TRỊNH THỊ THANH HUYỀN – 21110477

CHAPTER 6
1. What is virtualization? List its benefits and drawbacks.
- Virtualization is a technology that enables the single physical infrastructure
to function as a multiple logical infrastructure or resources.
- Virtualization is the process of abstracting the physical resources to the pool
of virtual resources that can be given to any virtual machines (VMs).
- Virtualization’s Benefits
•Better Resource Utilization
•Increases ROI
•Dynamic Data Center
•Supports Green IT
•Eases administration
•Improve disaster recovery
- Virtualization’s Drawbacks
•Single point of failures
•Demand high – end and powerful infrastructure
•May lead to lower performance
•Requires specialized skill set.
2. Explain how virtualization changes the computing in the IT industry.
Virtualization has fundamentally transformed the IT industry by enabling multiple virtual
instances to operate on a single physical server. This innovation improves resource
utilization, scalability, and flexibility while reducing hardware costs. It simplifies disaster
recovery, enhances testing and development, and extends the life of legacy applications.
Moreover, it streamlines resource management, fosters green computing practices, and
supports desktop virtualization and cloud computing. Security is also bolstered through
isolation of workloads. Overall, virtualization has become a cornerstone technology in IT,
optimizing operations, cutting costs, and boosting adaptability to ever-evolving business
requirements.
3. Briefly explain how hardware resources such as processor, memory, storage, and
networks can be virtualized.
Processor Virtualization:
 CPU Virtualization: Hypervisors (e.g., VMware, Hyper-V) create virtual
CPUs (vCPUs) that share physical CPU cores, allowing multiple virtual
machines (VMs) to run concurrently on a single physical processor.
 CPU Time Slicing: Time-sharing techniques allocate CPU time slices to
each VM, ensuring fair and efficient utilization.
Memory Virtualization:
 Memory Overcommitment: Hypervisors can allocate more virtual
memory to VMs than physically available by using techniques like memory
ballooning and page sharing.
 Memory Ballooning: The hypervisor can reclaim memory from idle or
low-priority VMs and allocate it to more critical VMs when needed.
Storage Virtualization:
 Storage Area Network (SAN) Virtualization: SANs use technologies like
RAID and logical unit number (LUN) masking to pool and virtualize
storage resources across multiple disks or arrays.
 File-Level Virtualization: Network-attached storage (NAS) devices can
virtualize file systems, making it easier to manage and scale storage.
Network Virtualization:
 Virtual LANs (VLANs): VLANs segment physical networks into virtual
subnetworks, allowing for network isolation and improved security.
 Software-Defined Networking (SDN): SDN technologies decouple
network control from physical infrastructure, enabling centralized network
management and programmability.
4. Write short notes on data virtualization and application virtualization.
Data Virtualization:
 Integrates and presents data from various sources as a unified view.
 Doesn't physically move or copy data.
 Supports real-time access and federated queries.
  Abstracts underlying data complexities.
 Enhances data agility.
Application Virtualization:
 Runs applications in isolated environments.
 Ensures compatibility and portability.
 Optimizes resource usage.
 Enhances security by isolating applications.
 Simplifies software distribution and updates.
5. What are protection rings? Explain how it is used in virtualization.
Protection rings, also known as privilege levels or protection modes, are a computer
hardware mechanism used to segregate and control access to system resources and
services in modern computer architectures. They are essential for ensuring the security
and stability of an operating system and its applications. Protection rings are typically
implemented as hierarchical levels of privilege, with Ring 0 being the highest privilege
level and Ring 3 being the lowest.
Here's how protection rings are used in virtualization:
Ring 0 (Kernel Mode):
 Ring 0 is the most privileged level, typically reserved for the host operating
system's kernel.
 In virtualization, the hypervisor or virtual machine monitor (VMM) runs in
Ring 0. It has direct access to the physical hardware and controls the
execution of virtual machines (VMs).
 The hypervisor manages VMs by intercepting and emulating privileged
instructions that would normally execute in Ring 0.
Ring 1 and Ring 2 (Less Privileged Rings):
 These intermediate privilege levels are not commonly used in modern
operating systems.
 In some historical virtualization implementations, Ring 1 or Ring 2 could
be used for running certain components of the hypervisor or providing a
higher level of privilege for specific tasks. However, this approach is less
common today.
 Ring 3 (User Mode):
 Ring 3 is the least privileged level, where user-mode applications run.
 Virtual machines run their guest operating systems and applications in Ring
3.
 When a VM attempts to execute a privileged instruction (e.g., accessing
hardware resources or changing processor control registers), the hypervisor
traps and handles this event, ensuring that the VM cannot directly interfere
with the host or other VMs.
6. Explain the different approaches used to achieve virtualization with a neat
diagram.

7. Differentiate full virtualization, paravirtualization, and hardwareassisted

virtualization techniques.
Full Virtualization:
 Guest OS runs unmodified.
 Hypervisor intercepts and emulates privileged instructions.
 Suitable for legacy and unmodified OS environments.
  May have higher overhead due to emulation.
Para-Virtualization:
 Guest OS is modified to be aware of the virtualization layer.
 Guest OS communicates with the hypervisor through optimized interfaces.
 Offers improved performance compared to Full Virtualization.
 Requires guest OS modifications.
Hardware-Assisted Virtualization:
 Leverages CPU features (e.g., Intel VT-x, AMD-V).
 Allows VMs to execute privileged instructions directly on the CPU.
 Reduces overhead and improves performance.
 Doesn't require guest OS modifications but benefits from them if present.
8. What is the role of hypervisor in virtualization? Briefly explain the different types
of hypervisors with a neat diagram.
- Hypervisors are the software tools that sit in between VMs and physical
infrastructure and provide the required virtual infrastructure for VMs.

9. Differentiate type 1 and type 2 hypervisors.

Type 1 Hypervisor (Bare-Metal):
 Runs directly on the physical hardware.
 Typically used in enterprise environments and data centers.
  Provides higher performance and scalability.
 Examples include VMware vSphere/ESXi and Microsoft Hyper-V (when installed
directly on hardware).
Type 2 Hypervisor (Hosted):
 Runs on top of a host operating system.
 Suitable for development, testing, or desktop virtualization.
 Provides flexibility but may have lower performance.
 Examples include VMware Workstation, Oracle VirtualBox, and Parallels
Desktop.
10. Explain the different attacks targeted on hypervisors with a neat diagram.

11. Recommend some of the best practices to avoid/prevent the attacks on

hypervisors.
Recommendations to avoid hypervisor attacks:
• Update the hypervisor software and the host OS regularly.
• Disconnect the unused physical resources from the host system or
hypervisor.
• Enable least privilege to the hypervisor and guest OS to avoid the
attacks through unauthorized access.
• Deploy the monitoring tools in the hypervisor to detect/prevent
malicious activities.
 • Strong guest isolation.
• Employ mandatory access control policies.
12. Are virtualization and cloud computing the same? Justify your answer.
Virtualization and Cloud Computing are not the same:
• Type of service: Virtualization offers more infrastructure services rather than
platform and application services. Cloud computing offers all infrastructure (IaaS),
platform (PaaS), and software (SaaS) services.
• Service delivery: The service delivery in cloud computing is on demand an
allows the end users to use the cloud services as per the need. But virtualization is
not made for on-demand services.
• Service provisioning: In cloud computing, automated and self-service
provisioning is possible for the end users, whereas in virtualization, it is not
possible and a lot of manual work is required from the providers or system
administrator to provide services to the end users.
• Service orchestration: Cloud computing allows the service orchestration and
service composition to meet end user requirements. Some providers are also
providing automated service orchestration to the end users. But in virtualization,
orchestrating different service to get composite services is not possible.
• Elasticity: In cloud computing, we can add or remove the infrastructure
dynamically according to the need, and adding or removing the infrastructure is
automatic. But virtualization fails to provide elasticity as stopping and starting a
VM is manual and is also difficult.
• Targeted audience: Cloud computing targets the service providers for high
resource utilization and improved ROI. In the case of virtualization, the targeted
audience is only the service providers or IT owners, not the end users.
13. Explain how cloud computing is different from virtualization.
Cloud Computing:
 Provides various services (IaaS, PaaS, SaaS).
 Resources are pooled and accessed over the internet.
 Offers managed services, global accessibility, and pay-as-you-go billing.
Virtualization:
 Involves creating virtual instances on physical servers.
  Provides resource isolation, efficiency, and hardware abstraction.
 Can be used both on-premises and in cloud environments.
14. Compare and contrast cloud computing and virtualization.
Comparison:
Resource Sharing: Both cloud computing and virtualization involve resource
sharing to optimize hardware utilization.
Efficiency: Both technologies improve resource efficiency and scalability.
Isolation: Both offer isolation, with virtualization isolating VMs and cloud
computing isolating tenants.
Contrast:
Service vs. Technology: Cloud computing is a service model providing various
services, while virtualization is a technology enabling multiple virtual instances on
one server.
Accessibility: Cloud services are accessible over the internet, while virtualization
is often used within on-premises data centers.
Scope: Cloud computing encompasses virtualization but also includes managed
services, billing models, and global accessibility, while virtualization focuses on
creating isolated virtual instances.
15. Explain how virtualization is used as an enabling technology in delivering cloud
services such as IaaS, PaaS and SaaS.
Infrastructure as a Service (IaaS):
 In IaaS, virtualization enables the creation and management of virtualized
infrastructure resources. These resources include virtual machines (VMs), storage,
and networks.
 Virtualization abstracts physical hardware, allowing multiple VMs to run on a
single physical server. This enables efficient resource utilization and scalability.
 Users can provision, scale, and manage VMs on-demand through the IaaS
provider's interface, making it a flexible and cost-effective solution.
 Hypervisors, which are virtualization technology, manage VMs, ensuring isolation
and resource allocation.
Platform as a Service (PaaS):
  In PaaS, virtualization provides the underlying infrastructure for running
applications and services. PaaS platforms abstract the infrastructure layer,
allowing developers to focus on building and deploying applications.
 Virtualization ensures resource isolation, so applications from different users or
tenants do not interfere with each other.
 PaaS providers leverage virtualization to allocate compute, storage, and
networking resources as needed, ensuring that developers have the required
resources available for their applications.
 This abstracted, scalable infrastructure simplifies application development and
deployment.
Software as a Service (SaaS):
 SaaS applications are hosted and delivered over the internet. Virtualization is used
on the provider's side to manage the underlying infrastructure efficiently.
 Virtualization allows SaaS providers to scale their applications horizontally by
adding more virtual instances as demand grows.
 Resource allocation and isolation ensure that multiple tenants can use the same
SaaS application without compromising security or performance.
 SaaS providers use virtualization to optimize server utilization, reducing
operational costs and providing reliable services to users.