If you’re planning to take the SY0-401 or the SY0-501 Security+ exam, you should have a basic understanding of technologies available for testing security controls.
For example, can you answer this question?
Q. You want to test new security controls before deploying them. Which of the following technologies provides the MOST flexibility to meet this goal?
A. Baselines
B. Hardening techniques
C. Virtualization technologies
D. Patch management programs
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Implementing Virtualization
Virtualization is a popular technology used within large data centers and can also be used on a regular personal computer (PC). It allows you to host one or more virtual systems, or virtual machines (VMs), on a single physical system. With today’s technologies, you can host an entire virtual network within a single physical system and organizations are increasingly using virtualization to reduce costs.
When discussing VMs, you should understand the following terms:
- Hypervisor. The software that creates, runs, and manages the VMs is the hypervisor. Several virtualization technologies currently exist, including VMware products, Microsoft Hyper-V products, and Oracle VM VirtualBox. These applications have their own hypervisor software.
- Host. The physical system hosting the VMs is the host. It requires more resources than a typical system, such as multiple processors, massive amounts of RAM, fast and abundant hard drive space, and one or more fast network cards. Although these additional resources increase the cost of the host, it is still less expensive than paying for multiple physical systems. It also requires less electricity, less cooling, and less physical space.
- Guest. Operating systems running on the host system are guests or guest machines. Most hypervisors support several different operating systems, including various Microsoft operating systems and various Linux distributions. Additionally, most hypervisors support both 32-bit and 64-bit operating systems.
- Host elasticity and scalability. Elasticity and scalability refer to the ability to resize computing capacity based on the load. For example, imagine one VM has increased traffic. You can increase the amount of processing power and memory used by this server relatively easily. Similarly, it’s relatively easy to decrease the resources when the load
Virtualization typically provides the best return on investment (ROI) when an organization has many underutilized servers. For example, imagine an organization has nine servers with each using only about 20 percent processing power, memory, and disk space. You could convert three physical servers to virtual hosts and run three guest servers on each physical server. Assuming all the servers are similar, this wouldn’t cost any more money for the physical servers. Additionally, three physical servers consume less electricity and require less heating and ventilation to maintain.
In contrast, imagine the organization has nine servers with each using about 80 percent of their processing power, memory, and disk space. Although it is possible to convert them all to virtual servers, it requires the purchase of additional hardware. The savings from less electricity and less heating and ventilation is offset by the cost of the new servers.
Comparing Hypervisors
Hypervisor virtualization is divided into primarily two different types:
- Type Type I hypervisors run directly on the system hardware. They are often called bare-metal hypervisors because they don’t need to run within an operating system. For example, VMware has a family of ESX/ESXi products that are Type I hypervisors.
- Type Type II hypervisors run as software within a host operating system. For example, the Microsoft Hyper-V hypervisor runs within a Microsoft operating system.
The figure shows a single computer hosting three guest operating systems using Type II hypervisor-based virtualization. Notice that each guest has a full operating system, including its own kernel. Don’t let the term kernel throw you. Generically, a kernel is just the central part or most important part of something. When referring to a computer, the kernel is the central part of the operating system.
Type II hypervisor-based virtualization
When implementing virtualization on a PC, you will use Type II hypervisor-based virtualization. However, virtualization in large-scale data centers typically uses Type I virtualization.
Q. You want to test new security controls before deploying them. Which of the following technologies provides the MOST flexibility to meet this goal?
A. Baselines
B. Hardening techniques
C. Virtualization technologies
D. Patch management programs
Answer is C. Virtualization provides a high degree of flexibility when testing security controls because testers can easily rebuild virtual systems or revert them using a snapshot.
Baselines provide a known starting point, but aren’t flexible because they stay the same.
Hardening techniques make systems more secure than their default configuration.
Patch management programs ensure patches are deployed, but do not test security controls.
See Chapter 1 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide
or
Chapter 5 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
for more information on virtualization.
1 thought on “Testing Security Controls”