3.7 Summarize cloud and virtualization concepts.

Question 1

Hypervisor

Answer 1

Virtualization of systems is provided by the hypervisor. The hypervisor is also known as the virtual machine monitor (VMM) and is the software component that allows you to create and run virtual machines on the system. When you install the hypervisor on a system, that system is then known as the host system, while each virtual machine is known as a guest system.

Question 2

Hypervisor - Type I

Answer 2

This hypervisor type is software that runs directly on top of the hardware, which then has the host operating system running as a parent virtual machine. This allows the hypervisor to control access to the hardware from the host and the guest systems. Microsoft’s Hyper-V and VMware’s ESXi server are examples of type I hypervisors. These hypervisors are also known as bare metal hypervisors because they run directly on top of the hardware.

Question 3

Hypervisor - Type II

Answer 3

A type II hypervisor involves having the OS installed on top of the hardware, and then installing virtualization software that will create VMs. Examples of type II hypervisors are VMware Workstation and Oracle VM VirtualBox.

Question 4

Hypervisor - Application Cells/Containers

Answer 4

Application containers are a feature that allows you to run an application in an isolated container that has its own resources assigned to it. Containers are just like VMs, but ** they share the OS kernel of the host system ** so they perform better than VMs (but provide the isolation features of a VM). Docker is an example of software that provides application containers and is a feature of Windows 10.

Question 5

VM Sprawl Avoidance

Answer 5

VM sprawl occurs when an organization has a large number of VMs being created without any process in place for building VMs. The problem is that the number of VMs being created outpaces the capability of network administrators to manage all of them. Having VMs pop up all over the place with no central management means no one is able to ensure that all those systems are patched when needed. Remember that a system that is unpatched could create a security hole in your network. Centrally managing VM host systems is a key to solving VM sprawl with management software that is used to deploy VMs.

Question 6

VM Escape Protection

Answer 6

VM escape allows someone to access the host operating system from the guest OS of the VM. Virtualization vendors create patches for any VM escape vulnerabilities that exist within their products, so be sure to keep your virtualization software patched.

Question 7

Cloud Storage (& Cloud Computing)

Answer 7

One of the great benefits of cloud technologies is the use of cloud storage. Users are now able to easily store their data in the cloud and access that data from a number of different devices such as desktop PCs, laptops, tablets, and phones. Cloud storage can be used to store personal files such as pictures or documents, but also to store configuration setting for the device so that if you need to wipe the device, the configuration can be easily restored.

Cloud computing has become the way of the future and has many advantages and disadvantages. In this section you will learn about cloud computing and discover some of those advantages and disadvantages. With cloud computing, you can quickly and easily create application environments with a minimal cost up front. For example, I wanted an e-mail server environment, so I created an Office 365 account. Within minutes I had an e-mail server environment up and running (known as Exchange Online), which allowed me to create some mailboxes and then start sending an e-mail. The best part of this example is that I did not have to purchase server hardware or software, and I didn’t need to plan for high availability. It is all part of what the cloud service offers!

Question 8

Cloud Deployment Models

Answer 8

.

Question 9

Cloud Deployment Models - SaaS

Answer 9

With SaaS, the application is provided across the Internet, which means that you do not need to install the application at your site.

Question 10

Cloud Deployment Models - PaaS

Answer 10

Provides the computing platform as a service, which includes the hardware and software required to run a specific system such as an e-mail server or database server.

Question 11

Cloud Deployment Models - IaaS

Answer 11

Provides computers, data centers, and network equipment as a service that the customer pays a monthly fee for based on the number of resources used.

Question 12

Cloud Deployment Models - Private

Answer 12

A private cloud means that you create cloud services internally for your company and your company leverages
those services. With a private cloud, the data is stored inside the company.

Question 13

Cloud Deployment Models - Public

Answer 13

A public cloud is provided by a service provider, and your data stored in the cloud would be located on that provider’s servers. It is important to stress that many organizations are not allowed to store sensitive data in a public cloud where the servers are hosted out of the country. It should be noted that cloud providers are creating data centers in different countries to address this concern.

Question 14

Cloud Deployment Models - Hybird

Answer 14

A hybrid cloud is a mix of public and private cloud. The company may store nonsensitive data in the public cloud, but keep sensitive data stored in the private cloud.

Question 15

Cloud Deployment Models - Community

Answer 15

This type of cloud pools computing resources to make IT services available to multiple organizations with common needs, such as real-time access to a back-end database.

Question 16

On-premise vs. Hosted vs. Cloud

Answer 16

When looking at deploying network services and applications, you have the choice of installing them on premise, having them hosted by someone else, or using a cloud service. The following outlines each:

On-premise
On-premise (or the grammatically correct on-premises) means you install the application or service on a server within your site. This involves a lot of upfront time and cost, including planning the deployment and purchasing the servers, software, and high-availability solution. You are also responsible for maintaining the servers.

Hosted
With a hosted solution, your organization still purchases the software and licenses and maintains the servers, but you pay a third-party company to provide the servers and infrastructure to host the application on.

Cloud
With a cloud solution, you pay a monthly subscription fee and the software is already installed on servers in the background (that you do not have access to). You can make configuration changes to the software and services to meet your needs, but you do not need to maintain the servers—they are maintained by the cloud provider.

Question 17

VDI/VDE

Answer 17

Virtual desktop infrastructure and virtual desktop environment is a virtualization feature that hosts the desktop environment for a user on a central server, which is then delivered to a thin client. The user interacts with the desktop OS as if it were installed locally.

Question 18

Cloud Access Security Broker

Answer 18

A cloud access security broker (CASB) is a security service that sits between your on-premises environment and your cloud provider’s environment. The CASB allows you to define security policies that apply to network traffic flowing outside your current on-premises environment to the cloud.

More details on this:
https://searchcloudsecurity.techtarget.com/definition/cloud-access-security-brokers-CABs

Question 19

Security as a Service

Answer 19

Becoming more popular today is Security as a Service, where you pay a monthly subscription fee to use the security services of a cloud provider. This could include intrusion detection, anti-malware, authentication, and penetration testing services.

More on this:
https://phoenixnap.com/blog/secaas-security-as-a-service