How can the department improve trust within their service offering?
A government department has converted their internal software development environment into a
cloud services offering. The department is actively marketing the capability to other agencies. The
other agencies are interested, but identity compliance is a serious concern.
How can the department improve trust within their service offering?
What should be addressed when migrating to ITaaS and implementing a service catalog for the retail and electro
A hosting company has experienced a sudden increase in customer interest and wishes to
implement ITaaS. They are now hosting online shopping applications for several retail computer
and electronics companies.
Developers in the customer companies have the ability to publish applications and changes to
their stores. Shoppers access these stores using a variety of mobile applications and web
browsers.
What should be addressed when migrating to ITaaS and implementing a service catalog for the
retail and electronic companies?
Which capability best meets their in-flight encryption requirement?
In an effort to grow market share, a financial company has decided to expand their portfolio of
web-based services to residential and mobile users. To improve adoption of these services, the
software development team was given the requirement to encrypt data in flight without requiring a
software footprint on the client.
Which capability best meets their in-flight encryption requirement?
Which cloud single sign-on solution would best fit the needs of this SaaS application?
You are working with an independent software vendor to deploy a new SaaS-based application
into an organization’s private cloud. The application supports REST and SAML binding for
authentication. Which cloud single sign-on solution would best fit the needs of this SaaS
application?
Where would you document your findings?
A large marketing company is in the initial stages of assessing their suitability for ITaaS. You, the
cloud architect, interview the IT personnel and discover the following:
The company does not maintain a CMDB of their virtual server environment.
Security software to protect the network from unauthorized external access is inadequate.
Standardized services offering, self-service provisioning, and consumption-based reporting
capabilities do not exist.
Where would you document your findings?
Which individual would be the best candidate to fill this role?
You are a cloud consultant recently assigned to help an international pharmaceutical manufacturer
implement ITaaS. The company has a well-staffed, highly technical IT organization.
There are concerns that implementing ITaaS will be met with resistance, because the IT group
may feel that their job security is threatened.
You are seeking an individual within the organization to fill the role of Executive Sponsor for the
ITaaS transformation project. Which individual would be the best candidate to fill this role?
Which network layer would best address this situation, and why?
An IT security team is concerned about the authentication traffic patterns that may be required to
integrate the private and public clouds. As a result, IT has elected to federate their active directory
using ADFS from the private cloud to the public cloud.
One of the design decisions is whether to use a Layer 2, 3, or 7 firewall / switch mechanism
between the public and private clouds. There are trade-offs with each choice.
Which network layer would best address this situation, and why?
what would you recommend?
An organization is expanding its private cloud to a hybrid deployment to accommodate growth in
its web / database application. The CIO is concerned about the security risks associated with the
public cloud. They do not view firewall security as adequate to protect important company data.
Encryption is being considered as a security measure.
As the cloud architect, what would you recommend?
What is the primary reason the IT security risk team is proposing the use of strong authentication for all ser
A company has deployed a fully operational, private PaaS service. The service catalog links to an
orchestration engine that builds servers automatically.
What is the primary reason the IT security risk team is proposing the use of strong authentication
for all service catalog users?
Which service characteristic should the SaaS provider implement to improve the user log-on reliability and sca
A marketing company is using a Customer Relationship Management SaaS. The SaaS provider
has deployed hardware load balancers to distribute users between application servers. User login
states are preserved in the load balancer. Subsequent login requests direct each user to the same
application server. If the server is unavailable or too busy, the user cannot log on.
Although the company is very happy with the SaaS cost savings they are unhappy with application
availability. To improve application scalability the SaaS provider added new servers to the
environment. Users, however, are still experiencing the same problem.
Which service characteristic should the SaaS provider implement to improve the user log-on
reliability and scale application performance?