Virtualization Flashcards
Virtualization
Definition: Virtualization allows a physical machine to run multiple virtual machines (VMs) using a hypervisor.
Hypervisor
Definition Allocates hardware resources (CPU, memory, storage) to VMs.
Types of Hypervisors:
Type 1 (Bare Metal): Runs directly on hardware for better performance (e.g., Hyper-V, ESXi).
Type 2 (Hosted): Runs on top of a host OS; easier to exploit if the host OS is compromised (e.g., VirtualBox, VMware Workstation).
VM Disk Formats
- OVF: Encapsulates VM settings for easy import/export.
- VMDK: Stores the VM’s virtual hard drive data.
Virtualization Extensions
- INtel: Intel VT-X
- AMD: AMD-V
SLAT (Second Level Address Translations)
Definition: Improves virtual memory performance.
- Intel: Extended Page Table (EPT)
- AMD: Rapid Virtualization Indexing (RVI)
Processor Type that support virtualization
x86 (32-bit): Limited to 4 GB RAM.
x64 (64-bit): Supports up to 16 exabytes of RAM.
ARM: Reduced instruction set, used in Macs (M1/M2 processors).
Virtualization resource reuirement: memory
Sufficient RAM is crucial; both host and guest OS share physical memory.
Virtualization resource reuirement: storage
VMs require significant disk space:
Windows: 20–50 GB
Linux: 4–8 GB
macOS: 20–40 G
Virtualization resource reuirement: Networking
- VMs share NIC bandwidth.
- Use gigabit/10-gigabit NICs or NIC teaming for better performance.
VM Attacks
VM Escape: Attacker accesses the hypervisor or host OS.
VM Hopping: Attacker moves between isolated VMs.
Sandbox Escape: Circumvents sandbox protections.
Mitigating VM Attacks
- Keep hypervisors, guest OSs, and host OSs patched.
- Disable unnecessary shared folders.
- Encrypt VM disks.
- Use strong endpoint protection and follow security best practices
Additional Virtualization Security Concerns: Disk Encryption
Encrypt VDI files with AES-256 or AES-128.
Protects VM data from unauthorized access.
Additional Virtualization Security Concerns: Live Migration
Secure migration of VMs between hosts; use encryption.
Additional Virtualization Security Concerns: Data Remnants
Residual data left on deprovisioned VMs can be exploited.
Encrypt storage and destroy encryption keys when decommissioning.
Additional Virtualization Security Concerns: VM Sprawl
Unmanaged proliferation of VMs can create vulnerabilities.
Enforce deployment policies and track VMs.