4.2 Security Requirements Flashcards
What is a VM escape?
An attack where an attacker breaks out of a virtual machine to access the underlying hypervisor.
Which type of hypervisor is more vulnerable to VM escapes?
Type 2 hypervisors, as they rely on a host operating system.
How can VM escapes be prevented?
Regularly update and patch guest OS, host OS, and hypervisor.
What is VM hopping?
An attack where an attacker moves between virtual machines on the same host by exploiting hypervisor vulnerabilities.
How can VM hopping be mitigated?
Securely configure hypervisors, patch vulnerabilities, and enforce isolation between VMs.
What is a sandbox escape?
An attack where an attacker bypasses sandbox protections to access the host OS or privileged processes.
How can sandbox escapes be prevented?
Keep software updated, use endpoint protection, and limit browser extensions.
What are live migration risks in virtualization?
Virtual machines migrated over a network without encryption can be intercepted by attackers.
How can live migration risks be mitigated?
Encrypt virtual machine images and restrict migrations to trusted networks.
What are data remnants in virtualization?
Residual data left in storage after a virtual machine is deprovisioned.
How can data remnants be addressed?
Encrypt VM storage and destroy encryption keys when deprovisioning VMs.
What is VM sprawl?
The uncontrolled deployment of virtual machines, leading to unmanaged and vulnerable systems.
How can VM sprawl be prevented?
Implement change control processes, monitor for unauthorized VMs, and enforce patch management.
What is the primary risk associated with sandbox escapes?
Attackers may gain access to the host OS or privileged processes from within a sandbox.
Why is live migration encryption critical?
It prevents attackers from intercepting and tampering with virtual machine data during migration.
