CSTL Virtualisation & Containerisation

Please click on the following tabs to reveal the knowledge depth required for a successful pass of the CSTL exam.

You will be given a random selection of questions. Please note exam content is subject to change due to circumstances beyond our control – use this as a guide and email us if you have any queries.

  • Can identify use of popular virtualisation technologies, including:
    • VMware • Microsoft HyperV • Citrix •Oracle VirtualBox
    Understands common vulnerabilities found in hypervisors, including:
    • Exposure of management interface • Use of default or insecure credentials
    • Common high profile CVEs
  • Understands the inherent risks in shared virtualised environments, e.g. shared memory space.

  • Understands and can demonstrate common techniquesfor escaping a virtualised environment, including:
    • Directory traversal in shared folders
    • Virtual device communication breakout
    • Public CVEs relating to memory corruption

  • Can demonstrate how to take snapshots and techniques for recovering key sensitive information.
  • Understands the security implications of reverting a VM to a previous state.
  • Understands the sensitive nature of snapshot files and the need to restrict access.
  • Understands the key differences between virtualisation and containerisation.
  • Can identify and interrogate running containers on a host.
  • Understands the concepts of layered filesystems and how to extract and analyse specific layers within an image.
  • Can identify common vulnerabilities and weaknessespresent in containers, including:
    • Missing security patches • Weak file permissions• Insufficient or lack of resource quotas • Presence of sensitive information in environment variables, • Running processes or filesystem
  • Understands and can analyse Dockerfile files to uncover weaknesses in static images, including:
    • Use of unencrypted connections for performing downloads
    • Use of overly generous permissions, e.g. running as the root user 30
    • Inclusion of sensitive information, e.g. passwords or private keys
    • Unnecessary exposure of ports
  • Understand the security implicationsof using third-party containers.
  • Understand how to manage containersthroughout their lifecycle.
  • Understand the functionalityoffered by Kubernetes.
  • Understand the security implicationsof using Kubernetes.
  • Understand the different deployment models (OpenShift, EKS/AKS, Docker on a single server, etc).