Module 1.

1. A university is planning to host virtual labs for students but wants to reduce hardware
costs and increase server usage. How can virtualization and cloud computing help,
and which cloud model should they adopt?

Universities often struggle with maintaining multiple physical lab setups for different
subjects or departments.
 Cloud computing, particularly using virtualization, enables universities to create
multiple virtual labs using the same underlying hardware.
 This not only reduces cost but allows remote access for students, making it ideal for
blended and online learning.
 A private cloud ensures that student data remains secure, while a hybrid model
could extend some services publicly.
 Using cloud-based lab environments also allows for quick resets, snapshots, and
scalable usage based on class size.

2. A logistics company has been using on-premise infrastructure for over a decade. With
the rise of global e-commerce and mobile tracking, what technological evolutions
should it consider to transition smoothly to cloud computing?
• A logistics company managing transportation, warehousing, and delivery with on-
premise systems can face issues with real-time tracking and scaling operations.
• Cloud computing provides scalable compute resources, real-time analytics, and
integrations with IoT devices (e.g., GPS trackers on trucks).
• Shifting to cloud enables real-time decision-making, global accessibility, and
disaster recovery options.
• The evolution includes adopting microservices, containerization, and using AI for
route optimization and demand forecasting.
• A hybrid approach allows legacy systems to integrate gradually with new cloud
components.

3. A mobile app development startup is deciding between using IaaS and PaaS for their
backend services. Given their limited team size and need for fast deployment, which
model is more suitable and why?
• Startups typically lack a large IT team to manage servers, networks, and operating
systems.
• IaaS provides basic infrastructure, but still requires setup and maintenance of OS,
middleware, and applications.
• PaaS provides an out-of-the-box development and deployment platform — ideal for
small teams to focus on building and deploying apps.
• It supports quick launches, auto-scaling, and integrates with DevOps tools easily.
• However, PaaS may be limited in customization compared to IaaS, depending on the
use case.
4. A government organization needs to store confidential citizen data and also offer
public services through a website. What cloud deployment model
(public/private/hybrid/community) would best meet their security and accessibility
needs? Justify your answer.
• Governments handle sensitive personal data that must comply with legal and
security regulations.
• Private clouds can securely store sensitive databases (e.g., ID, health records), while
public-facing portals (e.g., tax websites) can run on public clouds.
• Hybrid cloud offers the best of both — internal security and external accessibility.
• Data encryption, access controls, and compliance with national data protection laws
are essential.
• This model also allows resource optimization, cost-effectiveness, and better citizen
engagement.

5. An IT company is integrating cloud solutions from both AWS and Google Cloud.
How can following the NIST cloud architecture help ensure compatibility and
security across both platforms?
• Using services from multiple cloud vendors improves redundancy and prevents
vendor lock-in.
• However, managing different cloud environments can be complex without a
standard framework.
• NIST architecture defines essential roles — cloud consumer, provider, broker,
auditor, carrier — which help assign clear responsibilities.
• It also outlines five essential characteristics: on-demand self-service, broad network
access, resource pooling, rapid elasticity, and measured service.
• Following this model ensures secure, interoperable, and scalable solutions across
platforms.

6. A retail business is moving to a SaaS solution like Salesforce. In the context of the
NIST model, what are the key roles and responsibilities the business must understand
as a cloud consumer?
• SaaS platforms like Salesforce provide CRM, sales automation, and analytics via the
cloud.
• The business does not manage infrastructure or application updates — these are
handled by the service provider.
• However, the business must control user access, ensure proper data input, and
maintain data privacy.
• The NIST model helps define this shared responsibility — the provider handles
backend; the consumer is responsible for frontend and data usage.
• SaaS accelerates deployment and reduces costs, but requires vigilance in data
security from the consumer side.
7. A local bakery expands into online sales and wants to avoid high initial investment in
IT infrastructure. How does the cloud computing business model support such small
businesses, and what financial benefits can they gain over traditional IT setup?
• A bakery planning to offer online ordering needs a cost-effective and easy-to-use
solution.
• SaaS platforms like Shopify, Wix, or Zoho Commerce allow businesses to set up
online storefronts without technical expertise.
• The cloud business model supports OpEx (pay monthly), avoiding large upfront
CapEx (buying servers, hiring developers).
• It also allows scaling during festive seasons or promotions, with built-in payment
and delivery plugins.
• Cloud simplifies digital transformation for small businesses by lowering entry
barriers.

8. A healthcare startup stores patient records on a public cloud. What cloud security
practices should the service provider and the startup follow to ensure HIPAA
compliance in a multi-tenant environment?
• Healthcare applications handle electronic health records, prescriptions, and patient
diagnostics — requiring strict privacy.
• Public cloud providers offer HIPAA-compliant environments, but the startup must
configure them securely.
• Best practices include: encrypting data in transit and at rest, setting up access logs,
using VPCs, and limiting user privileges.
• A breach could result in legal and financial consequences, so both technical and
regulatory compliance is essential.
• Partnering with a provider that offers secure APIs and continuous monitoring is
beneficial.

9. An enterprise moves from purchasing on-premise servers to subscribing to a cloud-

based infrastructure. What are the trade-offs between CapEx and OpEx in this
decision, especially in the long-term financial planning?
• Traditionally, enterprises purchase hardware (CapEx), which requires planning for
depreciation, upgrades, and maintenance.
• Cloud computing allows OpEx — pay only for what you use monthly — making
budgeting more predictable and scalable.
• This flexibility helps during demand spikes or global expansion without waiting for
hardware procurement.
• However, poorly managed cloud usage can lead to 'bill shock' due to unexpected
expenses.
• Cloud cost optimization tools and regular audits are required to balance spending
effectively.
 10. A software company adopts DevOps with CI/CD tools and serverless architecture for
frequent product updates. How does cloud computing architecture facilitate this
development approach, and what are the possible limitations?
• Modern software companies aim for continuous delivery and quick iterations —
made possible through DevOps and CI/CD.
• Cloud services offer integrations with GitHub Actions, Jenkins, AWS CodePipeline,
and serverless platforms like AWS Lambda.
• Serverless architecture removes the need to manage servers and supports
microservices, reducing overhead.
• Challenges include debugging, cold-start latency, and the risk of vendor lock-in if
proprietary services are used.
• Still, the benefits in speed, scalability, and automation outweigh the risks in most
agile development environments.

Module 2: