Section 8 - Virtualization Flashcards
This can help you emulate your physical hardware in order for you to run an operating system in a protected and sandboxed environment.
Virtualization
This is the creation of a virtual resource.
The most common use of virtualization these days is the use of a…?
Virtual machine
What is a “virtual machine”?
A container that contains an emulated computer that can run a entire operating system inside of it.
This includes emulation of all the hardware that’s required to run the system.
There are two main types of virtual machines:
- System Virtual Machines
- Processor Virtual Machines
What is a “system virtual machine”?
A complete platform that’s designed to take the place of an entire computer.
This means that you can run the entire operating system virtually.
What is a “processor virtual machine”?
This is designed to run a single virtual application
Often times this is used to run something like a web browser or possible even a simple web server
Virtualization helps to reduce what?
- need for additional power
- Space
- Cooling in our server rooms and data centers
When using virtualization, each emulated server runs its own operating system inside of a virtual machine but the virtual machines are run on top of what’s known as…?
Hypervisors
*** These may adjust the distribution of the physical resources of the server to the virtual machines. This includes the processor, the memory, and the hard disk space.
What are the two types of hypervisors?
- Hypervisor Type 1 ( bare metal or native)
- Hypervisor Type 2
How does a Hypervisor Type 1 work?
It runs directly on the host hardware and functions as a type of the OS.
What are some examples of Type 1 Hypervisors?
Microsoft’s Hyper-V
Citrix’s XenServer
VMWare’s EXSi
vSphere
How does a Hypervisor type 2 work?
This runs from within a normal operating system, something like WIndows, Mac or Linux.
What is an example of a Hypervisor Type 2?
VirtualBox - This gives you the power to be using a Mac OS x desktop but run Windows inside of it
VMware
What is the difference between a Type 1 and Type 2 Hypervisor?
Type 1 is faster and more efficient because it doesn’t have to waste any of the physical computer’s resources by running a full desktop operating system like Windows or Mac first.
There is a newer third type of virtualization that is called…?
Application Container Based Virtualization
With this, The OS kernel is shared across multiple virtual machines
This allows an organization to deploy and run distributed applications without launching a resource-heavy, full virtual machine with an full operating system making it much more efficient than Type 1 or Type 2 hypervisors.
*** Often called, “Application Containerization”
Container Virtualization is often used on Linux servers and some examples of these are…?
Docker
Parallels Virtuozzo
OpenVZ project
What are the names of some exploits that can be used against virtualization?
VM Escape
Data Remnants
Privilege Elevation
Live VM Migration
What is VM Escape?
Virtual Machine Escape
This occurs when an attacker is able to break out of one of these normally isolated virtual machines and they can begin to interact directly with the underlying hypervisor.
*** With this, an attacker could migrate themselves out and into another VM being hosted on the same physical server. However, these are very difficult to pull off because they require exploiting the physical resources that are shared between the VMs.
What is elasticity in IT?
The ability for something to be able to rapidly scale up or down
When a server is scaled up, a new virtual instance is created on a physical server. This instance takes up hard drive space for all those files that represent the virtual hard disk. When this is no longer needed because the load decreases, the VM can be de-provisioned which means it’s shut down and the files are deleted. When this occurs, the confidential files from that VM are left on the physical server. This is known as…?
Data Remnants
*** This could therefore breach confidentiality of your data. For this reason, cloud infrastructures that rely upon virtualization can introduce data remnant vulnerabilities because the physical servers are not controlled by your organization.
This occurs when a user is able to grant themselves the ability to run functions as a higher-level user, such as the root or the admin.
Privilege Elevation
When a virtual machine needs to move from one physical host to another, this is called…?
Live Migration
*** This is a vulnerability because an attacker can gain a foothold in your network and then place themselves between two physical machines implementing a form of man-in-the-middle attack where they can capture the data being sent between two physical servers.
When virtual machines are created, used and deployed without proper oversight governance or management by the system admins.
Virtualization Sprawl