CSTM Virtualisation & Containerisation
Please click on the following tabs to reveal the knowledge depth required for a successful pass of the CSTM exam.
You will be given a random selection of questions. Please note exam content is subject to change due to circumstances beyond our control – use this as a guide and email us if you have any queries.
- Can identify use of popular virtualisation technologies, including:
• VMware • Microsoft HyperV • Citrix •Oracle VirtualBox
Understands common vulnerabilities found in hypervisors, including:
• Exposure of management interface • Use of default or insecure credentials
• Common high profile CVEs
- Understands the inherent risks in shared virtualised environments, e.g. shared memory space.
- Understands and can demonstrate common techniquesfor escaping a virtualised environment, including:
• Directory traversal in shared folders
• Virtual device communication breakout
• Public CVEs relating to memory corruption
- Can demonstrate how to take snapshots and techniques for recovering key sensitive information.
- Understands the security implications of reverting a VM to a previous state.
- Understands the sensitive nature of snapshot files and the need to restrict access.
- Understands the key differences between virtualisation and containerisation
- Can identify and interrogate running containers on a host
- Understands the concepts of layered filesystems andhow to extract and analyse specific layers within an image
- Can identify common vulnerabilities and weaknessespresent in containers, including:• Missing security patches • Weak file permissions• Insufficient or lack of resource quotas• Presence of sensitive information in environment variables, running processes or filesystem
- Understands and can analyse Dockerfile filesto uncover weaknesses in static images, including:
• Use of unencrypted connections for performing downloads
• Use of overly generous permissions, e.g. running as the root user 30
• Inclusion of sensitive information, e.g. passwords or private keys• Unnecessary exposure of ports