Flashcards in Domain 3: Security Engineering; Virtualization and Distributed Computing Deck (24):
What is virtualization?
Virtualization adds a software layer between the operating system and the underlying computer hardware. This allows multiple guest operating systems to run on a physical host computer. Popular products include VMware, QEMU, Xen.
What is transparent virtualization?
Transparent virtualization runs stock operating systems, such as Windows 10 or Ubuntu Linux 15.04, as virtual guests. No changes to the guest OS are required.
What is paravirtualization?
Paravirtualization runs specially modified operating systems, with modified kernel system calls. Paravirtualization can be more efficient, but requires changing the guest OS which may not be possible for closed OSes such as the Microsoft Windows family.
The key to virtualization security is the hypervisor, which does what?
Controls access between the virtual guests and the host hardware.
What is the difference between a Type 1 and Type 2 hypervisor?
A Type 1 hypervisor (also called bare metal) is part of an operating system that runs directly on host hardware. A Type 2 hypervisor runs as an application on a normal operating system, such as Windows 10. VMware ESX is a Type 1 hypervisor, and VMware Workstation is Type 2.
What is VMEscape?
Where an attacker exploits the host OS or guest from another guest.
What is cloud computing?
Public cloud computing outsources IT infrastructure, storage, or applications to a 3rd party provider. A cloud also implies geographic diversity of computer resources. The goal of cloud computing is to allow large providers to leverage their economies of scale to provide computing resources to other companies that typically pay for these services based on their usage.
What are the three commonly available levels of service provided by cloud providers?
Infrastructure as a Service
Platform as a Service
Software as a Service
What is a private cloud?
Private clouds house data for a single organization, and may be operated by a 3rd party, or by the organization itself.
What is a government cloud?
Government clouds are designed to keep data and resources geographically contained within the borders of one crountry, designed for the government of the respective country.
What are the benefits of cloud computing?
Reduced upfront capital expenditure, reduced maintenance costs, robust levels of service, and overall operational cost-savings.
What are the concerns of cloud computing?
One concern is the compromise of one cloud customer could lead to the compromise of other customers.
What is the risk of using a pre-configured image?
Any vulnerability associated with the pre-configured image can introduce risk to every organization that uses the image.
What are some rights an organization should negotiate before signing a contract with a cloud computing provider?
The right to audit, the right to conduct a vulnerability assessment, and the right to conduct a penetration test (both electronic and physical) of data and systems placed in the cloud.
When data needs to comply with US-based laws, should a public cloud be used?
Data in public clouds could be moved to another country. US-based laws such as HIPAA or GLBA have no effect outside the US. Private or Government clouds should be used in these cases.
What is Grid Computing?
Unlike using large clusters of similar systems or a single supercomputer, grid computing makes use of spare CPU cycles of a network of dissimilar devices.
What is Large-Scale Parallel Data Systems?
The primary purpose is to allow for increased performance through economies of scale. Often parallel systems will leverage some degree of shared memory which, if not managed appropriately, can expose potential race conditions that introduce integrity challenges.
What is Peer to Peer network?
In a P2P network, any computer can act as the server or client. P2P networks were designed to be neutral with regards to intellectual property rights. P2P networks are frequently used to download commercial music and movies, often in violation to the owner's intellectual property rights. Decentralized P2P networks are resilient since there are no central servers that can be taken offline. Integrity is a key concern. With no central repository of data, what assurance do users have of receiving legitimate data? Cryptographic hashes are a critical control, and should be used to verify the integrity of data downloaded from a P2P network.
What is a Thin Client?
Thin clients are simpler than normal computer systems with harddrives, full operating systems, and locally installed applications. They rely on central servers, which server applications and store the associated data.
What is a diskless workstation?
A diskless workstation contains memory, cpu, and firmware, but no harddrive. The kernel and operating system are typicall loaded via the network.
What is the boot order of a diskless workstation?
BIOS>POST>TCP/IP>BOOTP or DHCP.
What are thin client applications?
Thin client applications normally run on a system with a full operating system, but use a Web browser as a universal client. Network traffic typicall uses HTTP (TCP port 80) and HTTPS (TCP port 443).
What are The Internet of Things (IoT)?
The Internet of Things refers to small internet connected devices such as baby monitors, thermostats, light bulbs, cash registers, appliances, smart meters, cars, etc. Many of these devices are directly accessible via the internet.