4.2 Client-side Virtualization Flashcards
Summarize aspects if client-side virtualization
A cyber architect is reviewing the organization’s policy on virtualization security requirements. What would the architect discuss within these security requirements? (Select all that apply.)
-CPU and virtualization extensions
-Host Security
-Guest OS security
-Hypervisor security
Host security, Guest OS security, & Hypervisor security
*Each guest OS must be patched and protected against malware like any other OS. Patching each virtual machine (VM) individually has performance implications, so in most environments, a new template image would be patched and tested then deployed to the production environment.
*Another key security vulnerability in a virtual platform is that the host represents a single point of failure for multiple guest OS instances.
*Apart from ensuring the security of each guest OS and the host machine itself, they must also monitor the hypervisor for security vulnerabilities and exploits.
~Most virtualization software requires a central processing unit (CPU) with virtualization support enabled. Even if there is no formal requirement, the VMs will be impaired if hardware-assisted virtualization is unavailable.
A cyber consultant is evaluating the various security requirements associated with virtualization. What is NOT considered a security requirement?
-Guest OS
-Legacy software/OS
-Hypervisor
-Host
Legacy Software/OS
*If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). Legacy software is neither a resource nor a security requirement.
~A security vulnerability in a virtual platform is that the host represents a single point of failure for multiple guest OS instances.
~Each guest OS must be patched and protected against malware. Patching each VM individually has performance implications so that a new template image would be patched and tested then deployed to the production environment.
~Apart from ensuring the security of each guest OS and the host machine itself, they must also monitor the hypervisor for security vulnerabilities and exploits.
A cyber architect reviews the differences between resource and security requirements associated with virtualization. What should the architect consider regarding resource requirements? (Select all that apply.)
-The ability to create a virtual network environment
-The amount of memory required by the host/hypervisor
-The ability to monitor exploits and vulnerabilities
-The amount of available disk space
The ability to create a virtual network, Amount of memory required by the host/hypervisor, & The amount of available disk space
*Each guest operating system (OS) requires sufficient system memory over and above what the host OS/hypervisor requires.
*Each guest OS also takes up a substantial amount of disk space. The virtual machine’s (VM’s) “hard disk” is stored as an image file on the host.
*A hypervisor will create a virtual network environment through which all the VMs can communicate and a network shared by the host and by VMs on the same host and other hosts.
~The ability to monitor exploits and vulnerabilities does not fall under resource requirements. Monitoring is an important security consideration, though.
An application developer has requested a virtual environment workstation that tests pre-production applications and provides malware analyses with different operating systems and resource constraints. What type of virtualization environment should the application developer expect?
-Application virtualization
-Container virtualization
-Client-side virtualization
-Server-side virtualization
Client-side virtualization
*Client-side virtualization runs on regular desktops and workstations. The virtual desktop platforms provide a means to test and develop applications under different operating systems and increase security testing via Sandbox support.
~Application virtualization means that the client application, such as MS Word or Excel, is hosted on a server or other virtualized location, making it easier to keep the application up to date and secure.
~Container virtualization removes the need for a hypervisor and instead enforces resource separation at the OS level, isolating containers for each user instance.
~The server may have a resource utilization of about 10% with a typical network server. Server-side virtualization allows for better hardware utilization through server consolidation.
A software technician identifies potential risks with installing a new operating system across the enterprise. What should the technician consider regarding legacy software applications?
-It may not work well with the new OS
-It tests software applications under various constraints
-It creates an isolated testing environment
-It uses a desktop VM and guest hypervisor
It may not work well with new OS
*If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). As a result, the working environment could be degraded or cease to operate until it could acquire a suitable application.
~Testing and development typically use a virtual desktop platform with a guest OS hypervisor.
~Cross-platform virtualization tests software applications under different OSs and resource constraints.
~A sandbox is an isolated environment to analyze viruses, worms, and Trojans. The malware is within the guest OS, so it cannot infect the researcher’s computer or network.
A cyber technician needs to expand organizational capabilities and explore virtualization’s use and testing. What tests software applications under different OSs and resource constraints?
-Cross-platform virtualization
-Sandbox
-Legacy software/ OS
-Guest OS
Cross-platform virtualization
*Cross-platform virtualization tests software applications under different OSs and resource constraints.
~Each guest OS must be patched and protected against malware. Hosting does not test any system.
~If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). As a result, the working environment could be degraded or cease to operate until it could acquire a suitable application.
~A sandbox is an isolated environment to analyze viruses, worms, and Trojans. The malware is within the guest operating system (OS), so it cannot infect the researcher’s computer or network.
A technician is reviewing the various aspects of virtualization. What type of virtualization enables programmers to ensure that the application continuously updates with the latest code?
-Cross-platform virtualization
-Application virtualization
-Sandbox
-Legacy software/ OS
Application Virtualization
*Application virtualization enables programmers and application administrators to ensure that the application used by clients is always updated with the latest code.
~A sandbox is an isolated environment to analyze viruses, worms, and Trojans. The malware is within the guest OS, so it cannot infect the researcher’s computer or network.
~Cross-platform virtualization tests software applications under different OSs and resource constraints.
~If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). As a result, the working environment could be degraded or cease to operate until it could acquire a suitable application.
A cyber technician wants to test and analyze a virus. What can the technician use to create an isolated environment while protecting the technician’s computer and the company network?
-Legacy software/ OS
-Cross-platfrom virtualization
-Test development
-Sandbox
Sandbox
*A sandbox is an isolated environment to analyze viruses, worms, and Trojans. The malware is within the guest operating system (OS), so it cannot infect the technician’s computer or network.
~If the host computers are upgraded versions, legacy software applications may not work well with the new OS. As a result, the working environment could be degraded or cease to operate until it could acquire a suitable application.
~Testing and development do not specify that it is an isolated environment. As a side note, it typically uses a virtual desktop platform with a guest OS hypervisor.
~Cross-platform virtualization tests software applications under different OSs and resource constraints.
A cyber architect reviews the differences between resource and security requirements associated with virtualization. What should the architect consider regarding resource requirements? (Select all that apply.)
-The ability to create a virtual network environment.
-The amount of available disk space.
-The amount of memory required by the host/hypervisor.
-The ability to monitor exploits and vulnerabilities
The ability to create a virtual network environment, The amount of available disk space, & The amount of memory required by the host/hypervisor.
*Each guest operating system (OS) requires sufficient system memory over and above what the host OS/hypervisor requires.
*Each guest OS also takes up a substantial amount of disk space. The virtual machine’s (VM’s) “hard disk” is stored as an image file on the host.
*A hypervisor will create a virtual network environment through which all the VMs can communicate and a network shared by the host and by VMs on the same host and other hosts.
~The ability to monitor exploits and vulnerabilities does not fall under resource requirements. Monitoring is an important security consideration, though.
A technician is evaluating the security requirements associated with virtualization. What tenets apply to security requirement considerations? (Select all that apply.)
-Each guest OS requires sufficient system memory that is required by the host OS/hypervisor.
-Each guest OS must be patched and protected against malware like any other OS.
-The hypervisor must also be monitored for security vulnerabilities and exploits.
-The host must be protected from natural (loss of power) and technological (virus) influences.
Each guest OS must be patched and protected against malware like any other OS, The hypervisor must also be monitored for security vulnerabilities and exploits, & The host must be protected from natural (loss of power) and technological (virus) influences.
*Each guest operating system (OS) must be patched and protected against malware like any other OS. Patching each virtual machine (VM) individually has performance implications, so in most environments, a new template image would be patched and tested then deployed to the production environment.
*Another key security vulnerability in a virtual platform is that the host represents a single point of failure for multiple guest OS instances. Influences can be natural or technological.
*Apart from ensuring the security of each guest OS and the host machine itself, they must also monitor the hypervisor for security vulnerabilities and exploits.
~Resource allocation is not a security function, although security may monitor resource utilization as a monitoring mechanism.
An organization with limited resources would like to upgrade its small network to increase its security. However, the organization requires a few legacy applications running on two older, none-supported operating systems. With only one desktop to spare, what solution would meet the organization’s needs?
-Server-side virtualization
-Application virtualization
-Cloud scalability
-Client-side virtualization
Client-side Virtualization
*Client-side virtualization, typically based on a guest operating system hypervisor, is designed to run on regular desktops and workstations while supporting legacy software and operating systems.
~Application virtualization means that the client application, such as MS Word or Excel, is hosted on a server or other virtualized location, making it easier to keep the application up to date and secure.
~The server may have a resource utilization of about 10% with a typical network server. Server-side virtualization allows for better hardware utilization through server consolidation.
~Scalability is the cost of supplying the cloud services based on the number of users receiving the service. The benefit for an organization is it can scale up or down services based on the need.
Some software applications may not work with the new operating system (OS) when host computers require an upgrade. In manufacturing environments, no longer supported applications are often needed to maintain production. However, due to security requirements, upgrades are necessary. What virtualization benefit offers a workaround?
-Expansion for resources as needed
-Ability to discard testing production environment
-Support for legacy software and OSs
-Isolated area to analyze malware
Support for legacy software and OSs
*Virtualization supports legacy software and OSs. When host computers receive an upgrade, some software applications may not work with the new operating systems (OS). Virtualization offers an environment to run older software and OSs while increasing security.
~With cloud computing, organizations can virtually expand resources as needed. A paid cloud service provider offers services that can rapidly expand with virtualization.
~A sandbox, typically used for testing and development, provides an isolated environment to analyze malware while protecting the network from the adverse effects of an infection.
~Cross-platform virtualization offers a lab and training environment that can discard lab testing without affecting the production environment.
A cyber technician will need to analyze an email attachment forwarded from a network user. What should the technician use to have an isolated environment to inspect and research the attachment without allowing a potential virus or worm to infect the network?
-Event Viewer
-Sandbox
-Network tap
-Services Console
Sandbox
*The technician would use a sandbox, typically used for testing and development. It would provide an isolated environment to analyze viruses or worms while protecting the network from the adverse effects of an infection.
~Technicians can use network taps to intercept signals passing over a cable and send or save them to a packet or protocol analyzer for later inspection.
~The services console tool enables control over essential and nonessential Windows processes by offering start, stop, pause, manual, and disable options for Windows services, improving performance and security.
~The computer management snap-in houses the event viewer (eventvwr.msc) that enables the administrator to review the system, security, and application logs.
A cyber team is developing a client-side virtualization environment for third-party contracted employees. What action does the team complete using a VM and guest OS hypervisor to ensure the environment is functioning correctly?
-Legacy software/ OS
-Cross-platform virtualization
-Sandbox
-Testing and development
Testing and Development
*Testing and development typically use a virtual desktop platform with a guest OS hypervisor. This ensures it is working as expected.
~Cross-platform virtualization tests software applications under different OSs and resource constraints.
~A sandbox is an isolated environment to analyze viruses, worms, and Trojans. The malware is within the guest OS, so it cannot infect the researcher’s computer or network.
~If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). As a result, the working environment could be degraded or cease to operate until it could acquire a suitable application.
A cyber consultant is evaluating the various security requirements associated with virtualization. What is NOT considered a security requirement?
-Legacy software/ OS
-Hypervisor
-Guest OS
-Host
Legacy software/ OS
*If the host computers are upgraded versions, legacy software applications may not work well with the new operating system (OS). Legacy software is neither a resource nor a security requirement.
~A security vulnerability in a virtual platform is that the host represents a single point of failure for multiple guest OS instances.
~Each guest OS must be patched and protected against malware. Patching each VM individually has performance implications so that a new template image would be patched and tested then deployed to the production environment.
~Apart from ensuring the security of each guest OS and the host machine itself, they must also monitor the hypervisor for security vulnerabilities and exploits.
An engineer is deploying a client-side virtualization workstation. What resource requirements should the engineer consider? (Select all that apply.)
-Networking
-Guest OS security
-Host security
-CPU and virtualization extension
Networking & CPU and virtualization extensions
*Most virtualization software requires a central processing unit (CPU) with virtualization support enabled. Even if there is no formal requirement, the VMs will be impaired if hardware-assisted virtualization is unavailable.
- hypervisor will create a virtual network environment through which all the virtual machines (VMs) can communicate and has a network shared by the host and by VMs on the same host and other hosts.
~Host security is not a resource requirement. However, a key security vulnerability to consider in a virtual platform is that the host represents a single point of failure for multiple guest OS instances.
~Each guest operating system (OS) must be patched and protected against malware like any other OS. This is also not a resource requirement, though.
