Virtualization Flashcards

1
Q

Virtualization

A

Definition: Virtualization allows a physical machine to run multiple virtual machines (VMs) using a hypervisor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Hypervisor

A

Definition Allocates hardware resources (CPU, memory, storage) to VMs.

Types of Hypervisors:
Type 1 (Bare Metal): Runs directly on hardware for better performance (e.g., Hyper-V, ESXi).
Type 2 (Hosted): Runs on top of a host OS; easier to exploit if the host OS is compromised (e.g., VirtualBox, VMware Workstation).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

VM Disk Formats

A
  • OVF: Encapsulates VM settings for easy import/export.
  • VMDK: Stores the VM’s virtual hard drive data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Virtualization Extensions

A
  • INtel: Intel VT-X
  • AMD: AMD-V
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SLAT (Second Level Address Translations)

A

Definition: Improves virtual memory performance.
- Intel: Extended Page Table (EPT)
- AMD: Rapid Virtualization Indexing (RVI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Processor Type that support virtualization

A

x86 (32-bit): Limited to 4 GB RAM.
x64 (64-bit): Supports up to 16 exabytes of RAM.
ARM: Reduced instruction set, used in Macs (M1/M2 processors).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Virtualization resource reuirement: memory

A

Sufficient RAM is crucial; both host and guest OS share physical memory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Virtualization resource reuirement: storage

A

VMs require significant disk space:
Windows: 20–50 GB
Linux: 4–8 GB
macOS: 20–40 G

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Virtualization resource reuirement: Networking

A
  • VMs share NIC bandwidth.
  • Use gigabit/10-gigabit NICs or NIC teaming for better performance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

VM Attacks

A

VM Escape: Attacker accesses the hypervisor or host OS.
VM Hopping: Attacker moves between isolated VMs.
Sandbox Escape: Circumvents sandbox protections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Mitigating VM Attacks

A
  • Keep hypervisors, guest OSs, and host OSs patched.
  • Disable unnecessary shared folders.
  • Encrypt VM disks.
  • Use strong endpoint protection and follow security best practices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Additional Virtualization Security Concerns: Disk Encryption

A

Encrypt VDI files with AES-256 or AES-128.
Protects VM data from unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Additional Virtualization Security Concerns: Live Migration

A

Secure migration of VMs between hosts; use encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Additional Virtualization Security Concerns: Data Remnants

A

Residual data left on deprovisioned VMs can be exploited.
Encrypt storage and destroy encryption keys when decommissioning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Additional Virtualization Security Concerns: VM Sprawl

A

Unmanaged proliferation of VMs can create vulnerabilities.
Enforce deployment policies and track VMs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Vitualization Use Cases and Benefits

A

Testing and Training:
- Use prebuilt VMs (e.g., Microsoft Edge VMs for Windows 10).
- Snapshots allow for easy restoration of VM states.

Sandboxing: Isolates processes to analyze malware or test software.

Cross-Platform Virtualization: Run different OS environments (e.g., Windows on Mac).

Application Virtualization: Encapsulates applications to run independently of the host OS.

17
Q

Teaming:

Virtualization

A

Combining multiple NICs for higher network throughput.

18
Q

Virtualization best practices

A

VirtualBox is a practical, free tool for setting up secure virtual environments.
Always encrypt VM disks and avoid shared folders for security.
Monitor resource requirements (CPU, RAM, storage, networking) to ensure performance.
Be aware of attack methods (e.g., VM Escape) and mitigation strategies.

19
Q

Configuring a VM

A
20
Q

OVF (Open Virtualization Format):

A
  • A container format for distributing VMs.
  • Simplifies VM import/export
  • Encapsulates VM configuration and metadata.
21
Q

VMDK (Virtual Machine Disk)

A

A virtual disk file storing a VM’s hard drive data.

22
Q

Host OS

A

The physical machine’s operating system that runs VirtualBox.

23
Q

Guest OS

A

The operating system installed inside the VM.