SlideShare a Scribd company logo

Virtualization, Cloud and Cybersecurity Content for CISSP, CompTIA and CISA

Download as PPTX, PDF
Ajit Wadhawan
Ajit Wadhawan

Introduction to cloud

Technology
1 of 23
Virtualization and Cloud Content for CISSP, CompTIA Security + and CISA Apsw2015@gmail.com
Virtualization • It enables single hardware equipment to run multiple operating systems environment simultaneously, greatly enhancing processing power utilization, among other benefits. • Hypervisor is the central program that controls the execution of various guest operating systems and provide the abstraction level between the guest and hosts environment. • A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine Virtualization
Type 1 Hypervisor • A Type 1 hypervisor is tied to the underlying hardware and hosts virtual machines on top of it, and it operates as the sole layer between the hardware • Due to the proprietary nature of Type 1 hypervisor software and the close intrinsic tie that it has to the underlying hardware, security can be maintained with a very high degree of confidence. • Because the vendor controls both the hardware and software, the hypervisor implementation is tightly controlled as to its features and capabilities, making a much leaner and tighter software platform that is more difficult to exploit. • These are also referred to as bare metal hypervisors • VMware ESX and ESXi,Microsoft Hyper-V,Citrix XenServer Type 1 Hypervisor
Type 2 Hypervisor • A Type 2 hypervisor is software based. • With software-based hypervisors, you are dependent on an operating system that is independent of the hardware and virtualization system to operate. • The hypervisor must interact with the operating system and rely on it for access to the underlying hardware and system processes. • With this dependency, the hypervisor is then vulnerable to any potential flaws and software exploits that can strike the underlying operating system, which could then be used to launch attacks against the hypervisor. • The security with Type 2 hypervisors is not as tight and dependable as the native solution that Type 1 provides. • VMware Workstation/Fusion/Player, VMware Server, Microsoft Virtual PC, Oracle VM VirtualBox Type 2 Hypervisor
VM Sprawl VM SPRAWL •Sprawl is the uncontrolled spreading and disorganization caused by lack of an organizational structure when many similar elements require management. •VM sprawl, also known as virtualization sprawl, happens when an administrator can no longer effectively control and manage all the virtual machines on a network. •VMs basically are files that contain a copy of a working machine’s disk and memory structures and management is easy when numbers are less •But as the number of VMs grows rapidly over time, sprawl can set in. VM sprawl is a symptom of a disorganized structure VM Sprawl Avoidance •VM sprawl can be avoided through policy. •VM sprawl can be avoided through naming conventions and proper storage architectures, so that the files are in the correct directory, making finding the correct VM easy and efficient. •But as in any filing system, it works only if everyone routinely follows the established policies and procedures to ensure that proper VM naming and filing are performed. •You can also integrated VM management tools, such as ESX sever from VMware, is its ability to enable administrators to manage VMs and avoid sprawl
VM Escape VM Escape • Virtual machine escape is the process of a program breaking out of the virtual machine on which it is running and interacting with the host operating system, • A virtual machine is a "completely isolated guest operating system installation within a normal host operating system. • Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. VM Escape Protection • Keep virtual machine software patched. • Install only the resource-sharing features that you really need. • Keep software installations to a minimum because each program brings its own vulnerabilities
Before the Cloud: Example 1- Storage Space •Challenge : •Availability of training contents while travelling. •Solution ( Before the cloud) : •As a trainer, I always used to carry my content in my hard drive when I had to travel for training , in case my laptop crashes or content gets corrupted. This extra hard drive cost me money and it also doesn’t ensure guaranteed availability of data as the hard drive can also get corrupted. •Solution ( After the cloud): •Now , I am using space in Google drive which is storage as a service in cloud and now my data is available online wherever I go and I can access it from my mobile/laptop/Phablet etc. from anywhere in the world.
Before the Cloud: Example 2- Online E Commerce •Challenge : •Peak Usage during holidays and Sale time •Less Load during rest of time •Solution ( Before the cloud) : •Peak Load Provisioning: Need to procure hardware for peak load which will cost lot of money and those hardware and resources would remain idle during low load period. •Solution ( After the cloud): •Now , instead of procuring hardware and resources anticipating peak load, you can use cloud and configure scaling policies to scale up and scale down resources based on demand which can save money and you will be able to use resources optimally.
Cloud Computing Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”) to offer faster innovation, flexible resources, and economies of scale Cloud computing is the use of Internet-based computing resources, typically “as a service,” to allow internal or external customers to consume where scalable and elastic information technology (IT)-enabled capabilities are provided.
Visual Model of Cloud Computing
NIST and ISO/IEC Definition NIST Definition 800-145 • NIST Definition • Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications , and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” ISO/IEC 17788 • ISO/IEC Definition 17788 • Paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand
NIST vs ISO 17788 Comparison NIST 800-145 Essential Characteristics ISO/IEC 17788 Broad network access Broad network access On-demand self-service On-demand self-service Resource pooling Resource pooling Rapid elasticity Rapid elasticity and Scalability Measured service Measured service Multitenancy
Cloud Building Blocks The building blocks of cloud computing are comprised of RAM, CPU, storage and Networking. IaaS comprises the most fundamental building blocks of an cloud service: the processing, storage, and network infrastructure upon which cloud applications are built. CPU Memory Storage Network
Cloud Computing Characteristics The provider abstracts resources and collects them into a pool, portions of which can be allocated to different consumers (typically based on policies). Resource pooling Consumers provision the resources from the pool using on-demand self- service. They manage their resources themselves, without having to talk to a human administrator. On Demand Self Service It means that all resources are available over a network, without any need for direct physical access. Broad network access It allows consumers to expand or contract the resources they use from the pool (provisioning and de provisioning), often completely automatically. Rapid elasticity Customers are charged for what they are using or consuming. • Measured service is a reference to the mode of operation of software where multiple independent instances of one or multiple applications operate in a shared environment. Multitenancy
Categorization of Cloud Cloud Categorization Deployment Categories Public Cloud Private Cloud Community Cloud Hybrid Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS)
Public Cloud Public Cloud: • According to NIST” the cloud infrastructure is provisioned for open use by the general public. • It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. • Significant and notable providers in the public cloud space include Amazon, Microsoft, Salesforce, and Google, among others. Public cloud benefits • Easy and inexpensive setup because the provider covers hardware, application, and bandwidth costs • Streamlined and easy-to-provision resources • Scalability to meet customer needs • No wasted resources—pay as you consume
Private Cloud Private Cloud •The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). •It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premise. •A private cloud is typically managed by the organization it serves; however, outsourcing the general management of this to trusted third parties may also be an option. •A private cloud is typically available only to the entity or organization, its employees, contractors, and selected third parties. •Significant and notable providers in the private cloud space include HPE,Vmware,Dell,Oracle,IBM,Microsoft Private cloud benefits •Increased control over data, underlying systems, and applications •Ownership and retention of governance controls •Assurance over data location and removal of multiple jurisdiction legal and compliance
Hybrid Cloud Hybrid Cloud •The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).” •Hybrid cloud computing is gaining in popularity because it enables organizations to retain control of their IT environments, coupled with the convenience of allowing organizations to use public cloud service to fulfill non-mission-critical workloads and taking advantage of flexibility, scalability, and cost savings. •Significant and notable providers in the private cloud space include Microsoft,Amazon, Vmware,EMC, IBM, HPE Hybrid cloud benefits •Retain ownership and oversight of critical tasks and processes related to technology. •Reuse previous investments in technology within the organization. •Control the most critical business components and systems. •Act as a cost-effective means of fulfilling noncritical
Community Model Community Cloud • The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). • It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.” • Community clouds can be on-premises or offsite and should give the benefits of a public cloud deployment, while providing heightened levels of privacy, security, and regulatory compliance Benefits of Community Cloud • Improved Service • Secure and Compliance • Available and Reliable • Flexibility and Scalability
Categorization of Cloud: Service Categories Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS
Categorization of Cloud: Service Categories • It offers access to a resource pool of fundamental computing infrastructure, such as compute, network, or storage. We sometimes call these the “SPI” tiers. • Amazon EC2, Google Compute Engine, HP Cloud, etc. Infrastructure as a Service (IaaS) • It is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. • Example: Google App Engine, Windows Azure Cloud Services, etc. Platform as a Service (PaaS) • It is a full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app. • Example: Google Apps, Microsoft Office 365, etc Software as a Service (SaaS) Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS
Cloud Service Categories
Thank You

Recommended

cloudcomputing.pptx
cloudcomputing.pptxcloudcomputing.pptx
cloudcomputing.pptxahmedsamir339466
 
Virtualization vs. Cloud Computing: What's the Difference?
Virtualization vs. Cloud Computing: What's the Difference?Virtualization vs. Cloud Computing: What's the Difference?
Virtualization vs. Cloud Computing: What's the Difference?Bangladesh Network Operators Group
 
9-cloud-computing.pdf
9-cloud-computing.pdf9-cloud-computing.pdf
9-cloud-computing.pdfErvisTema1
 
Cloud computing
Cloud computingCloud computing
Cloud computingSelvaraj Kesavan
 
Cloud Computing vs Virtualization From Desktop to Server
Cloud Computing vs Virtualization From Desktop to ServerCloud Computing vs Virtualization From Desktop to Server
Cloud Computing vs Virtualization From Desktop to ServerFadly Rizal Ahmad Fadzil
 
Basics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxBasics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxAmberAbbas11
 
Cloud computing
Cloud computing Cloud computing
Cloud computing ananyaakk
 
cloud computing
cloud computing cloud computing
cloud computingTapesh Chalisgaonkar
 

Recommended

cloudcomputing.pptx
cloudcomputing.pptxcloudcomputing.pptx
cloudcomputing.pptxahmedsamir339466
 
Virtualization vs. Cloud Computing: What's the Difference?
Virtualization vs. Cloud Computing: What's the Difference?Virtualization vs. Cloud Computing: What's the Difference?
Virtualization vs. Cloud Computing: What's the Difference?Bangladesh Network Operators Group
 
9-cloud-computing.pdf
9-cloud-computing.pdf9-cloud-computing.pdf
9-cloud-computing.pdfErvisTema1
 
Cloud computing
Cloud computingCloud computing
Cloud computingSelvaraj Kesavan
 
Cloud Computing vs Virtualization From Desktop to Server
Cloud Computing vs Virtualization From Desktop to ServerCloud Computing vs Virtualization From Desktop to Server
Cloud Computing vs Virtualization From Desktop to ServerFadly Rizal Ahmad Fadzil
 
Basics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxBasics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxAmberAbbas11
 
Cloud computing
Cloud computing Cloud computing
Cloud computing ananyaakk
 
cloud computing
cloud computing cloud computing
cloud computingTapesh Chalisgaonkar
 
Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basicsRahul Gurnani
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Cloud Computing Basics.pptx
Cloud Computing Basics.pptxCloud Computing Basics.pptx
Cloud Computing Basics.pptxAdnansamiMadarDeptof
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing
Cloud computingCloud computing
Cloud computingZubair Arshad
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulizationAJIT NEGI
 
cloud computing
cloud computingcloud computing
cloud computingSuchithra Suriya
 
cloud computing-Introduction
cloud computing-Introductioncloud computing-Introduction
cloud computing-IntroductionSuchithra Suriya
 
cloud computin
cloud computincloud computin
cloud computinSuchithra Suriya
 
Sapthagiricloud
SapthagiricloudSapthagiricloud
SapthagiricloudSuchithra Suriya
 
Cloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep DiveCloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep DiveDharmalingam S
 
Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Rubal Sagwal
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)Tsz Wing Chu
 
Basics of cloud
Basics of cloudBasics of cloud
Basics of cloudSyborg Services
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPTSeminar Links
 
Cloud computing explained
Cloud computing explained Cloud computing explained
Cloud computing explained Juan Pablo
 
Cloud Computing.pptx
Cloud Computing.pptxCloud Computing.pptx
Cloud Computing.pptxraghurajsingh51
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Cloud computing and Docker
Cloud computing and DockerCloud computing and Docker
Cloud computing and DockerSrinivasVaddi4
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

More Related Content

Similar to Virtualization, Cloud and Cybersecurity Content for CISSP, CompTIA and CISA

Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basicsRahul Gurnani
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulizationAJIT NEGI
 
cloud computing-Introduction
cloud computing-Introductioncloud computing-Introduction
cloud computing-IntroductionSuchithra Suriya
 
Cloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep DiveCloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep DiveDharmalingam S
 
Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Rubal Sagwal
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)Tsz Wing Chu
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPTSeminar Links
 
Cloud computing explained
Cloud computing explained Cloud computing explained
Cloud computing explained Juan Pablo
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Cloud computing and Docker
Cloud computing and DockerCloud computing and Docker
Cloud computing and DockerSrinivasVaddi4
 

Similar to Virtualization, Cloud and Cybersecurity Content for CISSP, CompTIA and CISA (20)

Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basics
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization Security
 
Cloud Computing Basics.pptx
Cloud Computing Basics.pptxCloud Computing Basics.pptx
Cloud Computing Basics.pptx
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatin
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulization
 
cloud computing
cloud computingcloud computing
cloud computing
 
cloud computing-Introduction
cloud computing-Introductioncloud computing-Introduction
cloud computing-Introduction
 
cloud computin
cloud computincloud computin
cloud computin
 
Sapthagiricloud
SapthagiricloudSapthagiricloud
Sapthagiricloud
 
Cloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep DiveCloud Computing Introduction - Deep Dive
Cloud Computing Introduction - Deep Dive
 
Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)Cloud and Virtualization (Using Virtualization to form Clouds)
Cloud and Virtualization (Using Virtualization to form Clouds)
 
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)在小學有效運用雲端電腦以促進電子學習(第一節筆記)
在小學有效運用雲端電腦以促進電子學習(第一節筆記)
 
Basics of cloud
Basics of cloudBasics of cloud
Basics of cloud
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPT
 
Cloud computing explained
Cloud computing explained Cloud computing explained
Cloud computing explained
 
Cloud Computing.pptx
Cloud Computing.pptxCloud Computing.pptx
Cloud Computing.pptx
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Cloud computing and Docker
Cloud computing and DockerCloud computing and Docker
Cloud computing and Docker
 

Recently uploaded

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Virtualization, Cloud and Cybersecurity Content for CISSP, CompTIA and CISA

  • 1. Virtualization and Cloud Content for CISSP, CompTIA Security + and CISA Apsw2015@gmail.com
  • 2. Virtualization • It enables single hardware equipment to run multiple operating systems environment simultaneously, greatly enhancing processing power utilization, among other benefits. • Hypervisor is the central program that controls the execution of various guest operating systems and provide the abstraction level between the guest and hosts environment. • A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine Virtualization
  • 3. Type 1 Hypervisor • A Type 1 hypervisor is tied to the underlying hardware and hosts virtual machines on top of it, and it operates as the sole layer between the hardware • Due to the proprietary nature of Type 1 hypervisor software and the close intrinsic tie that it has to the underlying hardware, security can be maintained with a very high degree of confidence. • Because the vendor controls both the hardware and software, the hypervisor implementation is tightly controlled as to its features and capabilities, making a much leaner and tighter software platform that is more difficult to exploit. • These are also referred to as bare metal hypervisors • VMware ESX and ESXi,Microsoft Hyper-V,Citrix XenServer Type 1 Hypervisor
  • 4. Type 2 Hypervisor • A Type 2 hypervisor is software based. • With software-based hypervisors, you are dependent on an operating system that is independent of the hardware and virtualization system to operate. • The hypervisor must interact with the operating system and rely on it for access to the underlying hardware and system processes. • With this dependency, the hypervisor is then vulnerable to any potential flaws and software exploits that can strike the underlying operating system, which could then be used to launch attacks against the hypervisor. • The security with Type 2 hypervisors is not as tight and dependable as the native solution that Type 1 provides. • VMware Workstation/Fusion/Player, VMware Server, Microsoft Virtual PC, Oracle VM VirtualBox Type 2 Hypervisor
  • 5. VM Sprawl VM SPRAWL •Sprawl is the uncontrolled spreading and disorganization caused by lack of an organizational structure when many similar elements require management. •VM sprawl, also known as virtualization sprawl, happens when an administrator can no longer effectively control and manage all the virtual machines on a network. •VMs basically are files that contain a copy of a working machine’s disk and memory structures and management is easy when numbers are less •But as the number of VMs grows rapidly over time, sprawl can set in. VM sprawl is a symptom of a disorganized structure VM Sprawl Avoidance •VM sprawl can be avoided through policy. •VM sprawl can be avoided through naming conventions and proper storage architectures, so that the files are in the correct directory, making finding the correct VM easy and efficient. •But as in any filing system, it works only if everyone routinely follows the established policies and procedures to ensure that proper VM naming and filing are performed. •You can also integrated VM management tools, such as ESX sever from VMware, is its ability to enable administrators to manage VMs and avoid sprawl
  • 6. VM Escape VM Escape • Virtual machine escape is the process of a program breaking out of the virtual machine on which it is running and interacting with the host operating system, • A virtual machine is a "completely isolated guest operating system installation within a normal host operating system. • Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. VM Escape Protection • Keep virtual machine software patched. • Install only the resource-sharing features that you really need. • Keep software installations to a minimum because each program brings its own vulnerabilities
  • 7. Before the Cloud: Example 1- Storage Space •Challenge : •Availability of training contents while travelling. •Solution ( Before the cloud) : •As a trainer, I always used to carry my content in my hard drive when I had to travel for training , in case my laptop crashes or content gets corrupted. This extra hard drive cost me money and it also doesn’t ensure guaranteed availability of data as the hard drive can also get corrupted. •Solution ( After the cloud): •Now , I am using space in Google drive which is storage as a service in cloud and now my data is available online wherever I go and I can access it from my mobile/laptop/Phablet etc. from anywhere in the world.
  • 8. Before the Cloud: Example 2- Online E Commerce •Challenge : •Peak Usage during holidays and Sale time •Less Load during rest of time •Solution ( Before the cloud) : •Peak Load Provisioning: Need to procure hardware for peak load which will cost lot of money and those hardware and resources would remain idle during low load period. •Solution ( After the cloud): •Now , instead of procuring hardware and resources anticipating peak load, you can use cloud and configure scaling policies to scale up and scale down resources based on demand which can save money and you will be able to use resources optimally.
  • 9. Cloud Computing Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”) to offer faster innovation, flexible resources, and economies of scale Cloud computing is the use of Internet-based computing resources, typically “as a service,” to allow internal or external customers to consume where scalable and elastic information technology (IT)-enabled capabilities are provided.
  • 10. Visual Model of Cloud Computing
  • 11. NIST and ISO/IEC Definition NIST Definition 800-145 • NIST Definition • Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications , and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” ISO/IEC 17788 • ISO/IEC Definition 17788 • Paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand
  • 12. NIST vs ISO 17788 Comparison NIST 800-145 Essential Characteristics ISO/IEC 17788 Broad network access Broad network access On-demand self-service On-demand self-service Resource pooling Resource pooling Rapid elasticity Rapid elasticity and Scalability Measured service Measured service Multitenancy
  • 13. Cloud Building Blocks The building blocks of cloud computing are comprised of RAM, CPU, storage and Networking. IaaS comprises the most fundamental building blocks of an cloud service: the processing, storage, and network infrastructure upon which cloud applications are built. CPU Memory Storage Network
  • 14. Cloud Computing Characteristics The provider abstracts resources and collects them into a pool, portions of which can be allocated to different consumers (typically based on policies). Resource pooling Consumers provision the resources from the pool using on-demand self- service. They manage their resources themselves, without having to talk to a human administrator. On Demand Self Service It means that all resources are available over a network, without any need for direct physical access. Broad network access It allows consumers to expand or contract the resources they use from the pool (provisioning and de provisioning), often completely automatically. Rapid elasticity Customers are charged for what they are using or consuming. • Measured service is a reference to the mode of operation of software where multiple independent instances of one or multiple applications operate in a shared environment. Multitenancy
  • 15. Categorization of Cloud Cloud Categorization Deployment Categories Public Cloud Private Cloud Community Cloud Hybrid Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS)
  • 16. Public Cloud Public Cloud: • According to NIST” the cloud infrastructure is provisioned for open use by the general public. • It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. • Significant and notable providers in the public cloud space include Amazon, Microsoft, Salesforce, and Google, among others. Public cloud benefits • Easy and inexpensive setup because the provider covers hardware, application, and bandwidth costs • Streamlined and easy-to-provision resources • Scalability to meet customer needs • No wasted resources—pay as you consume
  • 17. Private Cloud Private Cloud •The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). •It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premise. •A private cloud is typically managed by the organization it serves; however, outsourcing the general management of this to trusted third parties may also be an option. •A private cloud is typically available only to the entity or organization, its employees, contractors, and selected third parties. •Significant and notable providers in the private cloud space include HPE,Vmware,Dell,Oracle,IBM,Microsoft Private cloud benefits •Increased control over data, underlying systems, and applications •Ownership and retention of governance controls •Assurance over data location and removal of multiple jurisdiction legal and compliance
  • 18. Hybrid Cloud Hybrid Cloud •The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).” •Hybrid cloud computing is gaining in popularity because it enables organizations to retain control of their IT environments, coupled with the convenience of allowing organizations to use public cloud service to fulfill non-mission-critical workloads and taking advantage of flexibility, scalability, and cost savings. •Significant and notable providers in the private cloud space include Microsoft,Amazon, Vmware,EMC, IBM, HPE Hybrid cloud benefits •Retain ownership and oversight of critical tasks and processes related to technology. •Reuse previous investments in technology within the organization. •Control the most critical business components and systems. •Act as a cost-effective means of fulfilling noncritical
  • 19. Community Model Community Cloud • The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). • It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.” • Community clouds can be on-premises or offsite and should give the benefits of a public cloud deployment, while providing heightened levels of privacy, security, and regulatory compliance Benefits of Community Cloud • Improved Service • Secure and Compliance • Available and Reliable • Flexibility and Scalability
  • 20. Categorization of Cloud: Service Categories Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS
  • 21. Categorization of Cloud: Service Categories • It offers access to a resource pool of fundamental computing infrastructure, such as compute, network, or storage. We sometimes call these the “SPI” tiers. • Amazon EC2, Google Compute Engine, HP Cloud, etc. Infrastructure as a Service (IaaS) • It is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. • Example: Google App Engine, Windows Azure Cloud Services, etc. Platform as a Service (PaaS) • It is a full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app. • Example: Google Apps, Microsoft Office 365, etc Software as a Service (SaaS) Cloud Service Categories Infrastructure as Service(IAAS) Software as a service(SAAS) Platform as a service(PAAS