Auditing Virtualised Infrastructures

Auditing Virtualised Infrastructures


This course is aimed at existing IT Auditors wishing to extend their skills.


Previous experience of IT auditing would be beneficial.


2 days. Hands on.

Course Objectives

Nowadays it's hard to find an organisation that hasn't used virtualisation techniques somewhere in its IT infrastructure, and all IT auditors need to be able to identify and evaluate the additional security and management issues that come with virtualisation.

In this intensive 2-day course, you will learn about the various types of virtualisation, how they work and what benefits and risks they can bring to a business. Using demonstrations of the three most popular virtualisation products, VMware's VSphere, Microsoft's Hyper-V and Citrix XenApp Server, you will see how virtualised data centres are set up and managed and how access to them is controlled and monitored.

You will learn the right questions to ask when auditing a virtualised data centre, how to evaluate the answers, and how to use virtualisation management tools such as PowerShell to generate your own audit scripts to extract data from virtualisation servers. You will also receive an audit programme and some sample scripts to get you started.

Course Content

The Different Types
How Virtual Machines Work
Advantages and disadvantages of virtualisation.
Risks and benefits of a virtualised infrastructure.
Environmental benefits.
Machine provisioning benefits.
Hardware utilisation benefits.
Business continuity risks and benefits.
Risks of improperly managed virtual machines.
Risks of uncontrolled VM communication.
Risks of dormant and suspended VMs.
Auditing in a virtual machine environment.
Identifying and evaluating controls in a virtualised environment.

Microsoft Hyper-V and VMware VSphere
Virtual Machine Managers - privilege and task management.
VMM console access and its risks.
VMware's VSphere.
Auditing ESX servers.
Auditing the VSphere and Hyper-V environments.
Audit scripting with PowerShell.

Virtualised Storage
Storage – NAS and SAN – their advantages and disadvantages.
What risks are associated with each type of technology and what countermeasures are available.

Virtual Desktop Infrastructure
What is it for?
How does it work?
What are the risks and benefits of deploying virtualised applications?

Citrix XenApp Server Administration
Setting up a server farm.
Configuring applications.
Administration via the Management Console.
Configuring Citrix servers.
Controlling access to applications.
Controlling ICA client access.
Delegated administration.
Controlling web access to the server farm.
Audit questions to ask.

Virtual Courses

ALL of our courses can be delivered virtually. And our Bath public schedule of courses are now available as live virtual sessions, using the popular Zoom Virtual Classroom and remote labs. Delegates can test their access at:

Public Courses

On-Site Courses

Can't attend one of our public classes? Booking for multiple people?

All our courses are available on your site! Delivered for your staff, at your premises.

Contact us to find out more...