Virtualization Services

Question 1

What is a hypervisor?

Answer 1

Software that manages the interaction between virtual machines and the physical hardware they run on. Also called a Virtual Machine Manager (VMM)

Question 2

What does a hypervisor allocate to each virtual machine?

Answer 2

CPU cycles, memory, networking and storage. Keeping all resources separated between the different VMs running on the same physical hardware

Question 3

What is a Type 1 hypervisor?

Answer 3

A hypervisor that runs directly on top of physical hardware with no underlying operating system. Also called a bare metal hypervisor

Question 4

What are two examples of Type 1 hypervisors?

Answer 4

VMware ESXi and Microsoft Hyper-V

Question 5

Why is a Type 1 hypervisor called a bare metal hypervisor?

Answer 5

Because it runs directly on the hardware with no OS beneath it. The hypervisor itself effectively serves as the primary operating system

Question 6

What is a Type 2 hypervisor?

Answer 6

A hypervisor that runs on top of an existing host operating system. Also called a hosted hypervisor

Question 7

What are three examples of Type 2 hypervisors?

Answer 7

VMware Workstation, Oracle VirtualBox and Parallels Desktop

Question 8

What is the key difference between a Type 1 and Type 2 hypervisor?

Answer 8

Type 1 runs directly on bare metal hardware with no OS underneath. Type 2 runs on top of an existing host OS. The VMs themselves are identical in both cases

Question 9

What is Intel’s CPU virtualization technology called?

Answer 9

Virtualization Technology, abbreviated as VT

Question 10

What is AMD’s CPU virtualization technology called?

Answer 10

AMD-V

Question 11

Why do VMs require significant hardware resources?

Answer 11

Each VM contains a complete installed OS, applications and data. All VMs share the physical CPU, RAM and storage so sufficient resources must be available for all VMs running simultaneously

Question 12

What are the three main virtual network configuration options for VMs?

Answer 12

• Shared (NAT) - hypervisor subnet with NAT to external network
• Bridge - VM acts as full local network member with its own IP
• Private - VM can only communicate with itself and selected devices

Question 13

What is a bridge network address in virtualization?

Answer 13

A configuration where the VM acts as a regular device on the local network. No NAT, same IP subnet as the physical network and full network access

Question 14

What is a shared network address in virtualization?

Answer 14

The hypervisor assigns VMs their own internal subnet and performs network address translation when those VMs need to communicate with the external physical network

Question 15

What is a private network address in virtualization?

Answer 15

A configuration that isolates the VM completely. It can only communicate with itself and any devices specifically configured to communicate with it

Question 16

What is a VM escape?

Answer 16

A security vulnerability where malware on one VM exploits a flaw in the hypervisor to break out of isolation and communicate with or access data on other VMs on the same host

Question 17

Why is downloading VMs from the internet a security risk?

Answer 17

Malware authors can embed malware inside a published VM. When you run that VM you are running an already-infected operating system on your own system

Question 18

What is Virtual Desktop Infrastructure (VDI)?

Answer 18

A technology where the entire desktop OS runs as a VM on a remote server or in the cloud. The local device only needs a keyboard, mouse and display

Question 19

What is another name for VDI when delivered as a cloud service?

Answer 19

Desktop as a Service (DaaS)

Question 20

What are the hardware advantages of VDI for the local device?

Answer 20

The local device requires minimal CPU, memory and storage because all processing happens on the remote virtualized system. Only network connectivity and a display are needed

Question 21

What is application containerization?

Answer 21

A virtualization method where individual applications run in isolated self-contained containers on a single host OS without each needing its own full guest operating system

Question 22

What is the most popular containerization software?

Answer 22

Docker

Question 23

What are the main advantages of containers over traditional VMs?

Answer 23

Containers are much smaller and more lightweight (no guest OS overhead), faster to transfer and more portable. They can be moved between physical devices without modification

Question 24

What is a key limitation of application containers compared to VMs?

Answer 24

Containers rely on the host OS. You generally cannot run Windows, Linux and Mac OS containers simultaneously on the same containerization platform

Question 25

How many operating systems need patching in a containerized environment vs a VM environment?

Answer 25

Only one in a containerized environment (the single host OS). In a VM environment each guest OS must be individually patched and maintained

Question 26

What overhead do VMs have that containers do not?

Answer 26

Each VM requires a full guest operating system installation. Containers share the host OS eliminating that overhead making them significantly smaller and faster to deploy

Question 27

True or False: A Type 1 hypervisor runs on top of an existing desktop operating system.

Answer 27

False. A Type 1 (bare metal) hypervisor runs directly on the hardware with no OS underneath. A Type 2 hypervisor runs on top of a host OS

Question 28

True or False: VMware Workstation is an example of a Type 1 hypervisor.

Answer 28

False. VMware Workstation is a Type 2 (hosted) hypervisor. VMware ESXi is the Type 1 example

Question 29

True or False: The VMs running on a Type 1 and Type 2 hypervisor are fundamentally different.

Answer 29

False. The VMs themselves are identical. The only difference is whether the hypervisor runs on bare metal or on top of a host OS

Question 30

True or False: Intel's CPU virtualization support is called AMD-V.

Answer 30

False. Intel's is called VT (Virtualization Technology). AMD's equivalent is called AMD-V

Question 31

True or False: A bridge network configuration performs NAT to connect VMs to the external network.

Answer 31

False. A bridge configuration gives the VM a direct presence on the local network with no NAT. NAT is used in the shared network configuration

Question 32

True or False: A VM escape allows malware on one VM to access other VMs on the same hypervisor.

Answer 32

True. A VM escape exploits a hypervisor flaw to break isolation between VMs

Question 33

True or False: Each VM requires its own security configuration including firewall and anti-malware.

Answer 33

True. Each VM is its own complete OS and must be secured just like a standalone workstation or server

Question 34

True or False: VDI requires a powerful local workstation to process the desktop environment.

Answer 34

False. In VDI all processing happens on the remote virtual system. The local device only needs minimal hardware plus a network connection and display

Question 35

True or False: DaaS (Desktop as a Service) is another term for Virtual Desktop Infrastructure.

Answer 35

True. DaaS refers to VDI delivered as a cloud service

Question 36

True or False: Application containers each contain their own full guest operating system.

Answer 36

False. Containers share the host OS and contain only the application and its dependencies. There is no guest OS per container

Question 37

True or False: Docker is a popular containerization platform.

Answer 37

True

Question 38

True or False: Containers are generally more portable than traditional VMs.

Answer 38

True. Containers are smaller, lightweight and can be moved between physical devices without modification

Question 39

True or False: In a containerized environment each container must have its OS individually patched.

Answer 39

False. Containers share the single host OS meaning only one OS needs to be patched and maintained

Question 40

True or False: You can freely mix Windows, Linux and Mac OS containers on the same Docker instance.

Answer 40

False. Containers depend on the host OS and generally must be configured to run on that specific OS type

Question 41

Scenario: A company needs to run dozens of VMs on a dedicated server with no desktop interface. Which hypervisor type?

Answer 41

A Type 1 (bare metal) hypervisor such as VMware ESXi or Microsoft Hyper-V. It runs directly on hardware with no OS overhead for maximum efficiency

Question 42

Scenario: A developer wants to run a Windows VM on their personal MacOS laptop for occasional testing. Which hypervisor type?

Answer 42

A Type 2 (hosted) hypervisor such as VMware Workstation, Oracle VirtualBox or Parallels Desktop. It runs on top of the existing Mac OS host

Question 43

Scenario: Malware on one corporate VM may be trying to access other VMs on the same host. What specific threat is this?

Answer 43

A VM escape. A vulnerability where malware exploits a hypervisor flaw to break out of one VM and access other VMs on the same host

Question 44

Scenario: A user downloads a pre-built VM from an unfamiliar website to save setup time. What security risk does this create?

Answer 44

The VM may contain embedded malware. Running a downloaded VM means running a potentially infected OS. Always build your own VMs or thoroughly verify the source

Question 45

Scenario: A call center wants to give hundreds of employees full desktop access without buying powerful workstations. What technology?

Answer 45

VDI (Virtual Desktop Infrastructure) or DaaS. Desktops run as VMs on a central server or in the cloud and employees only need basic terminals

Question 46

Scenario: A dev team needs to deploy dozens of microservices quickly, portable and lightweight without full guest OS overhead. What to use?

Answer 46

Application containerization using Docker. Each service runs in its own container sharing the host OS making them lightweight, fast to deploy and highly portable

Question 47

Scenario: A VM needs full access to the local network so other devices see it as just another device on the same subnet. What network config?

Answer 47

Bridge network. The VM acts as a full member of the local network with its own IP address on the same subnet as physical devices with no NAT

Question 48

Scenario: A highly sensitive VM must not communicate with any external network or other VMs. What network configuration?

Answer 48

Private network. Isolates the VM so it can only communicate with itself and any devices specifically configured to interact with it

Question 49

Scenario: Intel-based servers run VMs slowly and CPU virtualization support may be disabled. What setting to check and what is it called?

Answer 49

Check BIOS/UEFI settings for Intel VT (Virtualization Technology). This must be enabled for the CPU to take full advantage of hardware-assisted virtualization