The NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards" specifies potential advantages and disdvantages of virtualization.
Which of the following disadvantages does it include? Each correct answer represents a complete solution.
Choose all that apply.
Click on the arrows to vote for the correct answer
A. B. C. D. E. F. G.It increases overall security risk shared resources, such as networks, clipboards, clocks, printers, desktop management, and folders.
Answer: A and B are.
The potential security disadvantages of virtualization are as follows: It increases configuration effort because of complexity and composite system.
It initiates the problem of how to prevent overlap while mapping VM storage onto host files.
It introduces the problem of virtualizing the TPM.
It creates the possibility that remote attestation may not work.
It initiates the problem of detecting VM covert channels.
It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference.
It initiates the possibility of virtual networking configuration errors.
It initiates the risk that malicious software is targeting the VM environment.
incorrect.
These are not the disadvantages of virtualization, as described in the NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards".
The NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards" discusses the potential advantages and disadvantages of virtualization. The disadvantages that the paper includes are:
C. It initiates the risk that malicious software is targeting the VM environment: Virtualization creates a risk of malicious software targeting the virtual environment because if one virtual machine is compromised, it can potentially affect other virtual machines on the same physical host. This is because virtual machines share the same hardware resources, such as CPU, memory, and storage.
D. It increases overall security risk shared resources: Virtualization increases the security risks associated with shared resources. As multiple virtual machines are running on a single physical host, they share the same resources. Any vulnerability in one virtual machine can potentially compromise the entire host and affect other virtual machines running on that host.
E. It creates the possibility that remote attestation may not work: Remote attestation is a process to verify the integrity of a system or platform. In a virtualized environment, remote attestation may not work properly because the underlying hardware platform is hidden from the virtual machine. This can create a potential security risk.
F. It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference: Virtualization introduces new protection mechanisms to prevent virtual machine escape, virtual machine detection, and virtual machine-to-virtual machine interference. These mechanisms are necessary to ensure the security and isolation of virtual machines.
G. It increases configuration effort because of complexity and composite system: Virtualization increases the configuration effort due to the complexity of the system. Virtual machines need to be configured and managed properly to ensure their security and isolation.
The following options are incorrect:
A. It increases capabilities for fault-tolerant computing using rollback and snapshot features: This is not a disadvantage of virtualization, but rather an advantage. Virtualization provides features like rollback and snapshot that enable fault-tolerant computing.
B. It increases intrusion detection through introspection: This is not a disadvantage of virtualization, but rather an advantage. Virtualization provides the ability to inspect the behavior of virtual machines, which can help in intrusion detection.
Therefore, the correct answers are C, D, E, F, and G.