Virtualization Resource Requirements

 

Microsoft, VMware, and other vendors produce virtualization environments. This list of require-ments is based on the requirements for Microsoft’s Windows Virtual PC product.

 

A PC suitable for virtualization should have the following minimum hardware requirements:

 

1GHz or faster processor 32-bit or 64-bit

2GB or more RAM

 

15GB hard disk space for each Windows VM Windows 7 Home Premium or higher

 

In addition to these base requirements, the following hardware features will help improve the per-formance of the host and guest operating systems:

 

Hardware-assisted virtualization features in the processor (must also be enabled in the sys-tem BIOS)

 

2GB of RAM or more per each VM


132 CompTIA A+ Quick Reference

 

Emulator Requirements and Features

 

Microsoft offers two different virtualization environments for client PCs: Virtual PC 2007 and Windows Virtual PC. Their differences are summarized in Table 6-16.

 

Table 6-16 Virtual PC 2007 and Windows Virtual PC Requirements and Features

  Virtual PC 2007 Windows Virtual PC
     
Supported host operating systems Windows XP Pro, Windows 7 Home
  Tablet; Windows Vista Premium and higher
  Business, Ultimate  
     
Processor 400MHz Pentium-class 1GHz
     
Disk Space 35MB + space per each 15GB space for each
  VM VM
     
Hardware-assisted virtualization sup- Yes Yes
port    
     
USB support No Yes
     
Windows XP mode (see Figure 6-14) No Yes
     
Application publishing and launch- No Yes
ing (direct launching of Windows XP    
Mode apps from Windows 7 desktop)    
     
Multiple VM threads No Yes
     
Clipboard sharing No Yes
     
Printer sharing No Yes
     
Smart card redirection No Yes
     
Drive sharing No Yes
     
Integration with Windows Explorer No Yes
     
Known folder integration between No Yes
host and guest    
     
Maximum VM screen resolution 1600Ч1200 2048Ч1920
     

 

 

Security Requirements

 

Virtualized environments need to be secured at both physical hardware and VM levels. Industry recommendations include the following:

 

Practice the same security features for VMs as for desktops (antivirus, physical security, firewalls, security patches for the operating system and applications)

 

Maintain administrator-only access to the VM host software Disable unneeded services and virtual hardware in the VM


Chapter 6: Operating Systems 133

 

 

Figure 6-14 A Windows XP mode VM running in Windows Virtual PC.

 

 

Network Requirements

 

To enable a VM to connect to network resources (NIC, Internet, and so on) available on the host machine, the VM needs to be connected to those resources. With Microsoft virtualization pro-grams, you need to install integration components supplied as part of the virtualization program. Once these components are integrated, you can use the host PC’s network connections to connect to the network and access the Internet.

 

Understanding Hypervisors

 

Desktop virtualization programs such as Virtual PC 2007 and Windows Virtual PC are examples of hosted virtualization. These programs are connected to the host operating system via a virtual machine monitor program (VMM) and all connections to hardware are virtualized.

 

A bare-metal virtualization program such as Microsoft Hyper-Z does not pass through a host operating system. Instead, its VMM, or hypervisor, connects directly to shared hardware, and VM connections to hardware can be passed via the hypervisor or directly between the VM and the hardware. Hypervisor virtualization is commonly used on server hardware.


 

 

This page intentionally left blank


Chapter 7

 

 

Security

 

The 220-802 2.0 Security domain covers physical and digital security, common security threats, security best practices, data destruction and disposal methods, and securing small office/home office (SOHO) wireless and wired networks. This section accounts for 22% of the CompTIA A+ 220-802 exam.

 

 

Common Prevention Methods

 

The best way to deal with security threats is to prevent them. Prevention has two aspects: physical and digital. The following sections review what you need to know about these methods for the 220-802 exam.

 

Physical Security

 

Physical security is a blanket term for preventing physical access to confidential information. These methods include securing of the premises where information is stored, securing of documents, and preventing unauthorized personnel from gaining access to that information.

 

Door Locks and Access Methods

 

To prevent physical access to confidential information in a building, the first line of defense is a locked door. To permit access, the following methods can be used:

 

Physical key—Low cost, but allows access to anyone who has the key. Records should be keptof who has what keys and locks should be changed periodically.

 

Key pad—More expensive, but easier to change if unauthorized personnel discover the code.Change codes periodically for security.

 

Key fobs and RFID badges—Easy to carry, but also easy to lose. These use short-range radiosignals. Can be disabled if lost.

 

Security portals—Revolving doors or “mantraps” can be used to prevent tailgating.

 

 

Identifying the User: Smart Cards and Biometrics

 

A more thorough method of access control involves the use of smart cards. Smart cards identify the owner, provide access to specified areas of a building and computers, and can be used to digitally sign, encrypt, and email files using RSA encryption. They can be incorporated into a USB thumb drive, a key fob, or a card that resembles a credit card in size.

 

A typical smart card generates an authentication code at short intervals (typically 60 seconds), and the code must be entered and validated before access is granted. Some installations also require the use


136 CompTIA A+ Quick Reference

 

of a personal identification number (PIN). Some smart card products can also be embedded into smartphones and USB thumb drives.

 

Biometrics uses a reader or a scanner to evaluate a potential user’s physical characteristics before allowing entry or use. Biometrics systems compare a fingerprint or thumbprint (common on many laptop and portable devices) or a retinal scan (used in high-security buildings such as banks or prisons) to the store information for authorized users.

 

Physical Data Protection

 

To prevent unauthorized access to physical documents, follow these precautions:

 

Keep documents locked up and out of sight when not in use Shred documents when no longer needed

 

To prevent unauthorized access to digital files, follow these precautions:

 

Keep passwords out of sight; no sticky notes, please Use privacy filters to block side views of screens

 

Digital Security

 

Documents stored on a computer can be accessed by unauthorized users at the keyboard or remotely if they are not secure. Use the security practices in this section to keep digital informa-tion safe.

 

Figure 7-1 shows a layered defensive strategy that is designed to protect the user and data. Notice that the first line of defense is network based, the second line is on the local PC (host), and the third line of defense is the user.


 

 

Hackers

 

 

Port

 

Scanners

 

Virus

 

Infected

 

Files


 

 

  Network Defense     Host Defense        
                                   
                                   
                            UAaOSpdatespplicationnd     EUducationser
                      Antivirus        
                  FLirewallocal          
          irewalletworkFN    
      Router      
  IPS        
                                   
                                   


 

 

Credit Card

Numbers

 

 

Passwords

 

 

Sensitive

 

Data


 

Figure 7-1 Layered defense.


Chapter 7: Security 137

 

Antivirus

 

The first step in antivirus (AV) is to detect a suspicious file or program. AV employs a scanning engine that uses one or both of the following techniques:

 

Heuristics analyze the behavior and activity of a file or program. If it is replicating, scan-ning other files, or connecting to other computers, it is flagged as a virus. Unfortunately, this hypervigilance tends to cause many false positives because many legit programs do exactly those behaviors. Search tools and programs that verify software keys often set off a heuristic scanning engine.

 

The other method of detecting viruses is by comparing files to the signatures (often called definitions) of known viruses. Much like fingerprint analysis, the AV software receives updates from a database maintained by the software manufacturer. The drawback of this method lies in its inability to quickly identify new and emerging threats. A proper AV uses a combination of both techniques.

 

Scan early and scan often. Scanning takes considerable system resources, so perform scheduled updates and scans during off-peak hours.

 

Both the signatures and the engine need to be as updated as possible. This is best done by setting it to commence automatically during down times, such as at night and on holidays.

 

After a file or program is found to be a match either by its activity (heuristics) or via update of known virus signatures, one of three things happens to the file. If it can be cleaned (removed from the host file), it will be; if not, the file is quarantined. In other words, nothing can be written to or read from that place on the hard disk drive (HDD).

 

As a technician, to prevent reinfection, you need to determine how the computer became infected. The most common ways of catching a virus is not using AV, using an obsolete AV, and not using up-to-date virus definitions and scan engines. The following is a list of common remediation:

 

Install AV software Update definitions

 

Update patches and service packs for OS and applications Use virus removal features of the AV

 

Identify the source of infection

 

 

Firewalls

 

A good security plan uses layered defenses, including hardware and software firewalls. Firewalls work in three ways:

 

Packet filtering—The most common and straightforward. Firewalls that use packet filteringeither block or allow packets by using basic criteria, source or destination IP address, ports, or protocols. The disadvantage of packet filtering is that it is not subtle. It is a reliable but


138 CompTIA A+ Quick Reference

 

inflexible gate guard. Sometimes, legitimate packets get filtered because they are different. Packet filtering can be implemented in hardware or software.

 

Proxy filters—Inbound and outbound traffic pass through the proxy filter, which imitatesdirect connections between the computer and the Internet, but blocks harmful traffic. A proxy filter is usually implanted in a gateway server or an Internet appliance.

 

Stateful packet inspection (stateful protocol filter)—Looks for unfamiliar packets andblocks them. After a rogue packet enters the target network, a hacker never hears from it again. Stateful packet inspection can be implemented in hardware or software.

 

Figure 7-2 illustrates the stateful protocol filter and other advanced settings used by the Norton Internet Security Smart Firewall.

 

Figure 7-2A firewall program with stateful protocol filter and other advanced settings (NortonInternet Security).

 

Hardware firewalls don’t impact the individual PC’s performance and can support an entire net-work.

 

Viruses, Worms, and Trojan Horses

 

Viruses are the oldest and best known form of malware. The name comes from their ability to spread from system to system through means such as email and infection of portable drives.

 

The most common type of virus today is a Trojan horse (Trojan). This type of program can mas-querade as an update to a video player, a free antivirus application, an unsolicited PDF attachment, or an ActiveX, Java, or 8-78263.php">⇐ Назад

  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 747576
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • Далее ⇒
  •