LearnNowOnline

Learn your way! Get started

Certified Virtualization Security Expert

with experts Duane Anderson, Tim Pierson

Course at a glance

Release date 4/30/2018
Level
Runtime 16h 1m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included
Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

This series covers everything you need to know becoming a Certified Virtualization Security Expert. Students will learn about routing and the security design of VMware, Remote DataStore security, Penetration Testing 101, information gathering, scanning and enumeration, penetration testing and the tools of the trade, DMZ virtualization and common attack vectors, hardening your ESX server, hardening your ESXi server, hardening your vCenter server, and 3rd party mitigation tools.

Meet the experts

Duane has been working in the IT industry for over two decades. He has primarily focused on security related matters such as Penetration Testing and Forensics. He has appeared as an expert witness in multiple court hearings on IT related matters. Duane has worked for or with most US and some foreign military branches, U.S government agencies, banking and regulatory industries and Fortune 500 companies. Duane contributed to the coordination and execution of IT counter-hacking & security courses for the US Marine Corps, US Army, US Air Force, U.S. Treasury, Sprint, IBM, Washington Mutual and Service Canada.
Tim one of the World’s leading trainers in technology,
networks, virtualization and, applications. He has been a technical trainer and consultant for security and virtualization for the past 25 years. He has 29 industry technical certifications from CISCO, Microsoft and Novell. Tim has been a noted speaker at many industry events such as Infosec World 2010, Innatech and GISSA. He is a contributing author of VMware vSphere and Virtual Infrastructure Security Securing ESX in the Virtual Environment.

Course outline

Introduction to Network Security

Introduction to Networking (33:02)
  • Introduction (00:26)
  • How Virtual Ethernet Adapters Work (03:00)
  • How Virtual Switches Work (02:26)
  • VMSafe (01:58)
  • Current VMSafe Partners (00:58)
  • Virtual Switch vs. Physical Switch (00:53)
  • Cam Tables (06:43)
  • Spanning Tree Protocol (01:48)
  • Virtual Ports (01:18)
  • Uplink Ports and Port Groups (02:19)
  • Uplinks (00:25)
  • VIrtual Switch Correctness (01:17)
  • VLANs in VMWare Infrastructure (02:29)
  • Failover Configuration (01:46)
  • Virtual Machine Operation (05:01)
  • Summary (00:08)
Virtual Network Security (27:28)
  • Introduction (00:08)
  • Forged Transmits (03:10)
  • Managing the Virtual Network (02:43)
  • Symmetric vs. Asymmetric Encryption (07:49)
  • Demo: Virtual Switch Security Settings (05:09)
  • Hashes (04:58)
  • Demo: Hashes (03:20)
  • Summary (00:08)

Remote Access and the Linux File System

Remote Access (47:45)
  • Introduction (00:08)
  • Digital Signatures (04:16)
  • Breaking SSL Traffic (07:12)
  • VMTraining's Physical Setup (04:37)
  • Demo: Connecting into DRAC Client (05:38)
  • Demo: DRAC Console (02:00)
  • Demo: PuTTy (05:45)
  • Demo: vSphere Client (05:25)
  • Demo: Virtual Center in vSphere Client (01:50)
  • Demo: ARP Injections (04:45)
  • Demo: ARP Cache Poisoning (03:47)
  • Introduction to Linux (02:07)
  • Summary (00:08)
Linux (46:44)
  • Introduction (00:08)
  • File System Structure (04:35)
  • Kernel (01:00)
  • Processes (00:58)
  • Processes Continued (01:23)
  • Staring and Stopping Processes (01:39)
  • Interacting with Processes (01:15)
  • Storing Account and Group Information (01:57)
  • Password and Shadow File Formats (01:15)
  • Accounts and Groups (03:03)
  • Linux and UNIX Permissions (05:10)
  • Demo: Introduction to Linux (03:47)
  • Demo: Get IP Address (06:09)
  • Demo: Configuring and Navigating Linux (02:25)
  • Demo: Navigating Linux (07:20)
  • Set UID Programs, Logs, and Editing (04:22)
  • Summary (00:08)

Virtualization

The Virtualization Layer (27:36)
  • Introduction (00:25)
  • How Traffic Routes between VMs on ESX Hosts (02:01)
  • Different vSwitches, Same Port Group and VLAN (01:43)
  • Same vSwitch, Different Port Group and VLAN (01:58)
  • VMWare Security Design (03:27)
  • VMWare Infrastructure Architecture and Security (00:33)
  • The Virtualization Layer (01:27)
  • Virutalization Layer Continued (04:03)
  • More Virtualization Layer (02:42)
  • CPU Virtualization (03:34)
  • Normal Operation (02:23)
  • Buffer Overflow (03:06)
  • Summary (00:08)
Page Sharing and Isolation (26:18)
  • Introduction (00:08)
  • CPU Virtualization (10:42)
  • Memory Virtualization (03:05)
  • Transparent Page Sharing (00:59)
  • VMware's Transparent Page Sharing (04:58)
  • Cloud Burst (03:39)
  • VM Isolation (01:32)
  • Protecting VMs (01:03)
  • Summary (00:08)
Virtual Switches and Ports (27:03)
  • Introduction (00:08)
  • Service Console (03:08)
  • Risk Mitigation in the Service Console (00:58)
  • Virtual Networking Layer and Virtual Switches (01:08)
  • Virtual Switch VLANs and (02:39)
  • Demo: Tagging VLANs (05:04)
  • Benefits of VLANs (01:29)
  • Tagging VLANs (02:16)
  • Virtual Ports (01:51)
  • Virtualized Storage (01:31)
  • VMware VirtualCenter (02:09)
  • VirtualCenter Certificate (01:59)
  • VMWare VirtualCenter Continued (02:29)
  • Summary (00:08)
Remote Data Store Security (35:41)
  • Introduction (00:08)
  • Zoning and Lun Masking (03:14)
  • Zoming and Lun Masking Continued (02:18)
  • Port Zoning (01:11)
  • Hard, Soft, and WWN Zoning (02:22)
  • Fibre Channel (01:19)
  • DH-CHAP (02:20)
  • ESP over Fibre Channel (00:38)
  • Fibre Channel Attacks: The Basics (03:34)
  • Steps in Securing Fibre Channel (02:20)
  • iSCSI vs. Fibre Channel (01:46)
  • ESX/ESXi and iSCSI SAN Environment and Addressing (01:48)
  • Hardware vs. Software Initiators (03:44)
  • Demo: Security Settings (02:44)
  • IPSec (03:17)
  • Securing iSCSI Devices (02:43)
  • Summary (00:08)

Penetration Testing

Exploits and Malware (31:29)
  • Introduction (00:18)
  • Benefits of a Penetration Test (03:12)
  • The Cost of Hacks (02:07)
  • Cost of a Hack: Example (01:29)
  • Current Issues: Malware (04:01)
  • Zombies (03:20)
  • Current Issues: Zombies (02:41)
  • Current Issues: Botnets (02:29)
  • Stolen Information (01:57)
  • Current Issues: Social Engineering and Exploits (03:16)
  • Chained Exploit Example (02:58)
  • Gozalez Indictment (03:27)
  • Summary (00:08)
Penetration Testing (40:40)
  • Introduction (00:08)
  • The Evolving Threat (05:28)
  • Methodology for Pen Testing/Ethical Hacking (06:21)
  • Penetration Testing Methodologies (01:42)
  • Different Types of Penetration Tests (02:34)
  • Website Review (01:22)
  • Demo: Security Websites (04:28)
  • Demo: More Security Websites (08:39)
  • Management Errors (02:47)
  • VMware Concerns (06:58)
  • Summary (00:08)

Performing Reconnaissance

Footprinting (28:25)
  • Introduction (00:31)
  • Methods of Obtaining Information (01:11)
  • Footprinting (01:44)
  • Footprinting Tools (01:03)
  • Maltego GUI (02:35)
  • Demo: Maltego (03:49)
  • Demo: Maltego Transforms (08:42)
  • FireCAT (01:58)
  • Demo: FireCAT (06:41)
  • Summary (00:08)
Port Scanning (44:11)
  • Introduction (00:08)
  • FireFox Fully Loaded (00:55)
  • Google Hacking (01:26)
  • Advanced Query Operators (02:10)
  • Google Continued (01:02)
  • Shodan (02:11)
  • Demo: Shodan (06:15)
  • Port Scanning (02:59)
  • Popular Port Scanning Tools (01:20)
  • ICMP Disabled (01:42)
  • TCP Connect Port Scan and NMAP (02:16)
  • Half-Open Scan, Firewalled Ports, and UDP Ports (03:37)
  • Demo: (00:42)
  • Demo: Port Scanning wiht NMAP (04:29)
  • Demo: Perform Scan (04:53)
  • Demo: Discovered Ports (03:10)
  • Demo: Reading Output (04:41)
  • Summary (00:08)
Enumeration (42:14)
  • Introduction (00:08)
  • UDP Port Scan (00:29)
  • Enumeration (01:49)
  • Banner Grabbing (02:22)
  • DNS Enumeration (01:04)
  • Zone Transfers (02:33)
  • Backtrack DNS Enumeration (01:05)
  • Active Directory Enumeration (01:36)
  • LDAPMiner (01:00)
  • Null Session (01:41)
  • Syntax for a Null Session (01:13)
  • Enumeration with Cain and Abel (02:14)
  • NAT Dictionary Attack Tool (01:02)
  • THC-Hydra (00:47)
  • Injecting Abel Service (00:59)
  • Demo: Cain and Abel (06:10)
  • Demo: ARP Poisoning (04:28)
  • Demo: Certificates (04:45)
  • Demo: Modify Port Function (06:33)
  • Summary (00:08)

Penetration Testing Tools

Vulnerability Scanners (40:24)
  • Introduction (00:54)
  • BackTrack4 (01:10)
  • Vulerability Scanners (00:28)
  • Nessus (01:12)
  • Nessus Report (00:57)
  • Saint (01:16)
  • Saint Sample Report (00:42)
  • OpenVAS (01:02)
  • OpenVAS Infrastructure and Client (03:31)
  • Demo: OpenVAS (05:29)
  • Demo: Connecting to the Server (03:14)
  • Demo: New Connections (05:19)
  • Demo: Perform a Scan (05:37)
  • Demo: Scan Continued (02:19)
  • Demo: Scan Report (06:58)
  • Summary (00:08)
Password Cracking (24:22)
  • Introduction (00:08)
  • Windows Password Cracking (02:48)
  • SysKey and Cracking Techniques (03:49)
  • Rainbow Tables (01:29)
  • Disabling Auditing (01:10)
  • Clearing the Event Log (00:45)
  • NTFS Alternate Data Stream (02:14)
  • Stream Explorer (00:39)
  • Encrypted Tunnels (01:37)
  • Port Monitoring Software (01:30)
  • Rootkits (02:21)
  • Utilizing Tools (01:05)
  • Defense in Depth (02:17)
  • Meterpreter (01:41)
  • VASTO (00:34)
  • Summary (00:08)
Pen Testing Tools (21:13)
  • Introduction (00:08)
  • VASTO Modules (03:17)
  • Fuzzers (01:57)
  • Saint (00:55)
  • Core Impact Overview (01:35)
  • Core Impact (01:39)
  • Tool Exploits from NVD (01:43)
  • Wireshark and TCP Stream Reassembling (02:28)
  • ARP Cache Poisoning (02:07)
  • ARP Cache Poisoning in Linux (01:24)
  • Cain and Abel (02:37)
  • Ettercap (01:10)
  • Summary (00:08)

DMZs and Attack Vectors

Virtualized DMZ (25:11)
  • Introduction (00:38)
  • Virtualized DMZ Networks (04:36)
  • Three Typical Virtualized DMZ Configurations (03:20)
  • Partially-Collapsed DMZ with Virtual Separation (02:02)
  • Fully-Collapsed DMZ (03:06)
  • Best Practices (03:27)
  • Network Labeling (01:24)
  • Layer 2 Security Options on Virtual Switches (01:09)
  • Enforce Separation of Duties (02:03)
  • ESX Management Capabilities (03:14)
  • Summary (00:08)
Common Attack Vectors (22:35)
  • Introduction (00:08)
  • Common Attack Vectors (01:06)
  • How Fake Certificate Injection Works (01:28)
  • Generic TLS Renegotiation Prefix Injection (05:27)
  • Test Vulnerabilities (01:10)
  • Vulnerability Requirements (01:50)
  • Generic Example (02:12)
  • Patched Server with DIsabled Recognition (00:43)
  • Keeping Up to Speed (01:28)
  • SchmooCon 2010: Timeline (01:16)
  • SchmooCon 2010: Identification (01:04)
  • SchmooCon 2010: Server Log In (00:27)
  • SchmooCon 2010: Vulnerability (01:06)
  • SchmooCon 2010: Redirection Proxy (00:24)
  • SchmooCon 2010: Vulnerable Versions (00:34)
  • SchmooCon 2010: Gueststealer (01:57)
  • Summary (00:08)

Hardening

Hardening VMs (31:24)
  • Introduction (00:27)
  • Virtual Machines (01:40)
  • Disable Unnecessary or Superfluous Functions (01:49)
  • Templates (00:57)
  • Prevent VMs from Taking Over Resources (01:59)
  • Isolate VM Networks (00:49)
  • Example Network Architecture (02:29)
  • ARP Cache Poisoning (02:13)
  • Virtual Machine Segmentation (03:38)
  • Disable Copy and Paste Operations (01:07)
  • Limit Data Flow (01:50)
  • Limit Data Flow Continued (01:38)
  • SetInfo Hazard (00:59)
  • SetInfo Hazard Continued (01:11)
  • Non-Persistent Disks (01:22)
  • Persistent Disks (02:42)
  • Ensure Unauthorized Devices are Not Connected (02:10)
  • Avoid DoS caused by Virtual Disk Modification (02:05)
  • Summary (00:08)
Verify File Permissions (31:16)
  • Introduction (00:08)
  • Verfiy File Permissions (02:16)
  • Demo: Graph (02:02)
  • Demo: Virtual System Center (06:09)
  • Demo: Assign Permissions (03:52)
  • Demo: Permissions Continued (05:35)
  • Demo: User Permissions (04:55)
  • Demo: XP-Attacker (05:47)
  • Configuring ESX and ESXi (00:19)
  • Summary (00:08)

The Service Console

Configure Service Console and Firewall (41:39)
  • Introduction (00:08)
  • Configuring the Service Console in ESX (02:30)
  • Demo: Set up ESX Access (05:17)
  • Demo: Checking Access (03:54)
  • Demo: Users and Groups (05:36)
  • Demo: esxadmins (04:55)
  • Configure the Firewall for Maxium Security (02:14)
  • Demo: Firewall Services (05:19)
  • Demo: Reading Firewall Information (05:30)
  • Demo: Turn off Unnecessary Ports (04:57)
  • Limiting Running Services (01:05)
  • Summary (00:08)
Service Console (30:34)
  • Introduction (00:08)
  • Limit What's Running in the Service Console (01:26)
  • Processes Running in SC (01:12)
  • The vSphere Client (03:51)
  • Use a Directory Service for Authentication (03:03)
  • Demo: Active Directory Integration (05:21)
  • Demo: Enable the Domain (04:15)
  • Demo: Authentication (03:03)
  • Demo: No Password Account (05:13)
  • Root (02:49)
  • Summary (00:08)

Controlling Access

Control Access (32:56)
  • Introduction (00:08)
  • Strictly Control Root Privileges (02:32)
  • Control Access to Privileged Capabilities (02:33)
  • Demo: Hardening ESX (05:33)
  • Demo: sshd-config (05:14)
  • Demo: Special User Permissions (05:12)
  • Demo: User vs. Group Permissions (06:00)
  • Demo: Successful Login (05:33)
  • Summary (00:08)
Control Access Part 2 (35:16)
  • Introduction (00:08)
  • Demo: Banner (02:11)
  • Demo: Other Commands (04:10)
  • Demo: Implementing sudo (04:48)
  • Demo: Changes for sudo (04:59)
  • Demo: sudoers File (05:08)
  • Demo: Sudo Changes (05:11)
  • Demo: Run Commands as Another User (04:22)
  • Demo: Running Commands Continued (03:12)
  • Password Aging and Complexity (00:54)
  • Summary (00:08)

Hardening ESX and ESXi

Configure ESX (39:03)
  • Introduction (00:08)
  • ESX/Linux User Authentication (01:17)
  • Configuring ESX Authentication (01:30)
  • ESX Authentication Settings (01:50)
  • Reusing Passwords (01:54)
  • Configuring Password Complexity (03:32)
  • Managing ESX (00:45)
  • Maintain Proper Logging (03:00)
  • Best Practices for Logging (01:38)
  • ESX Log Files (01:17)
  • Establish and Maintain File System Integrity (03:16)
  • SNMP (01:11)
  • Protect Against the Root File System Filling Up (01:18)
  • Disable Automatic Mounting of USB Devices (01:23)
  • Isolation (05:16)
  • VLAN1 (01:11)
  • Encryption Issues (03:31)
  • Do Not Use Promiscuous Mode on Network Interfaces (00:55)
  • Protect Against MAC Address Spoofing (02:51)
  • Protect Against Network Attacks (01:04)
  • Summary (00:08)
Hardening an ESXi Server (16:49)
  • Introduction (00:28)
  • Differences: VMware ESX and ESXi (01:15)
  • Configure Host-Level Management (00:23)
  • Strictly Control Root Privileges (01:22)
  • Control Access to Privileged Capabilities (00:53)
  • Control Access to Privileged Capabilities Cont. (01:58)
  • Privilege Levels (00:49)
  • DCUI (00:48)
  • DCUI Continued (01:42)
  • Maintain Proper Logging (01:03)
  • Establish and Maintain ConfigFile Integrity (01:32)
  • Secure the SNMP Connection (01:40)
  • Ensure Secure Access to CIM (00:56)
  • Audit or Disable Technical Support Mode (01:45)
  • Summary (00:08)

Hardening VirtualCenter and Third Party Mitigation

Hardening VirtualCenter (31:06)
  • Introduction (00:21)
  • Set up the Windows Host for VirtualCenter (01:33)
  • Limit Network Connectivity to VirtualCenter (01:07)
  • Proper Security Measures (01:41)
  • Certificate-Based Encryption (04:46)
  • vCenter Log Files and Rotation (00:52)
  • Collecting vCenter Log Files (00:50)
  • VirtualCenter Custom Roles (01:34)
  • Document and Minitor Changes to the Configuration (00:30)
  • VirtualCenter Add-on Components (01:21)
  • VMware Update Manager (01:36)
  • VMware Converter (02:05)
  • VMware Guided Consolidation (01:17)
  • General Considerations (01:13)
  • Client Components (00:38)
  • Verify the Integrity of the VI Client (02:23)
  • Monitor the Usage of VI Client Instances (01:13)
  • Avoid the Use of Plain-Text Passwords (02:11)
  • vShield Zones Overview (01:30)
  • vShield VM Wall and Flow Features (02:06)
  • Summary (00:08)
Hardening VirtualCenter Demo (25:48)
  • Introduction (00:08)
  • Demo: vShield Manager (05:16)
  • Demo: Deploy OVF Template (04:56)
  • Demo: Configure Install Parameters (06:05)
  • Demo: Add vShield Plugin (03:53)
  • Demo: Datacenter Changes (05:19)
  • Summary (00:08)
Hardening Virtual Center Demo Part 2 (30:32)
  • Introduction (00:08)
  • Demo: Verify Protection (05:01)
  • Demo: Zenmap (06:11)
  • Demo: Deny the vSphere Client at the DataCenter (03:58)
  • Demo: Communicating from Inside the Data Center (05:28)
  • Demo: Scanning (04:27)
  • Demo: VM Flow (05:08)
  • Summary (00:08)
Third Party Mitigation Tools (22:26)
  • Introduction (00:18)
  • The Virtualization Security Players (01:02)
  • 1K View of Altor (01:04)
  • 1K View of Catbird and Hytrust (03:15)
  • 1K View of Reflex (01:47)
  • 1K View of Trend Microsystems (01:26)
  • 1K View of Tripwire (00:45)
  • In-Depth Look at HyTrust (01:11)
  • HyTrust Key Capabilities: Unified Access Control (00:56)
  • HyTrust Key Capaibilties: Policy Management (01:09)
  • HyTrust Key Capabilities: Audit-Quality Logging (01:57)
  • In-Depth Look at Catbird (02:51)
  • Trust Zones (00:57)
  • Catbird: Continuous Compliance (00:41)
  • What's Missing (00:35)
  • Making Sense of It All (02:16)
  • Summary (00:08)