integration may take
place through federation or through some other process.

Figure 1-6: Authentication.
Other Non-cloud Services

Cloud solutions may need to interact with a number of other on-premises services, including: Other Non-cloud
• Monitoring software that tracks traffic into or out from the network, or to specific hosts. Services
• Logging software, which may log certain activity such as access, authentication, or other types of
security events.
• Compliance services that track, log, or report specific types of transactions or activities to
maintain compliance with regulatory laws.
• Reporting services that may collect data for regular reporting. For example, a service may track
access to specific internal resources and create weekly reports for bill-back to each department
based on use of resources.

Figure 1-7: Other non-cloud services.
Cloud solutions should be tested during proof of concept and pilot deployments to make sure they
interface correctly with these other services. For example, if software is used to log access to a
secured on-premises application, administrators should make sure access to the application by the
cloud solution is tracked appropriately as dictated by corporate security policies.
User Interaction Components

User Interaction One non-cloud system that cloud solutions will likely have to interface with frequently is users.
Components When deploying cloud services, you should account for the different ways that users will interact
with cloud solutions, and the different type of support they will need. Users might use a web
browser on a desktop or mobile devices, or may use an in-house application. For example, the
corporate time and attendance app might pull hours and wage data from a solution in the cloud, but
may display benefit information based on data from a non-cloud system.

Figure 1-8: User interaction components.
Interface elements, regardless of the technology used to present them to users, must be able to
interface with cloud and non-cloud services, and perform the functions required by end users.
Information supplied to the end user must be formatted correctly so that it can be displayed and
understood by the user. For example, data regarding vacation time must fit in the field provided in
the user interface and must be formatted to the correct number of decimal points. Additionally, if a
cloud-based application is new, or the interface has been updated, provide users with training so that
they can quickly start using the app effectively. Furthermore, IT teams should be prepared to
provide ongoing support for end-user questions or issues for any cloud service they deploy. This will
improve user perception of the app and the cloud deployment and migration process, which in
many cases will leave both users and executives feeling the move to the cloud has been successful.

TOPIC C
Evaluate Existing Components and Services for
Cloud Deployment
In preparation for cloud solution deployment, an organization should evaluate existing systems
based on the type of deployment they are considering. They should evaluate all components that will
interact as part of the cloud solution to ensure the solution can function as required within security
structures and requirements of the organization. In this topic, you will evaluate existing components
and services for cloud deployment.
Systems and Platforms

Systems and Platforms When looking at which systems may be a good fit to move to the cloud, both the operating system
currently in use and the platform the operating system is running on should be evaluated. In most
cases, organizations are hoping to gain the benefits offered by cloud computing environments
without losing any of the existing functionality. However, it is possible that specially built legacy
systems may offer features or capabilities that aren't available on cloud-based systems. The lack of
these features or capabilities may impact app performance, or even the features of the app.
For example, modern business has for the most part standardized on the x86-64-bit chipset
architecture. Multiple operating systems including Windows, Linux, and macOS run on that chipset.
Those applications use a common instruction set to access chipset resources and features. But some
larger organizations have systems such as the IBM AS/400 and IAZ that are actively in use, and
IBM operating systems only run on IBM hardware. Moving the operational functionality for an IBM
AS/400 system to the cloud may not be feasible. Instead of a migration, you might need to recreate
the services offered on the AS/400 or AIX system on cloud-friendly systems, which is not a
migration, but a complete rewrite of existing applications. It may be much more cost effective to
continue using the IBM systems on-premises and make sure they can be accessed from any cloud
systems that need to interface with them.
To evaluate systems and platforms to determine if they are a good fit for the cloud, validate that
system devices are compatible with the x86-64-bit chipset architecture or can be virtualized on that
architecture, such as x86-32-bit chipset architecture apps. Simply put, the systems you wish to move
to the cloud have to work with the systems and architectures offered by your provider of choice.
Applications
Applications As with systems and platforms, the goal of moving an application to the cloud is to gain some or all
of the core benefits offered by the cloud. These may range from replacing a legacy in-house app
with a SaaS app, to moving a legacy app to virtual hardware in the cloud so that it is easier to
maintain. You may also be able to scale and extend the application. Moving an app to the cloud
provides nearly unlimited scalability and performance for the app as the organization or user base
grows. It also allows you to take advantage of cloud deployment options such as an app store, or
cloud features that make the app more available for mobile devices, or add notification,
communication, or integration features using cloud provider APIs.
Choosing which applications are a good fit for the cloud is very important. A problematic cloud
application deployment will cost an organization money in increased expenses related to deployment
and support. It may also cost the organization in terms of lost productivity, lost customers, and loss
of reputation if a critical system loses key functionality or becomes inaccessible for a long period of
time.
When evaluating applications, look for these issues that may indicate the apps are not a good choice
for the cloud:
Lesson 1: Preparing to Deploy Cloud Solutions | Topic C

• Applications that require direct access to hardware. Some older apps don't work in
virtualized environments. If this is the case, moving the app will not likely provide much benefit.
It will run and function the same way on a dedicated piece of hardware provided by the CSP. To
take advantage of cloud benefits, the app will likely need to be rewritten.
• Applications that use or require hard-coded IP addresses. Hard-coded IP addresses are
apps that have the IP addresses of specific systems written into connection strings in the code.
This is always bad coding practice, but the number of in-house applications with this issue is
staggering. If an app uses hard-coded IP addresses, the ease or difficulty of removing them will
depend on the size of the code bases and the number of references to the address. Regardless of
how the issue of hard-coded IP addresses is addressed, apps with this issue may not be able to
move to a different subnet on-premises, much less to a cloud data center.
• Latency sensitive apps. Some apps, either through design or for other reasons, may not work
over WAN links; for example, a client/server app designed for frequent polling between client
and server. These apps may be stateless or may require constant or nearly constant
communication. In short, they were designed to operate on a high-speed LAN. The latency
introduced by accessing these apps over lower-speed WAN links can cause clients or the server
to throw an error or even disconnect, or fail to establish a connection altogether. In some cases,
apps may simply communicate inefficiently. They may communicate more frequently than is
needed, send too much data during communications, or fail to compress or optimize data sent.
These types of apps typically need to be rewritten before being deployed to the cloud.
• Apps that transfer very large files. Given the slower speed of WAN links, apps that transfer
large data files—many multi-megabyte or multi-gigabyte files—may also not be a good fit due to
the performance impact of moving the app off a high-speed LAN.
• Apps that use outdated APIs or APIs that are not supported by the CSP. While the app in
question may function adequately as-is using outdated APIs, the app may not be able to use the
development APIs available through the CSP. This may make some very desirable cloud features,
such as rapid scaling or integration with other cloud services, unavailable. That, in turn, might
make deploying the app to the cloud not cost effective.
Cloud Elements and Target Objects

Evaluate the services offered by your CSP to ensure you have access to all the cloud elements Cloud Elements and
needed for your deployment. From your analyses of existing systems, platforms, and apps, you Target Objects
should have a strong understanding of the services that will be required to make your deployment
successful. Verify that you have the CSP resources subscriptions necessary. These may be databases,
development tools, app support technologies, or other services. For example, you may have to pay
for application notification services separately from application hosting. Along the same lines, verify
that you have the target objects, such as hosts, VMs, or containers necessary, and with the correct
resource and connectivity configuration required to complete the deployment.
Figure 1-9: Evaluate the services offered by your CSP.

Other Components and Services

Other Components and Verify that other components and services that will be required for a successful deployment are also
Services available when the deployment is scheduled to occur. This will include any systems and services to
be directly integrated with what is being deployed to the cloud. It may include services and systems
for:
• Authentication.
• Security.
• Compliance.
• Monitoring.
• Logging.
• Reporting.
• Integration.
Guidelines for Selecting Systems and Applications for Cloud

Deployment
Guidelines for Selecting When selecting the systems and applications for cloud deployment, consider the following
Systems and guidelines.
Applications for Cloud
Deployment
• Look for systems, platforms, and apps that are x86-64-bit chipset architecture compatible, as
most providers offer compute resources for that architecture.
• Whenever you're considering moving a system or application to the cloud, have a fallback plan in
case cloud deployment fails. The ability to revert back to the system or application that was in
use prior to cloud deployment can save the costs of lost productivity, lost access, and loss of
reputation.
• When evaluating which applications to deploy to the cloud, examine the business goals that are
driving consideration of the application. Are they goals such as increased scalability or easy
deployment that the cloud is well suited to deliver? Also ensure the application code can be
extended effectively without rewriting the entire code base to take advantage of cloud features. If
extensive rewrites are required, it may be better to continue using the legacy app as-is for a
period of time while developers build a new version of the app using modern code, cloud tools,
and APIs.
• While your evaluation of systems, platforms, and apps for cloud deployment should tell you the
cloud services you must purchase, some providers can break out services in unexpected ways.
For example, you may have to pay for application notification services separately from
application hosting.
• When preparing for a cloud deployment, it's often a good idea to review the full list of cloud
services available from the CSP and note any that you think may be required to make your
project successful. Talk to the provider and system, platform, or app experts to verify what
services are needed.

TOPIC D
Evaluate Automation and Orchestration Options
As part of preparing to deploy a cloud solution, organizations should also evaluate automation and
orchestration options available from the provider generally and for the solution specifically. In this
topic, you will evaluate cloud automation and orchestration options.
APIs
CSPs provide Application Programming Interfaces (APIs) to allow programmatic access for APIs
administration, management, and monitoring of their services. Cloud APIs provide for web-based
client and server communication. These APIs commonly utilize the Representational State Transfer
(REST) and Simple Object Access Protocol (SOAP) frameworks, as well as cross-platform and
vendor-specific APIs.
Figure 1-10: Cloud APIs.
Cloud APIs provide access to most CSP services and components for provisioning and
configuration. Many also provide access to data exchange for client or third-party application
integration. Naturally, services that are accessed through APIs should be secured to prevent
unauthorized access to data and configuration. Here are a few examples how cloud APIs might be
used:
• Provisioning of compute, storage, networking, and other services for use as part of any cloud
solution.
• To provide third-party or integrated connectivity for data exchange or interaction with a SaaS
software suite.
• To provide provisioning and connectivity to CSP-specific application platform services such as
message queuing or other back-end architecture services required for building highly scalable,
feature-rich applications.
Cloud APIs might be used by a web-based management tool that provides a graphical user interface
for manual management, or might be used by scripts for automated or orchestrated management.
Automation vs. Orchestration

Cloud automation is the completion of a cloud-related administrative task without human Automation vs.
intervention. Depending on the CSP and the tools they provide, task automation steps may be Orchestration
configurable through a GUI control panel through scripts run in management tools. Tasks can be We'll be covering
automated to provision resources, add accounts, assign permissions, and any number of cloud tasks. automation and
Automation capabilities built into cloud services are a key benefit as they allow administrators to orchestration where
perform tasks at scale with fewer errors, and combine tasks into orchestrated workflows also relevant in each topic
referred to as orchestration. Orchestration is extremely powerful because entire administrative covered in the course.
Lesson 1: Preparing to Deploy Cloud Solutions | Topic D

functions can be automated and run in sequence. For example, an administrator can orchestrate a
series of scripts to run when a new VM must be added to a web farm. The provisioning of the VM,
and all tasks needed to add the VM to the web farm, are automated and run in the correct sequence.
Figure 1-11: Automation vs. orchestration.
Automation and orchestration are sometimes considered activities for post-deployment

administration and maintenance of cloud solutions. Although they certainly are, automation and
orchestration can also be extremely helpful during deployments. For deployments that require
provisioning of numerous hosts, VMs, containers, or spin up of a number of cloud services,
automation and orchestration can save time and help reduce errors for repetitive tasks. As part of
your preparation, you should research how automation and orchestration might facilitate your cloud
deployment.
Cloud Automation Options

Cloud Automation Automation of cloud administration is used to streamline repetitive tasks. Automating repetitive
Options tasks saves time and reduces the likelihood that erroneous configurations will be implemented
because script authors can create scripts that request specific information during execution and
validate configuration parameters against allowed standards.
The following types of automation options are commonly available from many cloud service
providers.
Automation Option Description
Command Line Interface (CLI) Provide administration from the command line where specific
commands commands and their parameters can be executed to perform
administrative tasks from provisioning to configuration and
monitoring.
Web and graphical user Provide a graphical interface that is often easier to use for manual
interface (GUI) tools administration and configuration tasks. These tools often provide
graphic icons, prompts, and other rich information to aid in
selection and configuration of cloud elements.

Automation Option Description

Cloud portal tools Many CSPs provide one or more portals, which are central
management and configuration tools. These are often graphic
tools that either allow for management of many CSP elements, or
provide a central way of accessing and launching web and GUI
tools.
Third-party tools Solutions that integrate with cloud services to provide features,
capabilities, or an enhanced management experience. May also
provide GUI or command-line management tools.
Orchestration Techniques
Whereas automation focuses on making a single, discrete task easily repeatable, orchestration Orchestration
automates an end-to-end process, including management of all related services. For example, you Techniques
might orchestrate adding a new VM to a load-balanced cluster. This end-to-end process might
include provisioning the VM, configuring it, adding the new VM to the load-balanced cluster, and
reconfiguring the load-balancing weight distribution given the new cluster configuration. In doing
this, the orchestrated steps would have to run numerous automated scripts. That is another way of
looking at orchestration—as automating the automation—as part of a defined process with a
defined workflow.
For orchestration to work properly, automated steps must occur in the right sequence, taking
dependencies into account; must provide the right security credentials at every step along the way;
and have the rights and permissions to perform the defined tasks. Orchestration can automate
processes that are very complex, requiring dozens or hundreds of manual steps. Orchestration is
considered to be key to truly enabling the core cloud benefit of rapid elasticity.
The common uses for cloud orchestration are:
• Resource orchestration to provision and allocate resources to cloud environments or solutions.
• Workload orchestration for management of apps and other cloud workloads and the
components essential to those workloads.
• Service orchestration to deploy services on servers or cloud environments.
Cloud Management Platform

Orchestration is provided by a provider or third-party Cloud Management Platform (CMP). The
CMP provides an API and a web portal interface and access to the catalog cloud provider
components that can be managed. The CMP typically has abstraction layers for service management,
resources management, and orchestration. The orchestration layer handles the control, governance,
and coordination aspects of service delivery processes.
Orchestration for DevOps (Infrastructure as Code)

DevOps, or developer operations, started as a concept around automating the processes between Orchestration for
software development and IT teams with the goal of building and releasing software faster and more DevOps (Infrastructure
reliably. In essence, by creating a highly orchestrated environment, IT personnel and developers as Code)
could build, test, and release software faster and more reliably. The use of DevOps has proven to
allow for more rapid and continuous improvement of software under development. Since its
inception, the practice of using a highly orchestrated environment to ensure rapid provisioning,
reliable configuration, and robust responsiveness has moved beyond just software development to
the entire infrastructure. The practice of bringing a DevOps approach to infrastructure management
is often referred to as "Infrastructure as Code." This robust and pervasive approach to orchestration
can potentially lower overall IT costs, speed up deployments, and reduce friction between system
and development teams. It can also reduce the number of IT staff required to deploy and maintain
cloud solutions, or free up IT staff to perform higher-level IT functions. Many consider a DevOps

approach to administration as the only way organizations can take full advantage of the potential
benefits offered by cloud service providers.
Figure 1-12: DevOps.
Custom Programming Options

Custom Programming Developers can write code that utilizes CSP APIs to perform management, automation, and
Options orchestration tasks. While in many cases it would be more time consuming to duplicate the features
offered by a cloud management platform for the purposes of orchestration, there are situations
where custom coding may be required to fully automate discrete tasks or orchestrate an entire
process. Developers can write custom code using CSP APIs or CMP APIs to facilitate automation,
orchestration, and DevOps goals.

Figure 1-13: Custom programming options.
Third-Party Tools for Orchestration

Several third-party cloud orchestration services have emerged as leaders in the industry. These cloud Third-Party Tools for
orchestration platforms connect to and provide administration, management, and orchestration for Orchestration
many popular cloud platforms and services. One of the advantages of using a third-party
orchestration platform is protection from vendor lock in. If you wish to migrate from one cloud
provider to another, or wish to move a multi-cloud environment, automated workflows can often be
adapted for use on new platforms.

Figure 1-14: Third-party tools for orchestration.
Industry leaders in this space include:

• Chef automates configuration, deployment, and management of applications across the network
using cookbooks to determine how each node should be configured. Cookbooks consist of
multiple recipes, which are automation scripts for a particular service that's written using the
Ruby language. Chef™ can manage anything that can run the Chef client, including physical
machines, virtual machines, containers, or cloud-based instances. A Chef server provides a
central repository for all configuration data, and communications between the Chef server,
clients, and notes is done through encrypted communication. Chef caters to developer-centric
teams experienced in Ruby programming. It has a longer history supporting app development
and app teams (DevOps). Some consider the tool coding heavy.
• Puppet is similar to Chef. It requires installation of a master server and client agent in target
nodes, and includes an option for a standalone client. Modules can be downloaded and installed
using Puppet® commands. Puppet caters more to traditional operations teams and doesn't
require as much Ruby programming experience. Caters more to operations teams (Infrastructure
as Code) and requires less coding.
• Heat is the orchestration component of OpenStack®, which is a free, open source cloud
computing software platform used by some organizations as an IaaS solution. Heat provides a
template-based orchestration for resources through the execution of OpenStack API calls that
allow for the creation of most OpenStack resource types (such as instances, floating IPs,
volumes, security groups, and users) and provides advanced functionality such as high availability
deployment, autoscaling, and nested stacks. Heat is used mostly for infrastructure management,
and uses Chef or Puppet for installation. Used for orchestration in OpenStack environments
more commonly for infrastructure management.
• Juju is an open source service orchestration management tool developed by Canonical®, the
developers of the Ubuntu® OS. Juju enables the deployment, management, and scaling of
software and services on a variety of cloud services and servers running the Ubuntu OS. Used
for infrastructure orchestration in environments with the Ubuntu OS.
• Docker is an open platform for developing, shipping, running, and deploying applications
quickly using container-based virtualization. Docker is typically used by development teams for
rapid build and deployment as well as implementation of DevOps and continuous integration.

Often used by app development teams as part of a DevOps and continuous integration approach
to development.
• Visual Studio is an Integrated Development Environment (IDE) that can be used for creating
applications, automating tasks, and orchestrating processes. Visual Studio® is commonly used to
automate app testing. The Orchestration Designer is a visual tool for creating orchestrations and
is commonly used with BizTalk® Server. Primarily used in Microsoft environments to create
automation scripts and orchestrated workflows.
• GitHub is a website and service that allows developers to share code and collaborate on apps.
Both public and private code repositories are available. You can find many public automation
and orchestration tools in GitHub®, as well as tutorials, example scripts, and other information
useful in designing and implementing scripted automation and orchestration. Provides a code
repository and collaboration site where you can find automation and orchestration apps, code
samples, and tutorials for DevOps and Infrastructure as Code automation and orchestration.
Guidelines for Evaluating Automation and Orchestration

When evaluating automation and orchestration, consider the following guidelines: Guidelines for
• It's best to create simple and standardized automation routines. When evaluating automation and Evaluating Automation
and Orchestration
orchestration options, look internally to see how much, if any, automation or scripted
administration routines you can leverage to start with and how you might transfer those to cloud
services you're considering.
• When evaluating automation and orchestration options for cloud service vendors, look for
vendors that support tools and vendors that support languages and scripting architectures your
system operations staff is familiar with. For example, it may be easier for sys admins to automate
processes on Azure using Powershell® commands they're familiar with rather than using Chef,
which uses the Ruby language.
• Commit to a DevOps implementation to realize the full advantage of cloud computing. Utilizing
a DevOps approach can save time and costs, and help organizations utilize the cloud to its full
potential. Make automation and orchestration a priority and evaluate it in the same way you
would other priority cloud components.
• Closely document security processes and process steps related to automation and orchestration
and put procedures in place to update automated and orchestrated processes when security
processes change.
• Refine processes before considering them for automation. Make sure processes are good and
workable before automating and orchestrating them. In short, don't automate bad processes.

TOPIC E
Prepare for Cloud Deployment
As the cloud deployment approaches, members of the cloud project team should review deployment
plans, and make sure all cloud and non-cloud elements are ready for deployment. In this topic, you
will prepare for cloud deployment.
Cloud Deployment Plans

Cloud Deployment Plans The cloud deployment plan is the essential piece of documentation in a cloud deployment. The
deployment plan lists all the critical information required for the deployment to be successful. While
the deployment plan should include specific steps and references to command cheat sheets and
other specific technical data, it also contains information designed to help ensure the deployment
stays on track and meets the organization's goals. Although all deployment plans will be different,
every cloud deployment plan should address the following items:
• Business goals and milestones. This should state both the six-twelve month and the one-three
year vision and goals for the project. Ideally, it should state the business justification for the
project, the problems to be solved, or opportunities to be embraced. It should also state the
expected return on investment (ROI) for each goal. Milestones should also be attached to the
goal, and key performance indicators (KPIs) assigned so that the organization can track progress
towards achieving the desired goals.
• Key stakeholders and personnel. This includes executive sponsors and parties with a vested
financial interest in the success of the project, which are critical in pre-deployment stages to state
project value, and get executives and other impacted department heads on-board with cloud
projects. If communication in the early stages of the project is done right, these stakeholders
should see the project as their project and want to make it successful. During deployment, they
will expect regular updates on successes, challenges, and progress towards milestones. After
deployment, key stakeholders may be able to help positively message unexpected issues, work to
find solutions to problems, or reinforce the value of the project.
• Cloud deployment workflow. This is similar to any project plan. It may start at a very high
level and drill down into specific steps, including specific commands to be executed. The plan
should be reviewed by stakeholders and cloud deployment project team members so that
everyone is in agreement as to what steps need to be executed, in what order. Build in some team
reviews and flexibility to accommodate unexpected issues or changes that must be made. The
project execution plan should take into account the cloud structure that will be required to
support the solution, including network requirements, security requirements, and tiered
architecture required to support any applications.
• Dependencies. Dependencies are the relationships for preceding steps to succeeding tasks. You
can move your app to a cloud server without first provisioning the server at the CSP. There are
numerous dependencies in cloud projects, from creation of accounts, to extending applications
to connect to CSP APIs, and so forth. These should be mapped out in detail so that all team
members know what steps must come in what order, and, in the event a dependent step is
missed, it can quickly be identified and, hopefully, corrected.
• Risks and problems. Risks can derail the project. Many risks are based on dependencies. If the
team fails to execute a dependent task, the risk may turn into a problem: a problem that must be
dealt with at the expense of time and resources that could be spent doing other project
deployment tasks, and may potentially impact users and customers, cost a lot of money, or lead
to project failure. Plan ways to mitigate risks, and plan for ways to get assistance if risks arise, and
contingencies in the event risks turn into problems.
• Resources. Identify all resources needed for the project. Distribute the list to your team, and
keep it centrally located for reference. This includes people, designated experts, partner
Lesson 1: Preparing to Deploy Cloud Solutions | Topic E

resources, CSP resources, checklists, CSP implementation guides, and online resources; anything
your team needs to successfully execute the project execution plan.
• Communications. Make sure everyone on the team knows the plan, and all resources that you
may need are also well versed in the plan, their role, and when they may be needed.
Communications should take place in face-to-face meetings and use dedicated team messaging
such as Slack to ensure all parties can stay informed and get access to people they need. In
addition, where problems are concerned, there should be a notification procedure and escalation
path. If risks may impact external entities such as partners and clients, you should also add
communication and escalation paths for them, and potentially for public relations personnel to
handle any messages about outages or downtime.
Performance Measurement and Baselines

One of the biggest concerns with moving any service or app to the cloud is performance. While you Performance
may purchase compute resources from a CSP that are equal to or better than the compute resources Measurement and
already servicing a solution on-premises, the network connection will change. The service or app Baselines
will need to be accessed over lower speed WAN links. Services and apps will still need to perform at Ask students what type
an acceptable level. Poor performance can negatively impact productivity or be perceived as a cloud of application or service
deployment failure. Users want apps to perform well, and don't want an "upgrade" to the cloud to performance change
result in them having to wait for their apps to respond. would be unacceptable
to users or
Responsiveness for end-users is not the only performance concern. Services and apps are often management.
moved to the cloud expressly to improve back-end performance. Goals might be to reduce the
amount of time required to perform processing requests, data lookups, and so forth. A CSP should
provide superior compute resources and nearly infinite scalability depending on what services are
purchased. If improving performance of a service or app was a key goal for deploying it to the
cloud, then management and key stakeholders will want to see proof that performance has
improved.
The way to address both of these issues is to measure performance and create baselines. By
measuring front-end user interactions and response times, you will have data about how the service
or app performed prior to cloud deployment. Likewise, you should measure key back-end
processing and interaction times. This data becomes your baseline. Work with end users and experts
to determine common task's key back-end actions that should be measured as part of the baseline.
Once deployed to the cloud, you can measure the same performance metrics and compare those to
the baseline. This will tell you if the service or app is performing acceptably, and if you're seeing the
performance improvements you had hoped.

Figure 1-15: Performance metrics from a Google Cloud VM instance.
Cloud Structure Requirements

Cloud Structure To properly prepare for deployment, the cloud services and the design of the cloud solution should
Requirements specify a structure that best supports the solution you're deploying and meeting the business goals as
Ask students about apps defined. The cloud structure should be based on:
running in their
• Network requirements such as bandwidth, load balancing, high-availability, regional access, and
organization and if those
apps are two-tier or
other requirements.
three-tier. • Security and compliance requirements such as the need for encrypted connections between
clients, apps, and data sources, authentication and access controls, and other security
mechanisms.
• App architecture includes two-tier where clients (client tier) access the data directly (database
tier), or three-tier where an app running business logic sits between the client and the data to
perform additional processing (client tier, business tier, and data tier).
To successfully deploy a cloud solution, cloud project teams should be able to identify which type of
deployment structure will be most efficient, and put the required infrastructure and services in place
so that deployment can commence.

Two-Tier and Three-Tier App Architecture

To learn more about two-tier and three-tier app architecture, see: http://
www.softwaretestingclass.com/what-is-difference-between-two-tier-and-three-tier-
architecture/.
Target Hosts and Commands

You must also identify target hosts provided by the CSP where guest VMs or containers will be Target Hosts and
installed. The VMs and containers to be used as part of the solution will have configuration Commands
specifications defining resource requirements such as compute, memory, storage, and so forth.
Based on those requirements and the number of VMs or containers required for the solution, you
should be able to identify the requirements for the CSP resource systems or systems that will host
the VMs and containers. These will become the minimum specifications the target host must meet
for a successful deployment.
At the same time, any task steps or commands needed to provision hosts, VMs, containers, or other
CSP resources in preparation for deployment should be documented. Cloud team members
responsible for provisioning should have access to these commands, as well as checklists and usage
guides provided by the CSP for successful deployment. Once provisioned or activated, cloud team
members should know tasks or commands to verify needed resources are online and configured
correctly for the deployment.
Migration Tools
Many CSPs have migration tools available to help move data and applications. You should always Migration Tools
explore tools offered by CSPs as well as third-party tools, as these types of tools can save time Ask students if they
during deployment, may help ensure the deployment goes smoothly, and may offer other benefits. have been a part of any
For example, Microsoft Azure has a cloud migration site that allows you to get a custom assessment, cloud deployments and,
plan your migration, implement the migration, and access tools for moving data. Azure also offers a if so, were any migration
website migration assistant for those moving from on-premises IIS to the cloud. There are tools to tools used.
move SQL Server databases to Azure. Google Cloud, AWS, and other CSPs all have a number of
migration tools available.

Figure 1-16: Azure migration tools.
Open the Azure cloud

migration page at https:// Additional Information
azure.microsoft.com/en-
us/solutions/cloud-
For information on Microsoft Azure cloud migration planning, see: https://
migration/ and go azure.microsoft.com/en-us/migrate/.
through it as you For information on Microsoft website migration, see: https://azure.microsoft.com/en-us/
describe the options. downloads/migration-assistant/?
Consider showing the &WT.srch=1&WT.mc_id=AID623261_SEM_N5sM5IZf&gclid=EAIaIQobChMIrPfw_ZyT1
video from the page.
QIV04KzCh3ptgR8EAAYAyAAEgJ4m_D_BwE.
For information on the SQL Database Migration Wizard for Azure, see: https://
azure.microsoft.com/en-us/resources/videos/sql-database-migration-wizard/.
For information on Google Cloud migration planning, see: https://cloud.google.com/migrate/.
Benefits of DevOps Approach

Benefits of DevOps DevOps (a combination of development and operations), also referred to as infrastructure as code,
Approach moves automation and orchestration to a mindset and technical approach rather than an
DevOps processes and administrative activity. The approach emphasizes communication and collaboration between
benefits will be revisited management, development, and operations professionals with a goal of automating software
throughout the course. integration, testing, deployment, and infrastructure changes. DevOps focuses on improved
automation, orchestration, and measurement. In a DevOps environment, building, testing, and
releasing software happens rapidly, frequently, and more reliably. Provisioning of resources in the
data center happens through automation tools and scripts that are based on configuration files. In
this way, complex, multi-step software deployment and infrastructure provisioning tasks can become
easy, or events can be automated entirely based on triggered events such as application utilization.
A DevOps approach has many benefits, including:
• Fast implementation times, which can mean faster time to market and reduced ROI.
• More stable and reliable operations environments.
• Early detection and more rapid correction of issues (code or infrastructure).

• Improved collaboration between business, development, and operations, thus improving

business agility.
• Continuous release, deployment, testing, and monitoring of apps, thus facilitating faster
implementation and business agility.
Guidelines for Preparing for a Cloud Deployment

When preparing for a cloud deployment, consider the following guidelines: Guidelines for Preparing
• Consider using an agile methodology in your project execution plan. Execute a discrete series of for a Cloud Deployment
steps, then take time to evaluate the outcome. At that point you can continue the plan as
designed, or make changes. Make sure all key stakeholders, impacted users, and clients, as well as
cloud project team members, are aware of any changes.
• For shorter deployments of one to four weeks in length, use a more rigid and less flexible project
execution plan so that there is less chance of delay, and less deviation from the plan.
• For longer running deployments, those taking longer than four weeks, make the plan flexible.
This will allow you to accommodate unforeseen changes, and, hopefully, address them with
minimal impact to project milestones and goals.
• Take baseline measurements of key performance metrics, both front-end and back-end, to use
for comparison purposes once solutions are deployed to the cloud.
• If a problem materializes, be sure to assess the real impact on project milestones and goals. If the
problem at the stage in which it occurs will have little impact on reaching the impacted business
goals, then it may be wiser not to devote time and resources to mitigating the issue. Instead, you
may redefine some elements of scope to work around the problem.
• When taking baseline measurements, work with end-users and service or app experts to
determine common task key back-end actions that should be measured to determine the baseline
for a service or app.
• Document CSP task steps, including GUI and command-line steps, thoroughly, and cross-train
cloud team members so that multiple people are able to provision and configure CSP resources.
• Refer to CSP checklists and best practice guides when provisioning resources.
• Evaluate the benefits of a DevOps approach to cloud deployment and management.

ACTIVITY 1-1
Preparing to Deploy Cloud Solutions Review
Scenario
Answer the following review questions.
1. Have you participated in deploying apps or services to the cloud already, or

are you in the process of evaluating the cloud for potential deployment?
A: Answers will vary, but may include no, they have not been part of cloud deployment teams or yes,
they have participated in some aspects of cloud deployment.
2. What business or technical benefits could your organization see from moving
some apps or services to the cloud? Be as specific as possible.
A: Answers will vary, but may include rapid elasticity, pay only for what you use, access to new
technologies, or improvements in service quality.

Summary
In this lesson, you explored how cloud and non-cloud components and services interacted. You
evaluated existing components and services for cloud deployment as well as potential automation
and orchestration options for services once they were deployed to the cloud. Finally, you prepared
for cloud deployment.
Lesson 1: Preparing to Deploy Cloud Solutions |

Cloud Studyguide cv0-002 Samplelesson

Uploaded by

Copyright:

Available Formats

Cloud Studyguide cv0-002 Samplelesson

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cloud Studyguide cv0-002 Samplelesson

Uploaded by

Copyright:

Available Formats

Copyrighted Material

The Official CompTIA

Official CompTIA Content Series for CompTIA Performance Certifications

The Official CompTIA® Cloud+® Study

Course Edition: 1.0

Bob Carver, Author

The Official CompTIA®

Lesson 1: Preparing to Deploy Cloud Solutions............... 1

Lesson 2: Deploying a Pilot Project............................... 35

Lesson 3: Testing Pilot Project Deployments................. 55

| The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) |

Lesson 4: Designing a Secure and Compliant Cloud

Lesson 5: Designing and Implementing a Secure Cloud

Lesson 6: Planning Identity and Access Management for

Lesson 7: Determining CPU and Memory Sizing for Cloud

Lesson 8: Determining Storage Requirements for Cloud

| The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) |

Topic D: Determine Storage Security Options....................................... 166

Lesson 9: Analyzing Workload Characteristics to Ensure

Lesson 10: Maintaining Cloud Systems............................... 191

Lesson 11: Implementing Backup, Restore, Disaster

Lesson 12: Analyzing Cloud Systems for Performance........ 217

Lesson 13: Analyzing Cloud Systems for Anomalies and

Lesson 14: Troubleshooting Deployment, Capacity,

| The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) |

Topic A: Troubleshoot Deployment Issues............................................ 240

Lesson 15: Troubleshooting Connectivity Issues................. 257

Lesson 16: Troubleshooting Security Issues........................267

Appendix A: Taking the Exams........................................................... 285

Appendix B: Mapping Course Content to the CompTIA® Cloud+®

About This Guide

| The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) |

• Determine CPU and memory sizing for cloud deployments.

How to Use This Book

A Note provides additional information, guidance, or hints about a topic or task.

| About This Guide |

2 | The Official CompTIA® Cloud+® Study Guide (Exam CV0-002)

Technical Benefits of Cloud Computing

Business Benefits of Cloud Computing

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) | 3

• Movement of IT expenses from Capital Expenditures (CapEx) to Operational

Common Types of Cloud Services

Cloud Service Providers

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

4 | The Official CompTIA® Cloud+® Study Guide (Exam CV0-002)

Core Cloud Solution Components

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) | 5

Additional Cloud Computing Components

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

6 | The Official CompTIA® Cloud+® Study Guide (Exam CV0-002)

Common Cloud Deployments

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

The Official CompTIA® Cloud+® Study Guide (Exam CV0-002) | 7

Deployment Type Description

Further Deployment Differentiation

Lesson 1: Preparing to Deploy Cloud Solutions | Topic A

8 | The Official CompTIA® Cloud+® Study Guide (Exam CV0-002)