Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ (SY0-701) > Threat, Vulnerabilities and Mitigations: Virtualization Vulnerabilities > Flashcards

Threat, Vulnerabilities and Mitigations: Virtualization Vulnerabilities Flashcards

1
Q

What’s a VM escape?

A

Attacker executes commands on the host operating system (OS) from inside the VM. An example is https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-MUL-7DySRX9.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What must the attacker must first gain to get control of VM?

A

The attacker must first gain control of the VM and then could access the host through shared networks or resources, such as folders or clipboards, or application programming interfaces (APIs):

Hypervisor

Host OS: zero-day and unpatched exploits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the alternative ways to get control?

A

Can also attack through a VM management console:

Don’t leave default creds.

Use Allow/Deny listing to block connectivity from any host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What’s resource reuse?

A

Isolation is important so attackers can’t gain access to VM resources such as:

Memory
- Access to short term memory RAM - Passwords

I/O: Network interfaces and storage controllers
- Can be sniffed via packets

CPU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ (SY0-701) (122 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions