Hands on Virtual Computing 2nd Edition

Simpson
Full download link at:

Test bank: https://testbankpack.com/p/test-bank-for-hands-on-

virtual-computing-2nd-edition-simpson-1337101931-

9781337101936/

Solution Manual: https://testbankpack.com/p/solution-manual-for-

hands-on-virtual-computing-2nd-edition-simpson-1337101931-

9781337101936/

Hands-On Virtual Computing, 2e

Chapter 4 Solutions

Answers to the Chapter 4 Review Questions

1. The process of using hypervisors to create pools of resources containing processors, storage, and

networking that can be assigned to virtual machines is called?

 c. Hyperconvergence

2. Which of the following is an example of a tier-1 application?

c. A large online database ordering system

3. Which of the following features allows a virtual machine to communicate directly with the

hypervisor, providing enhanced features?

b. Enlightened I/O

4. Which of the following is a memory management technique used in multiprocessing to allows a

CPU faster access to local memory?

b. NUMA

5. Which of the following will reduce the amount of paging needed when hosting the same guest OS

on multiple VMs?

d. Transparent Page Sharing (TPS)

6. _________________________ is a generic term often used for a container or storage volume that

holds virtual machine files.

b. Data store

7. ________________ is the process of storing just one copy of a data sector and then using pointers

to access the data from other locations.

b. Data deduplication

8. Which of the following increases performance by dividing storage into separate sections based on

access speed?

c. Storage tiering
9. Which of the following are advantages of using shared SAN storage? (Choose all that apply.)

a. Clustering

d. Load balancing

10. Which of the following are characteristics of a NAS device? (Choose all that apply.)

a. They often use NFS protocol to communicate with the host

c. They use their own format (independent of the host hypervisor) to format their disks

11. SAN systems are based on which of the following protocols? (Choose all that apply.)

a. iSCSI

c. Fibre Channel

d. FCoE

12. A Host Bus Adapter or HBA is often used with ____________.

b. an iSCSI client as a hardware based initiator

13. Which of the following are the most common benefits of clustering? (Choose all that apply)

a. High availability

c. Load balancing

14. Which of the following file systems does VMware ESXi hypervisor use to format a data store on

a SAN hard drive?

a. VMFS

15. Which of the following VMware services uses vLockstop technology to keep two virtual machine

synchronized in order to provide high availability for mission-critical applications?

 a. VMware FT

16. Which of the following vSphere services monitors host and virtual machine performance in order

to recommend when and where to move a virtual machine for load balancing?

b. Distributed Resource Scheduler (DRS)

17. Which of the following is the phase in which a hacker establishes a beachhead on the target

system in order to launch additional attacks on the host?

c. Pivoting phase

18. Which of the following switch types allows connection of virtual machines across different hosts?

c. Distributed switch

19. Which of the following switch types allows third-party plug-ins?

d. Extensible switch

20. Which of the following is the first network type you need to configure when setting up an ESXi

host?

c. Management network

21. Which of the following Microsoft Hyper-V switch types does not allow virtual machines to

communicate with the host OS?

a. Private switch

22. What Microsoft Windows Server 2016 Hyper-V feature will help protect VMs from data thefts?

c. Shielded virtual machines

23. Which type of malware can gain access to data on other virtual machines?

c. VM escape
24. Which of the following are operational security measures that help virtualization security?

(Choose all that apply.)

a. Separation of duties

b. Change policy

c. Network monitoring policy

25. Which of the following security policies would best protect the virtual network from hacker

attacks? (Choose all that apply.)

b. Firewall policy for the virtual network switch

c. Virtual network monitoring

Tips and Solutions for Chapter 4
Activity 4-1: Downloading the Free vSphere Hypervisor and vSphere Client

In this activity, students will need to use their My VMware account to download the free ESXi

Hypervisor and vSphere Client into the downloads directory they created in Chapter 1. You may

optionally provide them with a copy of these files to reduce access time and Internet usage.

Activity 4-2: Verifying Hyper-V requirements and Features

In this activity students will check to see that the computer they are using meets Hyper-V requirements

and then document some features of Hyper-V that will be important to their virtual data center.

In Step 4 students should record the following: (Note while the book says to record 5, most systems will

only show the requirements shown below. Students could also list RAM and Network card options)

VM Monitor Mode Extensions: _____Yes

Virtualization Enabled in Firmware: ____Yes

Second Level Address Translation: _____Yes

Data Execution Prevention Available: ____Yes

Other:

In Step 11 the student should record that the system does meet the Superior Technical College

requirements.

In Step 12, the students should record the features as shown below:

• Be able to adjust the amount of memory used by a VM while it is running: Hot add and

remove

• The ability to setup a lab where students can use a virtual machine as a host for educational

purposes: Nested Virtualization

• Create checkpoints for running VMs for backup purposes: Production Checkpoints
 • Change the size of virtual hard disks while the VM is running: Shared virtual hard disks

• Protect virtual machines from tampering or stealing of data by either another virtual machine

or by the administrator: Shielded Virtual Machines

Activity 4-3: Setting up a Windows iSCSI Target Server

In this activity students will use the Windows Server 2016 VM machine they created in Chapter 2 or

Chapter 3 to install an iSCSI Target device. This activity is intended to provide them with some hands on

experience with the iSCSI concepts covered in this chapter. The iSCSI target they create will be used in

Chapters 5 and 6 to allow them to get practice setting up a SAN cluster.

In Step 4, students should record the IP address of their Windows Server 2016 computer as shown below:

IP Address: 192.168.xxx.yyy (where xxx is the VMware NAT network their VMware Player is

using and yyy is a number assigned by the VMware DHCP service)

NAT Subnet: 192.168.xxx (this is the network address VMware Player DHCP service will

assign to all devices on the NAT network)

Subnet Mask: 255.255.255.0

Default Gateway; 192.168.xxx.1

In Step 5 students should record the address of their server as shown below:

IP Address: 192.168.xxx.101 (where xxx represents the address of their computer’s NAT

network)

Subnet Mask; 255.255.255.0

Default Gateway: 192.168.xxx.1

In Step 26, the student should choose and document a username and 12-character password.

Activity 4-4: Installing the vSphere Hypervisor (ESXi)

In this activity students use VMware Player (from Chapter 3) to install the ESXi server using the .iso file

they downloaded in Activity 4-1. After completing the activity students should have a ESXi server that

they can log into using the “root” account and password they establish. Check to be sure the student ESXi

server is named ESXi6-xxx where xxx is their initials.

In Step 14 verify that students have recorded a secure password

Activity 4-5: Working with Server 2016 Hyper-V Storage Systems

Step 3: Summarize benefits of using the ReFS storage with Hyper-V:

1. Speed - much faster to setup and clone virtual machines using ReFS

2. Checkpoint merging operations can be done on running VMs with little performance problem.

Activity 4-6: Recommending vSphere Compatible Adapters

The intent of this activity is to have students get experience looking for network adapters and their

features. The activity uses Newegg.com, but you may wish to substitute another vendor. After completing

this activity, students should have listed the lowest priced 3 Broadcom adapters that are compatible with

vSphere 6. You should go through the activity and identify the adapters you expect them to find and

update the table below:

Broadcom card Price Speed Ports Other features

model

Activity 4-7: Configuring the ESXi Management Network

In this activity students will use the VMware DCUI console to configure their ESXi host’s management

network. The activity is designed to have the student create a second virtual network adapter on their

VMware Player (simulate installing the new bridged adapter they found in Activity 4-4). This new

adapter is then added to the ESXi host and assigned to the management network. The student will then

record the IP address assigned to the ESXi host in Step 9 so they can access it in Activity 4-6.

In Step 10, verify that the student has recorded the DNS server and hostname from Activity 4-5.

Activity 4-8: Installing and Testing the vSphere Client

In this activity students will install the vSphere client they downloaded in Activity 4-1 on their desktop

computer. They will then use the vSphere client to view configuration settings on their ESXi host.

Activity 4-9: Check Virtualization Security Settings

In this lab activity students will document the firewall settings on their ESXi host and enable iSCSI client.
In Step 5 students should document the following services:

Load based teaming daemon

Syslog server

Direct console UI

In Step 7 the students should answer the following questions:

Is the Web client available on this version of ESXi server? No

What IP addresses are available: All
Solutions to the Case Project Assignments

Case Project 4-1: Setting up a VSAN cluster in vSphere 6.0

Assume you are a technician for Computer Technology Services and your manager, Lucas Mikkelson, has

asked you to give a report at the upcoming IT conference on VMware’s new VSAN product. In this

project you are to view the VMware online video (see link give below) to prepare a 10-minute

PowerPoint presentation on this new vSphere feature.

https://www.youtube.com/watch?v=1EDWKE93ivw&list=PLjwkgfjHppDvRITFUQNQNrKOREX

bj-lbN&index=48

Solution: Students should be able to create a PowerPoint document that hits on the following key

points (additional topics may be included):

• Allows a cluster to be configured to allow the hosts in the cluster to contribute hard drives to a

VSAN pool

• The pool can consist of only SSD drives, but must contain at least 1 SSD

• There needs to be 3 hosts contributing disks, but additional hosts can belong to the VSAN cluster

as users of the disk.

• The process is quite easy to perform

Case project 4-2: VMware Virtual SAN Online lab

Time Required: 60 minutes

As an alternative to creating an expensive iSCSI RAID server, your boss would like you to explore the

possibility of using vSphere’s VSAN feature to set up a cluster of vSphere hosts that share their SSD and

hard drives. In this activity you will use the My VMware account you created in Chapter 1 to perform the

following VMware’s VSAN online lab.

1. Log on to your Windows computer, open a Web browser, and go to VMware.com.

 2. Point to Login, click MyVMware and log on using the name and password you created in Chapter

1.

3. Click My Evaluations.

4. Scroll to the bottom of the screen and under the Try & Purchase heading, click the VMware

Hands-on Labs link.

5. Scroll down the catalog and click to select the VMware Virtual SAN 6 Hosted Evaluation link.

6. Click the Launch button. Your virtual lab environment will be established and you will see a

Windows desktop screen with a Lab Guidance link on the right.

7. Click Lab Guidance and read the introduction to the lab. Do module 1 and record your results on

a separate sheet of paper.

Suggested Solution: Students should have a paper showing the steps they performed along with their

conclusions.

Case Project 4-3: Comparing vSphere and Microsoft Hyper-V

Assume that a local school district is looking at virtualizing their data center. Currently they have three

Windows Server 2016 servers set up in a domain structure for administrative use. In addition, they have

two Linux-based Web servers that run Web services including a Web proxy used to filter Internet access.

They have asked your firm, Computer Technology Services, to compare the features of vSphere and

Hyper-V to see which hypervisor solution will work best for them. In this project you should use the

Internet to find some comparisons between Hyper-V and vSphere v6.0. While you should try to find the

most current information, some possible links for information are given below:

• https://redmondmag.com/articles/2015/05/01/vsphere-vs-hyperv.aspx

• Use Google to search for: windows_server_2012_r2_server_virtualization_white_paper.pdf

Your report should compare Hyper-V and vSphere in the following categories:

Scalability
Security

Virtual machine support

Virtual networking

Storage capability (support for NAS, iSCSI, Fibre Channel, and scalability of storage capacity)

High Availability features (clustering, migration, high availability, load balancing)

Suggested Solution: Student papers should include, but not be limited, to the following points in

each of the categories:

• Scalability:

Both provide a high level of scalability. ESXi can now scale to 64 hosts in a cluster, the

cluster can accommodate up to 8000 VMs. The host can support 480 CPUs and up to 12

TB of RAM.

Windows Server 2012 R2 Hyper-V also supports up to 64 nodes per cluster and each

cluster can accommodate up to 8,000 VMs. Individual Hyper-V hosts can accommodate

up to 320 logical processors and up to 4TB of RAM. A single Hyper-V server can host up

to 1,024 running VMs

• Security:

VMware enables central management of accounts and permissions for individual host

servers. It's also now possible to centrally manage password complexity rules for hosts in

a cluster. VMware has also introduced a couple new settings for the management of

failed logon attempts with local accounts.

In contrast, Hyper-V is a Windows Server role, and Windows Server has long supported

the central management of security and passwords via Active Directory.

• Virtual Machine Support:

 VMware has taken steps to improve VM functionality. In doing so, VMware has

introduced VM hardware version 11. For those not familiar with this concept, VMware

has a history of introducing a new VM hardware version with each major release.

In Windows Server 2012 R2, Microsoft introduced generation 2 VMs (see Figure 2).

These second-generation VMs used different virtual hardware than first-generation VMs.

Generation 2 VMs, for example, supported the ability to boot from SCSI virtual hard

disks, used UEFI firmware and performed PXE boots from standard network adapters

(among other things).

Another enhancement to VMware VMs in virtual hardware version 11 is the increase to

32 serial ports that are supported. Also, vSphere 6.0 gives administrators the ability to

remove unneeded serial and parallel ports.

This is one area VMware has better support than Microsoft. For all practical purposes,

Hyper-V doesn't support the use of physical serial or parallel ports by VMs.

• Virtual Networking

Generally vSphere provides more advanced virtual switch capability including port

groups that are divided into VMkernel and virtual machine. VMkernel port groups

including Management, Storage, and vMotion. VMware also provides for NIC teaming.

VMware provides a Distributed switch type that supports VM access across multiple

hosts. The main feature Hyper-V offers in this category is the Extensible switch which

allows the addition of plug-ins from 3rd party venders.

• Storage

Both products are very similar in this category. Microsoft has more data deduplication

capability with virtual machine data. Data deduplication in vSphere is limited to backups

and supporting deduplication performed by the storage devices.

Case Project 4-4: Documenting Latest Security Threats

Management at Superior Technical College would like you to report on one or more of the latest

virtualization malware or security threats. In this project you are to use the links below to prepare a report

that describes how the Storm worm and how other malware may use virtualization. In addition to these

sites, use Google or some other research tool to gather more information regarding techniques to secure

the software-defined data center.

http://isc.sans.org/diary.html?storyid=3190

http://www.symantec.com/connect/blogs/does-malware-still-detect-virtual-machines

Solution: The report should address how Storm Worm can detect if it is running on a VM and

how that changes its behavior to make detecting it more difficult. In addition, the report should

show that since many data centers are virtualized today, malware is less likely today to stop

running.

Case Project 4-5: Documenting Features of VMware TrustPoint

Management at Rocky Ridge Forest Products are considering purchasing VMware TrustPoint and

would like you to report on the security features this product would provide along with its cost. In

this project you are to write a brief report that outlines the security benefits of TrustPoint along

with any costs.

1. Open VMware.com, point to Products, and then click All Products.

2. Click TrustPoint.

3. Create a report that summarizes the security benefits of TrustPoint.

4. What is the cost of a TrustPoint license?

5. Is there a trial version available?

Solution: The report should include the following benefits of TrustPoint: Increases

security hygiene across the organization; Detects and remediates advanced security

threats; Empowers IT operators with complete visibility and control; Extends security
and management to mobile devices using AirWatch; Endpoint security; and Discovers

unmanaged endpoints in seconds. For the cost, students will have to do some Google

searches to find the price. At the time of this writing it was $75.00/device for a perpetual

license. The report should also include that there is no trial version available, but that

there is a link to a TrustPoint demo.