NIST SP 800-125

Question 1

Virtualization

Answer 1

simulation of the software and/or hardware upon which other software runs

Question 2

simulated environment

Answer 2

called a virtual machine (VM)

Question 3

Forms of virtualization

Answer 3

Examples:
1. Full virtualization (server virtualization and desktop virtualization)

2. Application virtualization, Example Java Virtual Machine (JVM)
3. Operating system virtualization

Question 4

Full Virtualization

Answer 4

One or more OSs and the applications they contain are run on top of virtual hardware

Each instance of an OS and its applications runs in a separate VM called a guest operating system

Guest OSs on a host are managed by the hypervisor, also called the virtual machine monitor (VMM)

Question 5

Full Virtualization

Answer 5

hypervisor provides most of the same hardware interfaces as those provided by the hardware’s physical platform

Question 6

paravirtualization

Answer 6

hypervisor offer interfaces to the guest OS that the guest OS can use instead of the normal hardware interfaces

offer significantly faster access for resources such as hard drives and networks

Question 7

paravirtualization

Answer 7

offer significantly faster access for resources such as hard drives and networks

Question 8

Full virtualization benefits (Pros)

Answer 8

operational efficiency (server virtualization) 
desktop virtualization

Question 9

Full virtualization benefits (Cons)

Answer 9

adds layers of technology, which can increase the security management burden by necessitating additional security controls

easy to share information between the systems. can turn out to be an attack vector if it is not carefully controlled

Question 10

Two forms of full virtualization

Answer 10

bare metal virtualization (native virtualization)

hosted virtualization

Question 11

bare metal virtualization (native virtualization)

Answer 11

the hypervisor runs directly on the underlying hardware, without a host OS; the hypervisor can even be built into the computer’s firmware

Question 12

hosted virtualization

Answer 12

the hypervisor runs on top of the host OS

allow users to run applications such as web browsers and email clients alongside the hosted virtualization application

Question 13

Type of hosted virtualization

Answer 13

Hardware emulation (sometimes called hardware translation)

Question 14

sandboxing

Answer 14

Isolating each guest OS from the others and restricting what resources they can access and what privileges they have is also known as sandboxing.

Question 15

side-channel attacks

Answer 15

exploit the physical properties of hardware to reveal information about usage patterns for memory access, CPU use, and other resources

Question 16

virtualization management system

Answer 16

access to the virtualization management system should be restricted to authorized administrators only

Question 17

security recommendations for the hypervisor

Answer 17

1. Install all updates
2. Restrict administrative access
3. Synchronize to a trusted authoritative time server
4. Disconnect unused physical hardware
5. Disable all hypervisor services such as clipboard- or file-sharing
6. Consider using introspection capabilities
   Carefully monitor the hypervisor itself for signs of compromise

Question 18

SDLC Phases

Answer 18

Phase 1: Initiation
Phase 2: Planning and Design
Phase 3: Implementation
Phase 4: Operations and Maintenance
Phase 5: Disposition