Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our virtualization module. With virtualization, we can provide a single machine that provides multiple services. We can use one physical machine to host multiple operating systems. A hypervisor is designed to control virtual machines using software. We have type one hypervisors and type two hypervisors. A type one hypervisor is depicted at the bottom right of your screen.
Here we have a physical machine that runs VMware, or perhaps Microsoft ESXi, as it's operating system, so the hypervisor itself is the operating system. And the virtual machines run directly on top of that hypervisor. With a type 2 hypervisor, depicted in the picture at the bottom left of the slide, is where we have a regular operating system such as Microsoft Windows, or perhaps Mac 0S10.
On top of that we have a piece of virtualization software acting as our hypervisor. An example here would be parallels or VM ware fusion or VM ware workstation, and this is where we run our virtual machines. Each virtual machine has access to its own dedicated RAM or memory and hard drive space.
The virtual machines are isolated from each other and, if configured correctly, should not be able to interfere with one another. And all of the operating systems on the virtual machines can all be running at one time. So you can have one physical machine that's running ten, or a hundred, or even a thousand different virtual operating systems all at one time.
So why should we consider virtualization technology in our environment? Well, it saves on initial hardware costs because you only have to purchase one device and then deploy multiple virtual machines on it, rather than purchasing multiple devices. It can save you on your maintenance costs, your utilities, and your total cost of ownership.
Virtualization technology makes it very easy to back up and restore virtual machines to a single file using snap shot technology. Virtualization works great in testing environments. So you can test software or applications or different utilities on multiple different operating systems on a single machine. And you can also restore those operating systems back to a known good configuration very easily.
It allows you to isolate your host operating system from most attacks and also allows you to isolate each of the virtual operating systems from each other. Virtualization technology works very well for testing malware because we can execute malware in a virtual machine with little risk of affecting out host computer or other virtual machines.
We can also use virtualization technology for honey pots. A honey pot is a device that we can use entice an attacker when they attempt to gain access to our network. We place this honeypot system in the demilitarized zone, or DMZ, and we make it appear as though it is a valuable target. When an attacker enters our network, they see the honeypot and begin to try to manipulate the system and attack it. We can then monitor the suspects activities and watch how they attack our systems and capture some of the techniques that they're using. There are some concerns with virtualization.
The most important concern is that you are creating a single point of failure. If have one device that's running 100 different virtual machines and that device has a hardware failure, instead of just losing one machine, you've now lost 100 machines. Virtualization technology is typically used with clustered servers, so that if one server fails, operations can continue on another device.
When you have multiple virtual operating systems, you have to protect each virtual operating system individually. You'll need to make sure anti-virus and firewall protection is installed on each virtual machine and make sure that these machines are hardened appropriately with the correct configuration settings. You'll also have to consider patch management to make sure that you're updating the operating system and antivirus definitions on each virtual machine.
Also, any time you restore a virtual machine to a prior snapshot, you'll need to make sure that you reinstall any updates that had been installed after that snapshot was generated. You also need to consider software licensing. You will have to purchase a separate software license for each virtual machine that is running as well as the host.
You cannot use one license for the host and all of the virtual machines that it contains. There are also some specific security concerns with virtualization. There are some specific vulnerabilities that can be exploited by attackers. As with any hardware, we still need to consider our physical security and make sure that our users are authenticated before they can access the system.
A VM escape attack is where an individual can escape out of a virtual machine and attack the host system that's hosting that virtual machine. This is commons with Windows type two hypervisors. VM escape attacks is a concept that you may see on the CISSP exam and you should be familiar with that type of attack.
If you have a worm or a virus on one of your virtual machines, it can spread to multiple virtual machines if the host system become infected. Virtualization technology is generally secure but you don't want use the host operating system for any tasks. Because that host operating system has access to all of your virtual machines that are running, so you wouldn't want to use the host operating system for browsing the internet or performing your daily work activities.
This machine should be secured and should not be used for anything other than administering the virtual machine environment. You also have to be concerned with data remnants, where traces of your data can remain on the virtual machine storage device, even after you delete the virtual machine. So you must make sure that you're following proper procedures to wipe any media before you're reusing it to remove any sensitive data. You also need to make sure that you have intrusion detection systems and intrusion prevention systems in place, such as firewalls, to protect from any network based attacks. This concludes our virtualization module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!