Cloud and Virtualization Flashcards
How does a hypervisor enable multiple guest operating systems to run concurrently on a host computer?
Via a specialized driver package
By abstracting the hardware from the guest operating systems
By providing specific virtual hardware to each guest OS
By abstracting the hardware from the guest operating systems
The hypervisor abstracts the hardware from the guest operating system to enable multiple guest operating systems to run concurrently on a host computer
Your supervisor asks you to analyze virtualization options for an upcoming project to move several critical servers onto virtual machines. He asks you to find a solution that maximizes the number of guest OSs per server and optimizes speed and efficiency. What solution should you recommend?
A Type I hypervisor, such as VMware Sphere/ESXi or Hyper-V
A Type II hypervisor, such as VirtualBox or VMware Player
Both A and B
A Type I hypervisor, such as VMware Sphere/ESXi or Hyper-V
Speed and efficiency are maximized by a Type I hypervisor
Your new application has multiple small processes that provide services to the network. You want to make this application run more efficiently by virtualizing it. What is the best approach for virtualization of this application?
Type II hypervisor
Linux KVM
Containerization
Containerization
Containerization runs small applications on a host OS with virtually no overhead
Why is VM sprawl an issue?
VM sprawl uses too many resources on parallel functions.
The more virtual machines in use, the harder it is to migrate a VM to a live server.
When servers are no longer physical, it can be difficult to locate a specific machine.
When servers are no longer physical, it can be difficult to locate a specific machine.
VM sprawl is an issue because when virtual machines proliferate, they can be easily moved and potentially easily copied to random locations. This can make finding a specific machine difficult without a specific organizational structure
When doing incident response for your company, you are reviewing the forensics of several virtual servers and you see the attacker on the web server injecting code into uninitialized memory blocks. What attack is the attacker likely attempting?
Denial-of-service attack on the hypervisor
VM escape
Containerization attack
VM escape
Although all hypervisors actively try to prevent it, any flaw in memory handling could allow code that is maliciously placed in a block to be read by the hypervisor or another machine. This is known as VM escape. The scenario states virtual server, eliminating C and D, and operational code blocks in uninitialized memory would not cause DOS
Your manager was just in a meeting about the security risks of storing data in the cloud and now is frantically requesting that you immediately shut off all access to cloud storage providers such as Dropbox, Box, OneDrive, and others, services that your company relies on for daily operations. What solution should you recommend to allow these services to be continued while protecting the corporate data in the cloud?
Type II hypervisor
Containerization
Encryption
Encryption
Data encryption can protect corporate data that is stored in cloud storage provider locations
You are planning to move some applications to the cloud, including your organization’s accounting application, which is highly customized and does not scale well. Which cloud deployment model is best for this application?
SaaS
PaaS
IaaS
IaaS
Infrastructure as a Service is appropriate for highly customized, poorly scaling solutions that require specific resources to run
You need to move to the cloud a specific customer service module that has a web front end. This application is highly scalable and can be provided on demand. Which cloud deployment model is best for this application?
SaaS
PaaS
IaaS
SaaS
Software as a Service is suitable for delivering highly scalable, on-demand applications without installing endpoint software
One of the primary resources in use at your organization is a standard database that many applications tie into. Which cloud deployment model is best for this kind of application?
SaaS
PaaS
IaaS
PaaS
Platform as a Service is suitable for standard resources in use by many other applications
Which cloud deployment model has the fewest security controls?
Private
Public
Hybrid
Public
The shared environment of a public cloud has the least amount of security controls
Which cloud deployment model is shared by several organizations with a specific purpose?
Public
Hybrid
Community
Community
Community clouds are shared resources for a specific purpose
What is the primary downside of a private cloud model?
Restrictive access rules
Cost
Scalability
Cost
A private cloud model is considerably more expensive as it is a dedicated resource, negating some of the advantages of outsourcing the infrastructure in the first place
The desktop support team wants to virtualize the desktop environment on a central server. What is the advantage for adopting VDI?
Users can move to different machines and their applications will follow them.
A wide array of devices, even low-powered ones, can be used to access a user’s desktop.
No data would be compromised if the hardware was lost.
All of the above.
All of the above.
All of the above. Adopting VDI can provide multiple advantages, including: the session can follow the user, the desktop can be accessed from a variety of devices, and if a device is lost, it contains no corporate data
The CIO asks you to provide guidance on implementing security now that many of the corporate applications are moving to the cloud. Which of the following should you recommend implementing?
Encryption
CASBs
SaaS
CASBs
Cloud access security brokers (CASBs) are specialized tools or services used to protect cloud infrastructure and data
What is the greatest advantage of outsourcing an organization’s IT security to a Security as a Service provider?
A lost or damaged encryption key can be recovered by the provider.
Security can be provided seamlessly in all geographic locations.
The provider can offer scale, cost, and speed efficiencies.
The provider can offer scale, cost, and speed efficiencies.
The greatest advantage to outsourcing cloud security to a Security as a Service provider is that the provider can offer scale, cost, and speed efficiencies
