Week 4 Readings and Media
Please review the following for this week:
Vic (J.R.) Winkler, Securing the Cloud, Cloud Computer Security Techniques and Tactics, 2011, Chapter 4
Mell P, Grance T. The NIST Definition of Cloud Computing Version 15; 2009, National Institute of Standards and Technology, Information Technology Laboratory.
Ross, R, et al. NIST Special Publication 800-53 Revision 4, Recommended Security Controls for Federal Information Systems, Computer Security Division Information, Technology Laboratory, National Institute of Standards and Technology Gaithersburg, MD 20899-8930.
—————————————————————————————-
Week 4 ASSIGNMENT: (3 pages)
Write the answers in a separate document that you can upload (e.g., Microsoft Word file). Precede each answer with the question and its corresponding number.
Some threats to virtualized systems are general in nature, as they are inherent threats to all computerized systems (such as denial-of-service, or DOS, attacks). Other threats and vulnerabilities, however, are unique to virtual machines. Many VM vulnerabilities stem from the fact that a vulnerability in one VM system can be exploited to attack other VM systems or the host systems, as multiple virtual machines share the same physical hardware. Various organizations have conducted security analysis and proof-of- concept (PoC) attacks against virtualized systems, and their research regarding security in virtual environments highlights some of the vulnerabilities exposed to any malicious-minded individuals. Some of these attacks are listed below. Please provide a description of each of these attacks as they relate to VMs:
1. Shared clipboard (1/2 page)
2. Keystroke logging (1/2 page)
3. VM monitoring from the host (1/2 page)
4. Virtual machine monitoring from another VM (1/2 page)
5. Virtual machine backdoors (1/2 page)
—————————————————————————————-
Week 4 DISCUSSION: Cloud Architecture Security (1 page)
Write one page using this weeks reading and media. APA Format and provide two references at a minimum.
VM sprawl is a general term describing the propagation of virtual systems across the enterprise in an uncontrolled way. Rogue machines can consume resources and bandwidth as well as present new vulnerabilities with virtual machines that are not being patched and monitored. Forensics cannot be conducted in the virtual environment in which these machines arent even visible to the organization. Should an event occur, organizations need to not only know what part of the network is affected, but also be able to roll back network and system records in time to determine what happened.
Please give your thoughts on what types of tools and/or technical approaches might be useful to address these situations.