Section 9 OBJ 4.2: Virtualization Flashcards
Virtualization
Host computer installed with a hypervisor that can be used to install and manage multiple guest operating systems or virtual machines
the creation of a virtual version of a computer by simulating the hardware functionality of a computer within a virtual environment
Hypervisor
Used to manage the distribution of resources to a virtual machine
Type I Hypervisor (Bare Metal)
Hardware -> Hypervisor -> Guest OSes
Runs directly on the host hardware and functions as the operating system
Faster and more efficient than Type II
ex: Hyper-V
Type II Hypervisor (Hosted)
Hardware -> Host OS -> Hypervisor -> Guest OSes
Runs within the normal operating system
ex: VMware, VirtualBox
Server-based application virtualization (Terminal Services)
Server-based solution that runs the application on servers in a centralized location
Users access the application through remote client protocols
Client-based application virtualization (Application Streaming)
Client-based solution that allows an application to be packaged up and streamed directly to a user’s PC
Containerization
Type of virtualization applied by a host operating system to create an isolated execution environment for an application
Containers uses a lot less storage space and processing power by sharing the same operating system and files
ex: Docker, Parallels Virtuoso
Hyperconverged Infrastructure
Allows for the full integration of the storage, network, and servers without hardware changes
Application Virtualization
Encapsulates computer programs from the underlying OS on which they are executed
Virtual Desktop Infrastructure (VDI)
Hosts desktop OSes within a virtualized environment hosted by a centralized server or server farm
Sandbox
an isolated environment for analyzing pieces of malware
Cross-Platform Virtualization
Allows for the testing and running of software applications for different operating systems
Emulation
system imitation
different from virtualization because virtualization creates a new “physical” machine
Second Level Address Translation (SLAT)
Improves the performance of virtual memory when running multiple virtual machines on a single physical host
Intel: Extended Page Table (EPT)
AMD: Rapid Virtualization Indexing (RVI)
VM Escape
threat actor attempts to get out of an isolated VM and send commands to the underlying hypervisor
Easier to perform on a Type II hypervisor than a Type I Hypervisor
VM to Hypervisor
VM Hopping
Threat actor attempts to move from one VM to another on the same host
VM to VM
Sandbox Escape
Occurs when an attacker circumvents sandbox protections to gain privileged access to the protected OS or other processes
Live migration
Migrates the VM from one host to another.
Occurs on a trusted network or utilizes encryption
Data remnants
leftover pieces of data that may exist in the hard drive which are no longer needed
VM Sprawl
uncontrolled deployment of virtual machines
