Section 8: Virtualization Flashcards
Virtualization
Creation of a virtual resource
Virtual Machine
a container for an emulated computer that runs an entire operating system
System Virtual Machine
Entire OS being run virtually
Processer Virtual Machine
An application being run virtually
Hypervisor
Manages the distro of physcial resources of a host machine (server) to the virtual machines being run (guests)
Type 1 Hypervisor
Bare metal or native; runs directly on the hardware (ESXi, hyper v, etc.) (more efficient than type 2)
Type 2 Hypervisor
Runs on the OS (Virtualbox, etc.)
Third type of Hypervisor that’s becoming popular
Application Containerization - A single operating system kernel is shared across multiple virtual machines but each virtual machine received its own user space for programs and data (Docker)
VM Escape
An attack that allows an attacker to break out of a normally isolated VM by interacting with the hypervisor
Data Remnants
Contents of a virtual machine that exist as deleted files on a cloud based server after deprovisioning
Privilege Elevation
Occurs when a user is able to grant themselves the ability to run functions as higher level user
How do you secure a VM?
keep it up to date
have antivirus on it
limit connectivity between the virtual machine and the host
remove any unnecessary pieces of virtual hardware from the virtual machine
using proper patch management is important to keeping your guest’s operating system secure
enable file encryption of the vm
Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?
VM Escape