Securing and Auditing Virtualized Environments - ASN304


This course focuses on ESX and Hyper-V security, it examines virtualization basics, hardware considerations, ways to secure servers, access to the management console, logging and other configuration issues that ensure stability and security.


Tuition cost


NASBA Certified CPE

40 Credits


Why you should attend

You should attend because this course provides best practices for auditing and securing virtualized environments, which are widely used by organizations but also expose the organization to risks.

Who should attend

Information Security Managers, Analysts, and Administrators; IT Managers, Architects, and Developers/Integrators; IT Auditors; Network and System Administrators; Security Architects and Engineers; Application Certification/Quality Assurance Specialists; C

What You'll learn

You will learn about virtualization configuration and hardware considerations, different versions and best practices for ESX and Hyper-V security, and how to audit them effectively.


  • A working knowledge of operating system security, networking concepts, and associated logical access controls.
  • Network Security Essentials (ASG203)
  • Intermediate Audit School (ITG241), or equivalent experience.

1. Virtualization Basics:

  • what is server virtualization?
  • advantages and disadvantages of server virtualization
  • hardware considerations
  • backup strategies
  • potential hypervistor attacks
  • ESX and Hyper-V

2. vSphere/ESXi Basics:

  • ESXi Basics
  • ESXi Versions
  • ESXi OS Support
  • ESXi Hardware Considerations
  • ESXi Backup
  • Hardening ESXi
  • vCenter Security

3. Hyper-V Basics:

  • Hyper-V Basics
  • Hyper-V Versions
  • Hyper-V Guest OS Support
  • Hyper-V Host Hardware Considerations
  • Hyper-V Clustering
  • Hyper-V Hardening

4. Virtualization and Disaster Recovery:

  • benefits of incorporating virtualization into your disaster recovery plan.
  • physical versus virtual server recovery times.
  • hyperconvergence and disaster recovery
  • architecting your production environment to simplify disaster recovery
  • Recovery Point Objectives (RPO)
  • Recovery Time Objectives (RTO)
  • testing your disaster recovery plan

5. Developing an Audit Program for ESX:


  • auditing host hardware
  • auditing the host configuration
  • auditing virtual host management computers
  • auditing the UPS configuration.
  • auditing the backup.
  • auditing the physical to virtual migrations
  • auditing clusters
  • auditing virtual servers

6. ESX Case Study


Schedule your course

Use the table below to select the time and location that works best for you.

Timezone: America/New_York

September 2021

Sep 20th, 2021-Sep 24th, 2021

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: