Section 8 - Virtualization

Question 1

This can help you emulate your physical hardware in order for you to run an operating system in a protected and sandboxed environment.

Answer 1

Virtualization

This is the creation of a virtual resource.

Question 2

The most common use of virtualization these days is the use of a…?

Answer 2

Virtual machine

Question 3

What is a “virtual machine”?

Answer 3

A container that contains an emulated computer that can run a entire operating system inside of it.

This includes emulation of all the hardware that’s required to run the system.

Question 4

There are two main types of virtual machines:

Answer 4

1. System Virtual Machines
2. Processor Virtual Machines

Question 5

What is a “system virtual machine”?

Answer 5

A complete platform that’s designed to take the place of an entire computer.

This means that you can run the entire operating system virtually.

Question 6

What is a “processor virtual machine”?

Answer 6

This is designed to run a single virtual application

Often times this is used to run something like a web browser or possible even a simple web server

Question 7

Virtualization helps to reduce what?

Answer 7

1. need for additional power
2. Space
3. Cooling in our server rooms and data centers

Question 8

When using virtualization, each emulated server runs its own operating system inside of a virtual machine but the virtual machines are run on top of what’s known as…?

Answer 8

Hypervisors

*** These may adjust the distribution of the physical resources of the server to the virtual machines. This includes the processor, the memory, and the hard disk space.

Question 9

What are the two types of hypervisors?

Answer 9

1. Hypervisor Type 1 ( bare metal or native)
2. Hypervisor Type 2

Question 10

How does a Hypervisor Type 1 work?

Answer 10

It runs directly on the host hardware and functions as a type of the OS.

Question 11

What are some examples of Type 1 Hypervisors?

Answer 11

Microsoft’s Hyper-V
Citrix’s XenServer
VMWare’s EXSi
vSphere

Question 12

How does a Hypervisor type 2 work?

Answer 12

This runs from within a normal operating system, something like WIndows, Mac or Linux.

Question 13

What is an example of a Hypervisor Type 2?

Answer 13

VirtualBox - This gives you the power to be using a Mac OS x desktop but run Windows inside of it

VMware

Question 14

What is the difference between a Type 1 and Type 2 Hypervisor?

Answer 14

Type 1 is faster and more efficient because it doesn’t have to waste any of the physical computer’s resources by running a full desktop operating system like Windows or Mac first.

Question 15

There is a newer third type of virtualization that is called…?

Answer 15

Application Container Based Virtualization

With this, The OS kernel is shared across multiple virtual machines

This allows an organization to deploy and run distributed applications without launching a resource-heavy, full virtual machine with an full operating system making it much more efficient than Type 1 or Type 2 hypervisors.

*** Often called, “Application Containerization”

Question 16

Container Virtualization is often used on Linux servers and some examples of these are…?

Answer 16

Docker

Parallels Virtuozzo

OpenVZ project

Question 17

What are the names of some exploits that can be used against virtualization?

Answer 17

VM Escape

Data Remnants

Privilege Elevation

Live VM Migration

Question 18

What is VM Escape?

Answer 18

Virtual Machine Escape

This occurs when an attacker is able to break out of one of these normally isolated virtual machines and they can begin to interact directly with the underlying hypervisor.

*** With this, an attacker could migrate themselves out and into another VM being hosted on the same physical server. However, these are very difficult to pull off because they require exploiting the physical resources that are shared between the VMs.

Question 19

What is elasticity in IT?

Answer 19

The ability for something to be able to rapidly scale up or down

Question 20

When a server is scaled up, a new virtual instance is created on a physical server. This instance takes up hard drive space for all those files that represent the virtual hard disk. When this is no longer needed because the load decreases, the VM can be de-provisioned which means it’s shut down and the files are deleted. When this occurs, the confidential files from that VM are left on the physical server. This is known as…?

Answer 20

Data Remnants

*** This could therefore breach confidentiality of your data. For this reason, cloud infrastructures that rely upon virtualization can introduce data remnant vulnerabilities because the physical servers are not controlled by your organization.

Question 21

This occurs when a user is able to grant themselves the ability to run functions as a higher-level user, such as the root or the admin.

Answer 21

Privilege Elevation

Question 22

When a virtual machine needs to move from one physical host to another, this is called…?

Answer 22

Live Migration

*** This is a vulnerability because an attacker can gain a foothold in your network and then place themselves between two physical machines implementing a form of man-in-the-middle attack where they can capture the data being sent between two physical servers.

Question 23

When virtual machines are created, used and deployed without proper oversight governance or management by the system admins.

Answer 23

Virtualization Sprawl