CSTL Virtualisation & Containerisation
Please click on the following tabs to reveal the knowledge depth required for a successful pass of the CSTL exam.
You will be given a random selection of questions. Please note exam content is subject to change due to circumstances beyond our control – use this as a guide and email us if you have any queries.
- Can identify use of popular virtualisation technologies, including:
• VMware • Microsoft HyperV • Citrix •Oracle VirtualBox
Understands common vulnerabilities found in hypervisors, including:
• Exposure of management interface • Use of default or insecure credentials
• Common high profile CVEs
- Understands the inherent risks in shared virtualised environments, e.g. shared memory space.
- Understands and can demonstrate common techniquesfor escaping a virtualised environment, including:
• Directory traversal in shared folders
• Virtual device communication breakout
• Public CVEs relating to memory corruption
- Can demonstrate how to take snapshots and techniques for recovering key sensitive information.
- Understands the security implications of reverting a VM to a previous state.
- Understands the sensitive nature of snapshot files and the need to restrict access.
- Understands the key differences between virtualisation and containerisation.
- Can identify and interrogate running containers on a host.
- Understands the concepts of layered filesystems and how to extract and analyse specific layers within an image.
- Can identify common vulnerabilities and weaknessespresent in containers, including:
• Missing security patches • Weak file permissions• Insufficient or lack of resource quotas • Presence of sensitive information in environment variables, • Running processes or filesystem
- Understands and can analyse Dockerfile files to uncover weaknesses in static images, including:
• Use of unencrypted connections for performing downloads
• Use of overly generous permissions, e.g. running as the root user 30
• Inclusion of sensitive information, e.g. passwords or private keys
• Unnecessary exposure of ports
- Understand the security implicationsof using third-party containers.
- Understand how to manage containersthroughout their lifecycle.
- Understand the functionalityoffered by Kubernetes.
- Understand the security implicationsof using Kubernetes.
- Understand the different deployment models (OpenShift, EKS/AKS, Docker on a single server, etc).