24 Nov Practice Test Question: VM Escape Attack Prevention
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Devin manages a shared computing environment for multiple customers and is worried about one of his customers accessing virtual machines owned by other customers. He would like to protect against these virtual machine escape attacks. What is the best control that he can implement?
A. Network firewall
B. Hypervisor patching
C. Port security
D. Input validation
Correct Answer: B
Virtual machine (VM) escape attacks target vulnerabilities in the hypervisor supporting a virtualized environment. The strongest control to protect hypervisors against these attacks is to keep them patched. Network firewalls and port security are network security controls that occur outside of the virtualized environment and would not be effective in this case. Input validation is an application security control.