Cyber Security Fundamentals

1. What’s malware?

1.1. Software that is e specifically designed to disrupt, damage, or gain unauthorised access to a computer system

1.2. Types

1.2.1. Trojan

1.2.2. Spyware

1.2.3. Viruses

1.2.4. Ransomware

1.3. Blanket term for any kind of computer software with malicious intent (malicious software)

2. NIST (Cyber Security Framework) DEFINITION: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources includes hardware, software, firmware, information/data, and telecommunications

2.1. Identify

2.1.1. Asset management

2.1.2. Business environment

2.1.3. Detect

2.1.4. Respond

2.1.5. Recover

2.2. Protect

2.2.1. Access control

2.2.2. Awareness and training

2.2.3. Data security

2.2.4. Info protection processes and procedures

2.2.5. Maintenance

2.2.6. Protective technology

2.3. Detect

2.3.1. Anomalies and events

2.3.2. Security continuous monitoring

2.3.3. Detection proceses

2.4. Respond

2.4.1. Responde planning

2.4.2. Communications

2.4.3. Analysis

2.4.4. Mitigation

2.4.5. Improvements

2.5. Recover

2.5.1. Recovery planning

2.5.2. Improvements

2.5.3. Communications

3. Key terms

3.1. Vulnerability

3.1.1. A flaw, loophole, oversight, or error that can be exploited to violate system security policy

3.2. Threat

3.2.1. A threat is an event, natural or man-made, able to cause negative impact to an organization

3.3. Exploit

3.3.1. An exploit is a defined way to breach the security of an IT system through a vulnerability

3.4. Risk

3.4.1. It’s a situation involving exposure to danger

4. Roles in Security

4.1. CISO (Chief Information Security Officer)

4.2. Information Security Architect

4.3. Information Security Consultant/Specialist

4.4. Information Security Analyst

4.5. Information Security Auditor

4.6. Security Software Developer

4.7. Penetration Tester / Ethical Hacker

4.8. Vulnerability Assessor

5. Critical Thinking Model

5.1. Critical Thinking Characteristics

5.2. Technical Skills

5.2.1. Intrusion detection

5.2.2. Reverse engineering

5.2.3. Programming

5.2.4. Vistualization

5.2.5. Cryptography

5.2.6. Networking

5.2.7. Operating system

5.2.8. Database modeling

5.3. Impersonal Skills

5.4. Theoretical and Experimental knowledge and intelectual skills

5.5. Key skills

5.5.1. Challenge assumptions

5.5.1.1. Systematically list and challenge

5.5.1.2. Refine as you learn more

5.5.2. Consider alternatives

5.5.2.1. Brainstorm full range of possibilities

5.5.2.2. Break into components (who/what/when/where/why/how)

5.5.3. Evaluate data

5.5.3.1. Crux of the scientific method

5.5.3.2. Does the data fit your hypothesis

5.5.4. Identify key drivers

5.5.4.1. What are driving forces at play?

5.5.4.2. This can help you identify the future

5.5.5. Understand context

5.5.5.1. Most Important: put yourself in others shoes, reframe the problem

6. Challenge

6.1. Threats

6.2. Alerts

6.3. Available analysis

6.4. Needed knowledge

6.5. Available time

7. Tasks

7.1. Review security incidents in SIEM (Security Information and event management)

7.2. Review the data that compromise

7.3. Pivot the data multiple ways to find outliers

7.4. Expand your search to capture more data around that incident

7.5. Decide which incident to focus on next

7.6. Identify the name of the malware

7.7. Find internal potentially infected IPs with the same malware

7.8. Take the info found IOCs from the internet and search from them back in SIEM

7.9. Search more websites for IOC (indicator of compromise) infos for that malware from the internet

8. Frameworks and best practices

8.1. Used to improve the controls

8.2. Governance

8.3. Seeks to improve performance, control and metrics

8.4. Helps to translate business needs into technical or operational needs

8.5. Normative and compliance

8.5.1. Rules to follow for a specific industry

8.5.2. Enforcement for the government, industry or clients

8.5.3. Event if the company doesn’t want to implement those controls, for compliance

8.6. Best practices

8.6.1. COBIT

8.6.2. ITIL

8.6.3. ISOs

8.6.4. COSO

8.6.5. Project manager methodologies

8.6.6. Industry best practices

8.6.7. developer recommendations

9. Definition

9.1. CIA Triad

9.1.1. Confidentiality

9.1.1.1. (Like Privacy), confidentiality measures prevent data from falling into the hands of people who don’t have authorisation to access said information

9.1.2. Availability

9.1.2.1. In the information technology world, integrity is all about making sure information is accurate and always stays that way

9.1.3. Integrity

9.1.3.1. Ensuring availability requires routine maintenance and upgrading of hardware, software and operating system environments (compare the hash of a software for ex)

9.2. The protection of information systems from unauthorised access, use, disclosure, disruption, modification or destruction in order to provide confidentiality, integrity, and availability.

10. Security

10.1. Confidentiality

10.1.1. Only sender, intended receiver should “understand” message contents: sender encrypt message / receiver decrypt message

10.2. Authentication

10.2.1. Sender, receiver want to confirm identify of each other

10.2.1.1. 3 types of Authentication

10.3. Message Integrity

10.3.1. Sender, receiver want to ensure message not altered (in transit, or afterwards) without detection

10.4. Access and Availability

10.4.1. Services must be accessible and available to users

11. Cyber security organisations

11.1. WiCys organisation resources

11.2. The SANS institute

12. Programs

13. What’s Cyber Security?

14. IT Infrastructure Library (ITIL)

14.1. Defined: ITIL is a best practice framework, describe how IT is organised to deliver business values, it models how to document process, function and role of IT Service Management (ITSM)

14.2. ITIL Service Lifecycle Phases

14.2.1. Services

14.2.1.1. Service Strategy

14.2.1.1.1. Service Portfolio Management

14.2.1.1.2. Financial Management

14.2.1.1.3. Demand Management

14.2.1.1.4. Business Relationship Management

14.2.1.2. Service Design

14.2.1.2.1. Service Catalogue Management

14.2.1.2.2. Service level management SLM

14.2.1.2.3. Information security management

14.2.1.2.4. Supplier management

14.2.1.3. Service Operations (relates to ITIL)

14.2.1.3.1. Event management

14.2.1.3.2. Incident management

14.2.1.3.3. Problem management

14.2.1.4. Continual Service Improvement

14.2.1.4.1. Review metrics

14.2.1.4.2. Identify opportunities

14.2.1.4.3. Test and prioritize

14.2.1.4.4. Implement improvements

14.2.1.5. Service Transition

14.2.1.5.1. Change management

14.2.1.5.2. Project management

14.2.1.5.3. Release and deployment management

14.2.1.5.4. Service validation and testing

14.2.1.5.5. Knowledge management

14.3. ITIL Processes (Business process management and IT security services)

14.3.1. Problem management

14.3.1.1. the process responsible for managing the lifecycle of all problems (an unknown cause of one or more incidents)

14.3.2. Change management

14.3.2.1. manage changes to baseline service assets and configuration items across the ITIL lifecycle

14.3.3. Service level management

14.3.3.1. This involves the planning, coordinating, drafting, monitoring and reporting on Service Level Agreements (SLAs)

14.3.4. Event management

14.3.4.1. vents are any detectable or discernible occurrence that has significance for the management of IT Infrastructure, or delivery of an IT service

14.3.5. Information security management

14.3.5.1. This deals with having and maintaining an information security policy (ISP) and specific security policies that address each aspect of strategy, objectives and regulations

14.3.6. Incident management

14.3.6.1. and incident is an unplanned interruption. To an IT service, a reduction in the quality of and IT service and a failure of a configuration item

14.3.6.1.1. Log

14.3.6.1.2. Assign

14.3.6.1.3. Track

14.3.6.1.4. Categorize

14.3.6.1.5. Prioritize

14.3.6.1.6. Resolve

14.3.6.1.7. Close

14.4. New Topic

15. Alice/Bob/Trudy Example

15.1. Data

15.1.1. Secure sender

15.1.1.1. Channel

15.1.1.1.1. Data, control messages

15.1.1.1.2. (Trudy) - Intruder

15.1.2. (Alice)

16. CIA - Confidentiality, Integrity and Availability

16.1. Data and Services

16.2. Key definitions

16.2.1. Confidentiality

16.2.1.1. Preserving authorised restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information

16.2.1.2. Loss of confidentiality is the unauthorised disclosure of information

16.2.2. Integrity

16.2.2.1. Guarding against improper information modification or destrution

16.2.2.2. Including ensuring information non repudiation and authenticity

16.2.2.3. Integrity loss is the unauthorised modification or destruction of information

16.2.3. Availability

16.2.3.1. Timely and reliable access to information

16.2.3.2. Loss of availability is the disruption of access to an information system

16.3. Authenticity and accountability

16.3.1. A couple of add-ons for those they like to argue

16.3.1.1. Authenticity: property of being genuine and verifiable

16.3.1.2. Accountability: mapping actions to an identity

17. Identification and AAA

17.1. Authentication

17.1.1. Authentication methods

17.1.1.1. Something you know (Username/Password)

17.1.1.2. Something you have

17.1.1.2.1. Something the you have physically with you (Smartcard, token)

17.1.1.3. Something you are

17.1.1.3.1. Fingerprints, retina scanners, biometric methods

17.1.2. Controls

17.1.2.1. Types

17.1.2.1.1. Administrative

17.1.2.1.2. Technical

17.1.2.1.3. Physical

17.1.2.2. Categories

17.1.2.2.1. Corrective controls

17.1.2.2.2. Preventive controls

17.1.2.2.3. Dissuative controls

17.1.2.2.4. Recovery

17.1.2.2.5. Detective

17.1.2.2.6. Compensatory

17.2. Authorization

17.3. Accountability

18. Windows componentes User mode and Kernel mode

18.1. User mode

18.1.1. What do you see when you open an application

18.1.2. Process for the application

18.1.2.1. Private virtual address space

18.1.2.2. Private handle table

18.1.3. Each application runs in isolation, and if an application crashes, the crash is limited to that one application

18.2. Kernel mode

18.2.1. Underline technology within windows, the things that control the application

18.2.2. All code that runs in kernel mode shared a single virtual address space

18.2.3. If a kernel mode driver accidentally writes to the wrong virtual address, data that belongs to the operating system or another driver could be conpromised

18.2.4. If a kernel mode driver crashes, the entire operating system crashes

19. Processes and IT Security

19.1. Security operation center (SOC)

19.1.1. People

19.1.2. Tools

19.1.3. Process

19.2. Standard process roles: Focus and attention, skills, processes, methods and attendance

19.2.1. Process team

19.2.1.1. Team Lead

19.2.1.2. SME

19.2.1.3. Approver

19.2.1.4. Reviewer

19.2.1.5. Processor

19.2.2. Supplier

19.2.3. Requestor

19.2.4. Customer

19.3. Successful process

19.3.1. Charter

19.3.2. Clear objectives

19.3.3. Governance/Ownership

19.3.4. Repeatability (reduced variation)

19.3.5. Automation

19.3.6. Established Performance indicators (metrics)

19.4. Processes and Atributes

19.4.1. Business process management BPM (think about the withdraw money)

19.4.2. Input - process - outputs

19.4.2.1. Inputs: information or materials that are required by the process to get started

19.4.2.2. Outputs: services, or products that satisfy customer requirements

19.4.2.3. Bounds/Scope: the process starts when…and ends when…

19.4.2.4. Tasks/Steps: Actions that are repeatable

19.4.3. Process

19.4.3.1. Resources

19.4.3.2. Skills

19.4.3.3. Knowledge base

19.4.3.4. Lessons learned

19.4.3.5. Procedures

19.4.3.6. Metrics

19.4.3.7. Controls

19.4.3.8. Governance

19.4.4. Continual process improvements

19.4.4.1. Small improvement Teams

19.4.4.1.1. Regular review of:

19.5. Process performance metrics: measure process to understand if they are performing to specifications and producing the desired outcome every time, and within financial expectations

19.5.1. Typical categories

19.5.1.1. Cycle time

19.5.1.2. Quality (defect rate)

19.5.1.3. Cost

19.5.1.4. Rework

20. Directory structure

20.1. How the windows handles the separation of 32-bit and 64-bit applications

20.2. “C:”

20.2.1. /Peflogs(hidden)

20.2.2. /Program Files

20.2.3. /Program files (x86)

20.2.4. /ProgramData

20.2.5. /Users

20.2.5.1. /Public

20.2.5.2. /(username)

20.2.5.3. /AppData

20.2.6. /Windows

20.2.6.1. /System

20.2.6.2. /System32

20.2.6.3. SysWow64

21. Access control methods

21.1. MAC

21.1.1. Mandatory access control

21.1.1.1. Use labels to regulate the access

21.1.1.2. Military use

21.2. DAC

21.2.1. Discretionary access control

21.2.1.1. Each object (folder or file) has an owner and the owner defines the rights and privilege

21.3. RBAC

21.3.1. Role based access control

21.3.1.1. The rights are configured based on the user roles. For instance sales group, management group, etc.

21.3.1.1.1. User 1

21.3.1.1.2. User 2

21.3.1.1.3. User 3

21.4. Centralised and Decentralised

21.4.1. Centralised

21.4.1.1. SSO (single sign on)

21.4.1.2. Provide the 3 As

21.4.2. Decentralised

21.4.2.1. Independent access control methods

21.4.2.2. Local power

21.4.2.3. Normally the military forces the use of these methods on the battle fields

21.5. Best practices

21.5.1. Least Privilege

21.5.1.1. Information access limit

21.5.2. Separation of duties

21.5.2.1. Verify employee activity

21.5.3. Rotation of duties

21.5.3.1. Tracking and control

21.6. Physical and logical methods

21.6.1. Physical

21.6.1.1. Methods

21.6.1.1.1. Perimetral

21.6.1.1.2. Building

21.6.1.1.3. Work areas

21.6.1.1.4. Servers and networks

21.6.1.2. Technical uses of physical security controls

21.6.1.2.1. ID Badges

21.6.1.2.2. List of logs

21.6.1.2.3. Door access control system

21.6.1.2.4. Tokens

21.6.1.2.5. Proximity sensors

21.6.1.2.6. Tramps

21.6.1.2.7. Physical block

21.6.1.2.8. Cameras

21.6.2. Logical

21.6.2.1. ACL (Routers)

21.6.2.2. GPOs

21.6.2.2.1. Password policies

21.6.2.2.2. Device policies

21.6.2.2.3. Day na dtime restriction

21.6.2.3. Accounts

21.6.2.3.1. Centralised

21.6.2.3.2. Decentralised

21.6.2.3.3. Expiration

21.7. Discuss

21.7.1. Various common physical access control methods

21.7.2. Various common logical access control methods

21.7.3. Monitoring and access control processes such as IDS, IPS, Host IDS and IPS, HoneyPot and Sniffers

21.8. BYOD, BYOC..BYOEverything

21.8.1. Popular concept for modern times, each collaborator has the opportunity to bring their own device to the work environment, some controls to follow

21.8.1.1. Strict policy and understanding

21.8.1.2. Use of technical control MDM

21.8.1.3. Training

21.8.1.4. Strong perimetral controls

21.8.2. Making BYOD safe

21.8.2.1. As more and more personal mobile devices get introduced to the company network, the challenge of balancing employee freedom, app functionality, and data security rises

21.8.2.1.1. Employee mobility

21.8.2.1.2. Data breaches

21.9. Monitoring the access control process

21.9.1. IDS

21.9.1.1. Intrusion detection system, it’s a security tool that monitors network traffic for signs of potential attacks or malicious activities

21.9.2. IPS

21.9.2.1. Intrusion prevention system, it’s a security tool that not only detects potential attacks but also takes immediate action to prevent them

21.9.3. HOST IDS and IPS

21.9.3.1. HOST IDS

21.9.3.1.1. Is a security tool that is installed on a single host monitor it’s activities and detect potential attacks or malicious acrivities

21.9.3.2. HOST IPS

21.9.3.2.1. Host intrusion prevent system is a security tool that is installed on a single host or endpoint device to monitor its activities and prevent potential attacks or malicious activities

21.9.4. HoneyPot

21.9.4.1. Is a decoy system that is designed to lure attackers away from the real system and allow the security personnel to monitor their activities

21.9.5. Sniffers

21.9.5.1. Is a network monitoring tool that captures and analyses network traffic in real-time, helping security personnel to detect potential attacks or malicious activities

22. Open web application security project (OWASP)

22.1. OWASP Top 10 (2013)

22.1.1. A1 - Injection

22.1.2. A2 - Broken authentication and session management

22.1.3. A3 - Cross-site scripting (XSS)

22.1.4. A4 - Insecure direct object references

22.1.5. A5 - Security misconfiguration

22.1.6. A6 - Sensitive data explore

22.1.7. A7 - Missing function level access control

22.1.8. A8 - Cross-site request forgery (CSRF)

22.1.9. A9 - Using known vulnerable components

22.1.10. A10 - Unvalidated redirects and fowards

22.2. OWASP mobile top 10 risks (2016)

22.2.1. M1 - Weak server side controls

22.2.2. M2 - Insecure data storage

22.2.3. M4 - Unintended data leakage

22.2.4. M5 - Poor authorisation and authentication

22.2.5. M6 - Broken cryptography

22.2.6. M7 - Client side injection

22.2.7. M8 - Security decision via untrusted inputs

22.2.8. M9 - Improper session handling

22.2.9. M10 - Lack of binary protections

22.2.10. M3 - Insufficient transport layer protection

22.3. OWASP web application security risks top 10 (2021)

22.3.1. A01 - Broken access control

22.3.2. A02 - Cryptographic failures

22.3.3. A03 - Injection

22.3.4. A04 - Insecure design

22.3.5. A05 - Security Misconfiguration

22.3.6. A06 - vulnerable and outdated components

22.3.7. A07 - Identification and authentication failures

22.3.8. A08 - Software and data integrity failures

22.3.9. A09 - Security logging and monitoring failures

22.3.10. A10 - Server-side request forgery (SSRF)

23. Shortcuts and commands (by windows)

23.1. Common tasks that can be accessed using windows or Ctrl key and another key

23.1.1. Ctrl + Z

23.1.2. Ctrl + W

23.1.3. Ctrl + A

23.1.4. Alt + tab

23.1.5. Alt + F4 (close all apps)

23.1.6. Win + D (minimize all windows)

23.1.7. Win + left arrow / right arrow

23.1.8. Win + tab (show open apps)

23.1.9. Shift + tab (in a dialog box show the available option, saving a click)

23.2. Time saving and helpful for tais done regularly

23.3. Additional keyboard shortcuts (windows)

23.3.1. F2 (rename)

23.3.2. F5 (refresh)

23.3.3. Win + L (login screen)

23.3.4. Win + I (settings dialog)

23.3.5. Win + S (search windows)

23.3.6. Win + PrtScn (save a screenshot)

23.3.7. Alt + PrtScn (clipboard screenshot)

23.3.8. Ctrl + Shift + Esc (open the task manager)

23.3.9. Win + c (start talking to cortana)

23.3.10. Win + Ctrl + D (add a new virtual desktop)

23.3.11. Win + x (open the hidden menu)

24. MacOS Security Overview

24.1. Learn about where to find hardware and software specifications

24.2. Learn how to see all current activity

24.3. Learn about where to collect log files

24.4. System info

24.4.1. Overview

24.4.1.1. System report

24.4.1.1.1. All infos

24.4.2. Displays

24.4.3. Storage

24.4.4. Service

24.5. Activity monitor

24.5.1. All process

24.6. Console

24.7. Preferences system

24.7.1. Learn about the various security settings within macOS

24.7.2. System preferences

24.7.2.1. Security and privacy

24.7.2.1.1. General

24.7.2.1.2. FileVault

24.7.2.1.3. Firewall

24.7.2.1.4. Privacy

24.7.2.2. Startup disk

24.7.2.2.1. Any partition available

24.8. macOS Recovery

24.8.1. Learn about the recovery partition and what services it offers

24.8.2. macOS utilities

24.8.2.1. Restore from Time Machine backup

24.8.2.2. Reinstall mac

24.8.2.3. Get help online

24.8.2.4. Disk utility

25. NTFS and FAT systems used by Windows

25.1. File system

25.1.1. File system enables applications to store and retrieve files in storage devices, such as a hard drive (hdd)

25.1.2. Files are placed in a hierarchical structure

25.1.3. File is a unit of data in the file system that a user can access and manage, a file must have a unique name in its directory

25.1.4. A directory is a hierarchical collection of directories and files

25.1.5. Types of file system

25.1.5.1. NTFS (new technology file system)

25.1.5.1.1. Most common file system for windows en users systems

25.1.5.2. FATxx (File allocation table)

25.1.5.2.1. Number proceeding FAT refer to the number of bits used to enumerate a file system block. Ex FAT16, FAT32

26. Linux

26.1. Key components

26.1.1. The kernel

26.1.1.1. The core of the operate system

26.1.2. The shell

26.1.2.1. The shell is used to interact with the kernel

26.1.2.2. Users input commands through the shell and the kernel performs the commands

26.1.3. (It manages system and user input/output. Processes, files, memory and devices

26.2. What’s Linux?

26.2.1. It’s an open source operating system

26.2.2. License under the general public license (GNU)

26.2.3. Guarantees end users the freedom to run, study, share and modify the software

26.3. Linux file system

26.3.1. Files and directories

26.3.1.1. A file is the basic unit of storage for data. Usually stored on physical media such as hard drives. Represented by “-” in the Command-line interface (CLI)

26.3.1.2. A directory is a special type of file. Linux uses directories to hold information about other files. The equivalent of folders in Windows. Represented by a letter “d” in the CLI

26.3.1.3. / - Root

26.3.1.3.1. Every single file and directory starts from the root directory

26.3.1.3.2. Only the root user has write privileges under this directory

26.3.1.3.3. /root is not the same as /./root which is the home directory of root

26.3.1.4. /bin

26.3.1.4.1. Contains binary executables

26.3.1.4.2. Common Linux commands are found here

26.3.1.4.3. Ps, Is, ping, Greg, cp, mv, etc.

26.3.1.5. /sbin

26.3.1.5.1. Contains binary executables, but are more related to system maintenance

26.3.1.5.2. Iptables, reboot, fdisk, ifconfig, etc.

26.3.1.6. /etc

26.3.1.6.1. Contains configuration files required by all programs

26.3.1.6.2. Most applications will have a directory under /etc with all its configurations

26.3.1.7. /temp

26.3.1.7.1. Contains temporary files

26.3.1.7.2. They are deleted when the system reboots

26.3.1.8. /var

26.3.1.8.1. Contains files that are expected to grow or change constantly

26.3.1.8.2. Referred to as variable files

26.3.1.8.3. Application logs are usually found in /var/log

26.3.1.9. /home

26.3.1.9.1. This is where the home directories for all the users are located

26.3.1.9.2. Personal files can be stored here

26.3.1.10. /boot

26.3.1.10.1. Contains boot loaded files

26.3.1.10.2. It’s used at boot time

26.3.1.10.3. Boot time

26.4. Linux basic commands

26.4.1. Permissions and owners

26.4.1.1. File and directory permission

26.4.1.1.1. There are three groups that can “own” a file

26.4.1.1.2. For each group there are also three types of permissions

26.4.1.1.3. Permission representation

26.4.2. List

26.4.2.1. Cd: changes the directory were the user is currently located

26.4.2.2. Cp: copies files or directories

26.4.2.3. Mv: moves files or directories

26.4.2.4. Ls: lists information related to files and directories, like owner and privileges

26.4.2.5. Df: displays file system disk space

26.4.2.6. Kill: used to “kill” or stop and executing process

26.4.2.7. Rm: deletes files and directories

26.4.2.8. Rmdir: deletes an empty directory

26.4.2.9. Cat: short for concatenate. It can combine several files into one. Also used to see content of a file

26.4.2.10. Mkdir: creates a new directory

26.4.2.11. Ifconfig: used to view or configure network interfaces

26.4.2.12. Cat: short for concatenate. It can combine several files into one. Also used to see content of a file

26.4.2.13. Locate: quickly searches for the location of files. It uses an internal database that is updated using the ipdatedb command

26.4.2.14. Tail: view the end of a text file, by default the last 10 lines

26.4.2.15. Less: very efficient while viewing huge log files as it doesn’t need to load the full file while opening

26.4.2.16. More: displays text, one screen at a time

26.4.2.17. Nano: a basic text editor

26.4.2.18. Chmod: changes privileges for a file or directory

27. Virtualisation basics and cloud computing

27.1. Virtualisation module introduction

27.1.1. Science develops maintains and makes available at no cost the largest collection of research documents

27.2. Overview of virtualisation

27.2.1. Describe the benefits of virtualisation and how a virtualised environment differs from a traditional environment

27.2.2. Describe the role of the hyper visor in a virtualised environment

27.2.3. Describe the role of the virtual machine in a virtualised environment

27.3. Virtualisation

27.3.1. Allow to create multiple simulated environments or dedicated resources from a single, physical hardware system

27.3.2. Hypervisor / host

27.3.2.1. Separate the physical resources from the virtual environments

27.3.2.2. Hypervisor can sit on top of an operating system (end user) or be installed directly onto hardware (enterprise)

27.3.3. Virtual machine / guest

27.3.3.1. The virtual machine functions as a single data file The Hypervisor relays requests from the VM to the actual hardware, is necessary

27.3.3.2. VMs does not interact directly with the host machine

27.3.3.3. Physical hardware is assigned to VMs

27.4. Virtualisation to cloud

27.4.1. Virtualisation to cloud computing

27.4.1.1. Moving beyond virtualisation to cloud

27.4.1.1.1. Dinamic capacity optimization