Section 8 - Virtualisation Concepts

Question 1

What is at the heart of cloud computing

Answer 1

Virtualisation

Question 2

What is virtualisation the heart of

Answer 2

cloud computing

Question 3

What does the keyword “summarise” refer to when answering a question

Answer 3

Understand meaning, consolidate that info and answer the q

Question 4

What is containerization a newer form of

Answer 4

Virtualisation

Question 5

What is the newer form of virtualisation called

Answer 5

containerization

Question 6

Explain virtualisation

Answer 6

Host computer installed with a hypervisor that can be used to install and manage multiple guest operating system or virtual machines

Question 7

Explain Type 1 Hypervisor (bare metal)

Answer 7

Runs directly on the host hardware and functions as the OS (e.g. hyperV)
The hypervisor is the OS

Question 8

Type II Hypervisor

Answer 8

runs within the normal OS

Question 9

When running a VM what must you ensure in regard to OS

Answer 9

That you run the VM’s OS as its own copy

Question 10

What do terminal services refer to

Answer 10

server-based

Question 11

what does application streaming refer to

Answer 11

client-based

Question 12

Explain terminal services

Answer 12

server-based solution that runs the application on servers in a centralized location (e.g. Microsoft’s RDP)

Question 13

Explain application streaming

Answer 13

Client-based solution that allows an application to be packaged and streamed directly to a user’s PC (e.g. Microsoft’s App-V)

Question 14

What is containerization

Answer 14

Type of virtualisation applied by a host OS to provision an isolated execution environment for an application

Question 15

Examples of containerization

Answer 15

docker, parallels virtuozzo, OpenVZ

Question 16

in the case of server failure what is recommended as a backup

Answer 16

setting up virtual serverS in the cloud with proper failover, redundancy, elasticity

Question 17

What can also be done to prevent exploitation in terms of hypervisors

Answer 17

Not hosting all VMs on the same type of hypervisor (Oracle, VMware etc)

Question 18

Why is containerization considered secure

Answer 18

because it provides resource segmentation and separation at the OS level

Question 19

When moving over to virtualization and cloud computing what are some dangers

Answer 19

1) If the physical server crashes, all the orgs hosted on that same server are affected
2) An org’s failure to secure the virtual envs hosted on the shared server poses a security risk for the other orgs

Question 20

To mitigate risk to our server what should be done

Answer 20

1) proper config
2) patched and up-to-date hypervisor
3) tight access control

Question 21

What does a hypervisor do

Answer 21

manages the distribution of the physical resources of a server to the VMs

Question 22

What type of hypervisor does bare metal refer to

Answer 22

Type I

Question 23

What type of hypervisor does Hosted refer to

Answer 23

Type II

Question 24

Adv of container-based virtualisation

Answer 24

Has less resources because it doesn’t require its own copy of the OS for individual containers

Question 25

What does Hyperconverged Infrastructure allow for

Answer 25

Full integration of the storage, network, and servers without hardware changes

Question 26

What does application virtualisation do

Answer 26

Encapsulates computer programs from the underlying OS on which they are executed

Question 27

Explain virtual desktop infrastructure (VDI)

Answer 27

Hosts desktop OSs within a virtualized environment hosted by a centralized server or server farm

Question 28

What's a sandbox

Answer 28

An isolated environment for analysing pieces of malwre

Question 29

What does cross-platform virtualization allow for

Answer 29

testing and running of software applications for different OSs

Question 30

What is Emulation

Answer 30

system imitation

Question 31

what is virtualization (3 words)

Answer 31

New "physical" machine

Question 32

What is Intel's version of virtualisation called?

Answer 32

VT-x

Question 33

What is AMD's version of virtualisation called

Answer 33

AMD-V

Question 34

What does Second Level Address Translation (SLAT) do

Answer 34

Improves the performance of virtual memory when running multiple VMs on a single physical host

Question 35

What is a feature of modern CPUs that enhances the performance of virtual memory and get better performance out of CPU

Answer 35

Second Level Address Translation (SLAT)

Question 36

What is Intel's version of SLAT called

Answer 36

Extended Page Table (EPT)

Question 37

What is AMD's version of SLAT called

Answer 37

Rapid Virtualization Indexing (RVI)

Question 38

x86 refers to

Answer 38

32-bit processor

Question 39

x64 refers to

Answer 39

64-bit processor

Question 40

Define ARM processor

Answer 40

reduced instruction set and computer arch in a computer process (modern macs - M1,M2)

Question 41

Type of processors

Answer 41

x86(32bit), x64(64bit), ARM

Question 42

Disadvantage of ARM

Answer 42

Can't natively host OS that don't use ARM-based processors

Question 43

What is system memory

Answer 43

Amount of physical memory installed on a physical server

Question 44

Typically how much space does a Barebones Windows installation take

Answer 44

20-50 Gigabytes, 40-50 recommended as you're most likely going to install thing

Question 45

Linux installation space

Answer 45

4-8 gigabytes

Question 46

Mac environment space

Answer 46

20-40 Gigabytes

Question 47

What is the use of multiple network cards called

Answer 47

NIC Teaming Configuration

Question 48

What does NIC teaming config allow for

Answer 48

use of multiple cards for higher speeds

Question 49

What are the 4 areas you want to consider when it comes to resource requirement

Answer 49

CPU capabilities, System memory, Storage, Networking

Question 50

What is a VM Escape

Answer 50

Threat attempts to get out of an isolated VM and send commands to the underlying hypervisor

Question 51

Which Type hypervisor is easier to perform a VM Escape on

Answer 51

Type II

Question 52

What is VM Hopping

Answer 52

Threat attempts to move from one VM to another on the same host

Question 53

VM hopping (3 words)

Answer 53

VM to VM

Question 54

VM Escape (6 words)

Answer 54

VM to hypervisor or host OS

Question 55

What can we do to prevent VM Escape/Hopping

Answer 55

Make sure our hypervisor is: 1)up to date 2)patched 3)securely configured

Question 56

What is a sandbox escape

Answer 56

Occurs when an attacker circumvents sandbox protections to gain access to the protected OS or other privileged process

Question 57

How to prevent sandbox escape

Answer 57

make sure: 1)Patched 2)uptodate 3)strong endpoint software protection 4)Limited extensions/addons

Question 58

What are data remnants

Answer 58

leftover pieces of data that may exist in the hard drive that are no longer needed

Question 59

What is a VM sprawl

Answer 59

uncontrolled deployment of virtual machines

Question 60

What concerns must we also attend to with VMs

Answer 60

live migration, data remnants

Question 61

What must we ensure with live migration

Answer 61

Only occurs on a trusted network or utilizes proper encryption

Question 62

What must we need to prevent exploitation of data remnants

Answer 62

Encrypt VM storage location & destroy the encryption key