1644: Cloud Computing -

assignment 2 - PASS
Data Warehousing
FPT University
36 pag.

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 ASSIGNMENT 2 BRIEF
Qualification BTEC Level 5 HND Diploma in Computing

Unit number Unit 16: Cloud Computing

Assignment title Cloud’s implementation and security threats

Academic Year 2021 – 2022

Unit Tutor Ho Hai Van

Issue date Submission date 18th Oct, 2022

IV name and date

Submission Format:

Format:
A report (in PDF format)
You must use font Calibri size 12, set number of the pages and use multiple line spacing at
1.3. Margins must be: left: 1.25 cm; right: 1 cm; top: 1 cm and bottom: 1 cm. The reference
follows Harvard referencing system.
Submission Students are compulsory to submit the assignment in due date and in a way requested by
the Tutors. The form of submission will be a soft copy posted on
http://cms.greenwich.edu.vn/
Note: The Assignment must be your own work, and not copied by or from another student or from
books etc. If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style. Make sure that you know how to reference properly,
and that understand the guidelines on plagiarism. If you do not, you definitely get failed

Unit Learning Outcomes:

LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools.

LO4 Analyze the technical challenges for cloud applications and assess their risks

Assignment Brief and Guidance:

Task 1

Page 1

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Base on the scenario and architecture design in the first assignment provide the
implementation. Because of the time constraint of the assignment, the implementation just
provides some demo functions of the scenario. The implementation includes two parts:

• A step-by-step instruction
o which shows which functions are implemented
o How to config, deploy and test the services (Web application, Database Server,
Source code management, server logs...) using service provider’s frameworks
and open-source tools.
o Images for the built functions
• A brief discussion about difficulties which one can face during the development
process(optional)
• The source code for the built application

Task 2

The table of contents in your security manual (which should be 500–700 words) should be
as follows:

1. Analysis of the most common problems and security issues of a cloud computing
platform.
2. Discussion on how to overcome these issues.
3. Summary.

Page 2

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO3 Develop Cloud Computing solutions using service provider’s

frameworks and open-source tools
D2 Critically discuss how one
P5 Configure a Cloud M3 Discuss the issues and can overcome these issues and
Computing platform with a constraints one can face during constraints.
cloud service provider’s the development process.
framework.

P6 Implement a cloud platform

using open-source tools.

LO4 Analyse the technical challenges for cloud applications and

assess their risks

P7 Analyse the most common M4 Discuss how to overcome D3 Critically discuss how an
problems which arise in a Cloud these security issues when organisation should protect
Computing platform and building a secure cloud their data when they migrate
discuss appropriate solutions to platform. to a cloud solution.
these problems.
P8 Assess the most common
security issues in cloud
environments.

Page 3

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 TABLE OF CONTENTS:

Contents
ASSIGNMENT ANSWER: .................................................................................................................................................... 5
INTRODUCTION ................................................................................................................................................................. 5
P5: CONFIGURE A CLOUD COMPUTING PLATFORM WITH A CLOUD SERVICE PROVIDER’S FRAMEWORK. .................. 5
1. NodeJS: .................................................................................................................................................................. 5
1.1. What is NodeJS: ............................................................................................................................................ 5
1.2. How to install NodeJS: .................................................................................................................................. 5
2. MongoDB: ............................................................................................................................................................. 6
2.1. What is MongoDB: ........................................................................................................................................ 6
2.2. Install MongoDB:........................................................................................................................................... 7
2.3. Setup MongoDB Atlas: ................................................................................................................................ 10
2.4. MongoDB Compass: .................................................................................................................................... 11
2.5. Download NoSQL Booster: ......................................................................................................................... 14
3. Heroku: ................................................................................................................................................................ 14
3.1 Definition......................................................................................................................................................... 15
3.2 Download Heroku CLI ..................................................................................................................................... 15
3.3 Create project on Heroku ............................................................................................................................... 17
4. GitHub: ................................................................................................................................................................ 18
4.1. Definition:.................................................................................................................................................... 18
4.2. Install Git: .................................................................................................................................................... 19
P6 IMPLEMENT A CLOUD PLATFORM USING OPEN-SOURCE TOOLS. ........................................................................... 20
1. Create & Setup for ATN project: ......................................................................................................................... 20
2. Connect with MongoDB:..................................................................................................................................... 21
3. CRUD & coding function: .................................................................................................................................... 22
4. Upload on Heroku ............................................................................................................................................... 27
P7 ANALYSE THE MOST COMMON PROBLEMS WHICH ARISE IN A CLOUD COMPUTING PLATFORM AND DISCUSS
APPROPRIATE SOLUTIONS TO THESE PROBLEMS. ......................................................................................................... 28
1. There are many problems which arise in a Cloud Computing platform and discuss appropriate: .................. 28
2. Solution: .............................................................................................................................................................. 31
P8 ASSESS THE MOST COMMON SECURITY ISSUES IN CLOUD ENVIRONMENTS. ........................................................ 32
1. What is Cloud Security ........................................................................................................................................ 32
2. Problem about Cloud Security ............................................................................................................................ 32
3. Conclusion: .......................................................................................................................................................... 35
REFERENCES: ................................................................................................................................................................... 36
Page 4

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 ASSIGNMENT ANSWER:

INTRODUCTION
In this report, I'll introduce a few frameworks from suppliers and walk through the process of deploying a
static website on the Heroku platform. Additionally, I analyze a few frequent vulnerabilities that occur in a
cloud computing platform and suggest suitable fixes to evaluate the most frequent security concerns in a
cloud context.

P5: CONFIGURE A CLOUD COMPUTING PLATFORM WITH A CLOUD SERVICE PROVIDER’S FRAMEWORK.
1. NodeJS:
1.1. What is NodeJS:

Node.js is an open-source, cross-platform, back-end JavaScript runtime environment that

runs on a JavaScript Engine and executes JavaScript code outside a web browser, which was
designed to build scalable network applications. Node.js lets developers use JavaScript to
write command line tools and for server-side scripting—running scripts server-side to
produce dynamic web page content before the page is sent to the user's web browser.
Consequently, Node.js represents a "JavaScript everywhere" paradigm,[6] unifying web-
application development around a single programming language, rather than different
languages for server-side and client-side scripts.

1.2. How to install NodeJS:

Installation of NodeJS and NPM is straightforward using the installer package available at
NodeJS official web site.

• Download the installer from NodeJS Website.

• Run the installer.
• Follow the installer steps, agree the license agreement, and click the next button.

Page 5

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 • Restart your system/machine.

Now, test NodeJS by printing its version using the following command in Command Prompt:

and test npm by printing its version using command

Simple way to test NodeJS work in your system is to create a JavaScript file which print a
message.

Lets create test.js file

Run the test.js file using Node command > node test.js in command prompt.

2. MongoDB:
2.1. What is MongoDB:

MongoDB is an open-source NoSQL database management program. NoSQL is used as an

alternative to traditional relational databases. NoSQL databases are quite useful for working

Page 6

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 with large sets of distributed data. MongoDB is a tool that can manage document-oriented
information, store or retrieve information.

2.2. Install MongoDB:

Step 1: Download MongoDB Community Server

Go to https://www.mongodb.com/try/download/community and Download MongoDB

Community Server. We will install the 64-bit version for Windows.

Step2 : Click on Setup

Once download is complete open the msi file. Click Next in the start up screen

Page 7

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Step 3: Accept the End-User License Agreement

Step 4: Click on the “complete” button

Page 8

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Step 5: Service Configuration

Step 6: Start installation process

Page 9

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Step 8: Click on the Finish button

2.3. Setup MongoDB Atlas:

MongoDB Atlas provides an easy way to host and manage your data in the cloud. This tutorial
guides you through creating an Atlas cluster, connecting to it, and loading sample data.
To get started using the Atlas UI:

Page 10

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
2.4. MongoDB Compass:
Step 1: Firstly, go MongoDb website and download MongoDB Compass.

Page 11

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Step 2: Unzip File after downloading.

Step 3: Double click the installer icon.

Step 4: Follow the installation prompts and customize the installation according to your
need.

Page 12

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Step 5: At this stage, a prompt will pop which can be used to configure the setting of the
MongoDB Compass.

Step 6: After the above step, all installation process is done. now you can work with your
databases.

Page 13

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 2.5. Download NoSQL Booster:
What is NoSQL Booster?
NoSQL Booster is one of the most popular cross-platform GUI (Graphical User Interface) tools
for MongoDB that houses a built-in MongoDB Script Debugger, Comprehensive Server
Monitoring Tools, Query Code Generator, and advanced IntelliSense support.

How to Setup NoSQL Booster?

o Click here to download NoSQL Booster for your preferred operating system.

o Navigate to the Downloads section of your browser and open the downloaded file.
o Follow the instructions on the Installation Wizard and keep on clicking Next.
o Once you have successfully installed NoSQLBooster, open it and click on
the Connect option to create a new connection.
o The Connection Editor will automatically fetch details from the MongoDB service
and once all the appropriate fields have been filled, click on the Save and
Connect button

3. Heroku:

Page 14

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
3.1 Definition
Heroku is a cloud platform as a service (PaaS) supporting several programming languages.
One of the first cloud platforms, Heroku has been in development since June 2007, when it
supported only the Ruby programming language, but now supports Java, Node.js, Scala,
Clojure, Python, PHP, and Go.
3.2 Download Heroku CLI
Step 1: Download Windows installer
Download the appropriate installer for your Windows installation from here according to
the system configuration.

Step 2: Running the installer to the system

Now, click on the installer file and it will ask for choosing components from the following
options as given below.

Make sure that you check all of them. Now click the “Next” button.

Page 15

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Step 3: Setting the destination folder
Default path will be the path of the C drive of system. The default path for installation can
be changed using the “Browse” button.

Step 4: Installation:
After clicking “Install”, it will start to install Heroku CLI into the destination folder as shown
in the below screenshot:

Page 16

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Heroku CLI has been successfully installed on your system. To verify, Run the following
command in the Command Prompt or Terminal.

For checking the version of Heroku, Run the following command in the terminal:

So, the Heroku CLI has been installed properly of your system
3.3 Create project on Heroku
Step 1: You need to register for a Heroku account and log in.

Page 17

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Step 2: Create an app on Heroku
On the Heroku homepage, select “New > Create new app”

Fill in your app information in the app creation form then click “Create app”
Once created, you will be redirected to the newly created app management page. This page
will have an interface like the following image:

4. GitHub:
4.1. Definition:

Page 18

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 GitHub is an online software development platform used for storing, tracking, and
collaborating on software projects. It enables developers to upload their own code files and
to collaborate with fellow developers on open-source projects. GitHub also serves as a social
networking site in which developers can openly network, collaborate, and pitch their work.

4.2. Install Git:

Git is open-source version control software, used for managing and tracking file revisions. It
can be used with any file type but is most often used for tracking code files. Git is the most
widely used version control system in software development, and GitHub leverages this
technology for its service, hence its name.
• Git for Windows stand-alone installer
Step 1: Download the latest Git for Windows installer.
Step 2: When you've successfully started the installer, you should see the Git Setup
wizard screen. Follow the Next and Finish prompts to complete the installation. The
default options are sensible for most users.
Step 3: Open a Command Prompt (or Git Bash if during installation you elected not to
use Git from the Windows Command Prompt).

Step 4: Run the following commands to configure your Git username and email using the
following commands, replacing Emma's name with your own. These details will be
associated with any commits that you create:
$ git config --global user.name "Emma Paris" $ git config --global user.email
"[email protected]"
Step 5: Optional: Install the Git credential helper on Windows
Bitbucket supports pushing and pulling over HTTP to your remote Git repositories on
Bitbucket. Every time you interact with the remote repository, you must supply a
Page 19

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 username/password combination. You can store these credentials, instead of supplying
the combination every time, with the Git Credential Manager for Windows.

P6 IMPLEMENT A CLOUD PLATFORM USING OPEN-SOURCE TOOLS.

1. Create & Setup for ATN project:

Create folder project and setting environment for project by using npm:

Step 1: using this command for setup file package.json and project with NodeJS: npm init –y

Step 2: install module express for project with command: npm install express –save

Step 3: install ejs module for dynamic website: npm install ejs –save

Step 4: install module mongodb to connect with the NoSQL MongoDB: npm install mongodb –save

Page 20

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Step 5: install module for server to handle the data at message request of client: npm install body-
parser –save

2. Connect with MongoDB:

To connect the project with MongoDB, we must login an account and create new project:

After that, using connection string and connect with project throw class server.js:

Page 21

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
3. CRUD & coding function:

By using NodeJS for ATN project, I will demo 4 features is: Create, Update, Delete and View.

First class is sever.js have a mission is connect to server host and connect to database. This class
navigation for all function in project.

Page 22

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Page 23

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
The main.js class into public folder is handle and catch the event buttons in front-end and doing
mission corresponding.

Page 24

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
File index.ejs into views folder is a front-end code for showing for user an interface of project:

Page 25

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 Page 26

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
4. Upload on Heroku

Before uploading project on Heroku, we must login and create a new app on Heroku website:

After that, login Heroku throw git on device:

And now update the project on Cloud:

When the project was updated on cloud, we can check it by using open app on Heroku:

Page 27

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 This is the project on Cloud:

Link project on Heroku Cloud: https://asm-ghuy-123.herokuapp.com/

P7 ANALYSE THE MOST COMMON PROBLEMS WHICH ARISE IN A CLOUD COMPUTING PLATFORM AND
DISCUSS APPROPRIATE SOLUTIONS TO THESE PROBLEMS.
1. There are many problems which arise in a Cloud Computing platform and discuss appropriate:

Recently, Flexera conducted its annual State of the Cloud Survey on the latest cloud trends. They
questioned 997 technical professionals across a broad cross-section of organizations about their
adoption of cloud infrastructure. Their findings were insightful, especially regarding current cloud
computing challenges.

To answer the main question of what the challenges for cloud-based computing are, below we have
expanded upon some of their findings and provided additional problems that businesses may need
to address. Let’s start with the ever-pressing subject of cybersecurity.

Page 28

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 ❖ Security issues

We mentioned the hot debate surrounding data protection in our definitive business intelligence
trends guide. Like many other branches of technology, security is a pressing concern in the world of
cloud-based computing, as you are unable to see the exact location where your data is stored or
being processed. This increases the risks that can arise during the implementation or management
process.

Currently, 93% of leading companies across sectors are highly concerned about experiencing a
significant data breach within their cloud-centric ecosystems.

❖ Cost management and containment

The next part of our cloud computing risks list involves costs. For the most part, modern computing
can save businesses money. In the cloud, an organization can easily ramp up its processing capabilities
without making large investments in new hardware. Businesses can instead access extra processing
through pay-as-you-go models from public providers. However, the on-demand and scalable nature
of cloud computing services make it sometimes difficult to define and predict quantities and costs.

Luckily there are several ways to keep cloud costs in check, for example, optimizing costs by
conducting better financial analytics and reporting, automating policies for ruling, or keeping the
management reporting practice on the course, so that these issues in computing could be decreased.

Page 29

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
Another recent innovation that helps mitigate costs and tackle this most pressing of issues in cloud
computing is multi-cloud computing tools. Currently, 32% of businesses use multi-cloud cybersecurity
tools to reduce the financially devastating risk of data breaches, while 31% of leading enterprises use
direct multi-cloud cost management tools to mitigate financial efficiency across the organization. In
both cases, the return on investment (ROI) is healthy. As such, we expect to see an increase in
adoption soon.

❖ Lack of resources/expertise

One of the cloud challenges companies and enterprises are facing today is a lack of resources and/or
expertise. Organizations are increasingly placing more workloads in the system while cloud
technologies continue too rapidly advance. Due to these factors, organizations are having a tough
time keeping up with the tools. Also, the need for expertise continues to grow. These challenges can
be minimized through additional training of IT and development staff. A strong CIO championing
cloud adoption also helps. As Cloud Engineer Drew Firment puts it:

“The success of adoption and migrations comes down to your people — and the investments you
make in a talent transformation program. Until you focus on the #1 bottleneck to the flow of cloud
adoption, improvements made anywhere else are an illusion.”

SME (small and medium-sized) organizations may find adding specialists to their IT teams to be
prohibitively costly. Luckily, many common tasks performed by these specialists can be automated.
To this end companies are turning to DevOps tools, like Chef and Puppet, to perform tasks like
monitoring usage patterns of resources and automated backups at predefined time periods. These
tools also help optimize the cloud for cost, governance, and security.

❖ Governance/Control

There are many challenges facing cloud computing and control is in place number 4. Proper IT
governance should ensure IT assets are implemented and used according to agreed-upon policies and
procedures; ensure that these assets are properly controlled and maintained and ensure that these
assets are supporting your organization’s strategy and goals.

In today’s cloud-based world, IT does not always have full control over the provisioning, de-
provisioning, and operations of infrastructure. This has increased the difficulty for IT to provide the
governance, compliance, risks, and data quality management required. To mitigate the various risks
and uncertainties in transitioning to the cloud, IT must adapt its traditional IT control processes to
include the cloud. To this effect, the role of central IT teams in the system has been evolving over the
last few years. Along with business units, central IT is increasingly playing a role in selecting,
brokering, and governing cloud services. On top of this third-party cloud computing/management
providers are progressively providing support and best practices.

Page 30

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 ❖ Compliance

One of the risks of cloud computing is facing today is compliance. That is an issue for anyone using
backup services or storage. Every time a company moves data from the internal storage to a cloud, it
is faced with being compliant with official regulations and laws. For example, healthcare
organizations in the USA must comply with HIPAA (Health Insurance Portability and Accountability
Act of 1996), public retail companies have to comply with SOX (Sarbanes-Oxley Act of 2002), and PCI
DSS (Payment Card Industry Data Security Standard).

❖ Managing multiple clouds

Challenges facing cloud computing haven’t just been concentrated in one, single cloud.

The state of multi-cloud has grown exponentially in recent years. Companies are shifting or combining
public and private clouds and as mentioned earlier, tech giants like Alibaba and Amazon are leading
the way.

The survey by Flexera mentioned above shows that 89% of enterprises have a multi-cloud strategy.
Enterprises with a hybrid strategy (combining public and private clouds) reach 80%, while
organizations with a strategy of multiple public clouds or multiple private clouds grew slightly but
stay under 10%.

2. Solution:

We have created ways to protect and address the problem with the present cloud paradigm. It is the
most effective contribution to reducing potential risks associated with using the service,
notwithstanding its lack of thoroughness.

In terms of security:

We employ a private cloud system that is managed and monitored in accordance with stringent
security protocols to ensure the highest level of security. To strengthen information security, extra
layers of defense and security services will be added.

Data loss issue: To restore data in the event of an error, we will build a backup system that is
continuously updated and works in tandem with the cloud system.

Internet issues: To reduce crashes or disruptions while in use, we shall deploy a costly internet
system. Additionally, we will act as soon as there are issues with the internet connection.

Page 31

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 P8 ASSESS THE MOST COMMON SECURITY ISSUES IN CLOUD ENVIRONMENTS.
1. What is Cloud Security

Cloud Security is an acronym for Cloud Computing Security, meaning cloud computing security. This
is a service concept that is no stranger to business organizations around the world, talking about a
comprehensive solution to information technology problems in the cloud. The growth of cloud
computing services is a common trend, and businesses are starting to move and store large volumes
of data and organizational applications to the cloud to make it easy to work from anywhere when
there is no access to the cloud. at the office… Accompanying the development, there are always
threats to data security. Therefore, the need for Cloud Security is even more important, if any
organization is loose in this service, not paying attention to it, it will lose many of its great benefits
and certainly face the risk of collapse. poured very quickly.

Cloud Security solution is a solution to provide for a system that does not work at the office server
but works on the Cloud Server. If a stranger attacks the Server on the Cloud, it will lose that system
(the system is unusable at this time) and to avoid that, each business needs to protect the system on
the Cloud to ensure that the computer environment is safe. whole.

2. Problem about Cloud Security

What Are the Top 5 Cloud Computing Security Challenges?

All organizations that rely on cloud platforms need enhanced security that still allows team members,
customers, and other stakeholders to access their applications and online data from a wide range of
locations. With the adoption of cloud applications and storage growing each year, businesses need

Page 32

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
to understand the security challenges that cloud computing entails. In 2020, the total worth of the
cloud computing market was USD 371.4 billion, with a predicted compound annual growth rate of
17.5% (Sumina, 2022). If this growth rate holds, the total cloud computing market will be worth
approximately USD 832.1 billion by 2025. Reliable industry growth is therefore driving demand for
more cloud computing security professionals. Because of the growing demand for cloud technologies
that are accessible across a wide range of geographical areas, cybersecurity professionals, particularly
cloud security engineers, are faced with the task of overcoming various cloud computing security
issues and challenges.

Common Cloud Computing Security Risks

As a cybersecurity professional, it’s important to be aware of the security threats, issues, and
challenges your customer’s or employer’s cloud infrastructure faces. Some of the most common ones
include:

❖ Security system misconfiguration

❖ Denial-of-Service (DoS) attacks
❖ Data loss due to cyberattacks
❖ Unsecure access control points
❖ Inadequate threat notifications and alerts
Security System Misconfigurations

According to Trend Micro’s (2021) analysis of data from the Amazon Web Services (AWS) and
Microsoft Azure cloud platforms, between 65 and 70% of all cloud security issues arise from security
misconfigurations. There are multiple reasons why misconfigurations can occur in a cloud network’s
security system.

First, cloud infrastructure is optimized for accessibility and data sharing, making it difficult for
cybersecurity professionals to ensure that only authorized parties can access data. An excellent
example of this is link-based data sharing, wherein anyone with a link can gain access to data.

Second, using a cloud service means that organizations don’t have complete visibility into or control
of their infrastructure, instead relying on the security arrangement of the cloud service provider
(CSP). This dependence on CSPs for security highlights the importance of choosing a quality CSP.

Page 33

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
A third reason cloud security misconfigurations occur is that many organizations use more than one
CSP and have trouble familiarizing themselves with each CSP’s security controls. A failure to
understand all applicable security controls can lead to misconfigurations and security oversights,
creating weaknesses that malicious hackers can exploit.

Denial-of-Service (DoS) Attacks

DoS attacks can cause a machine or a network to crash, making it no longer accessible to users.
Malicious attackers can either send information to the target that causes it to shut down or flood it
with traffic to overwhelm it and cause a crash.

A downed network can be held for ransom and cause revenue losses, and it can also harm a
company’s authority and customer relations. Cloud security experts need in-depth knowledge of how
to implement DoS attack protection and remediation strategies.

Data Loss Resulting from Cyberattacks

Defending a partially or fully migrated network against cyberattacks of all types poses unique
challenges for cybersecurity professionals. Cybercriminals often target cloud-based networks
because they are generally accessible from the public internet. Since multiple companies will often
use the same CSP, attackers can repeat a successful cyberattack on one target to gain access to many
more. Additionally, cloud-based infrastructures are frequently not secured properly, a fact that many
malicious hackers are aware of and know how to exploit.

Losing valuable data through human error, natural disasters that destroy physical servers, or
malicious attacks that aim to destroy data can be disastrous for any company. Moving business-
critical data to the cloud can increase these security concerns, since organizations won’t be able to
access the affected servers on site. Functional and tested disaster recovery and backup processes
need to be in place to counter this risk. Security solutions will need to be built into every network
layer to protect against data loss from cyberattacks.

Unsecure Access Control Points

One of the main attractions of cloud networks is their accessibility from anywhere, which allows
teams and customers to connect regardless of their location. Unfortunately, many of the technologies
with which users interact, like application programming interfaces (APIs), are vulnerable to attacks if
cloud security is not correctly configured and optimized. Since these vulnerabilities give hackers an
Page 34

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 entry point, it’s important to use web application firewalls to confirm that all HTTP requests originate
from legitimate traffic, thus ensuring that web applications and operations relying on APIs are
constantly protected.

Inadequate Threat Notifications and Alerts

One of the cornerstones of any effective network or computer security system is how quickly threat
notifications and alerts can be sent to website or security personnel. Cloud-based systems are no
different. Instant notifications and alerts enable proactive threat mitigation, which can prevent
successful hacks and minimize damages.

3. Conclusion:

In my conclusion, I outlined the various frameworks employed by service providers and provided a
thorough description of how to upload a static website to the Heroku platform. I also look at a few
typical problems that come up in cloud computing platforms and discuss useful strategies for
ranking the most prevalent security problems in cloud systems.

Page 35

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])
 REFERENCES:
Blog. 2022. Top 10 security concerns for cloud-based services. [online] Available at:
https://www.imperva.com/blog/top-10-cloud-security-concerns/ [Accessed 18 Oct 2022].
Blog. 2022. Top 10 security concerns for cloud-based services. [online] Available at:
https://www.imperva.com/blog/top-10-cloud-security-concerns/ [Accessed 18 Oct 2022].
Blog. 2022. Top 10 security concerns for cloud-based services. [online] Available at:
https://www.imperva.com/blog/top-10-cloud-security-concerns/ [Accessed 18 Oct 2022].
DATAVERSITY. 2022. A Brief History of Cloud Computing - DATAVERSITY. [online] Available at:
https://www.dataversity.net/brief-history-cloud-computing/ [Accessed 14 Oct 2022].
SaM Solutions. 2022. Virtualization in Cloud Computing [Types and Techniques Overview] |
SaM Solutions. [online] Available at: https://www.sam-solutions.com/blog/virtualization-
techniques-in-cloud-computing/#:~:text=Virtualization%20is%20the%20creation%20of.
[Accessed 18 Oct 2022]

Page 36

Document shared on www.docsity.com

Downloaded by: tran-minhquan ([email protected])