nerdexam
(ISC)2

CISSP · Question #461

Which would result in the GREATEST import following a breach to a cloud environment?

The correct answer is A. The hypervisor host Is poorly seared. A compromised hypervisor represents the most catastrophic breach in a cloud environment because it controls all virtual machines running on the physical host. Attackers who gain hypervisor-level access can compromise every guest VM, access all data, and potentially pivot across t

Submitted by helene.fr· Mar 5, 2026Security Architecture and Engineering

Question

Which would result in the GREATEST import following a breach to a cloud environment?

Options

  • AThe hypervisor host Is poorly seared
  • BThe same Logical Unit Number (LLN) is used for ail VMs
  • CInsufficient network segregation
  • DInsufficient hardening of Virtual Machines (VM)

How the community answered

(28 responses)
  • A
    71% (20)
  • B
    7% (2)
  • C
    18% (5)
  • D
    4% (1)

Why each option

A compromised hypervisor represents the most catastrophic breach in a cloud environment because it controls all virtual machines running on the physical host. Attackers who gain hypervisor-level access can compromise every guest VM, access all data, and potentially pivot across the entire cloud infrastructure.

AThe hypervisor host Is poorly searedCorrect

The hypervisor is the foundational layer that manages all virtual machines on a physical host; if it is poorly secured and breached, an attacker gains privileged control over every VM running on that host, including their memory, storage, and network traffic. This 'VM escape' or hypervisor-level compromise has the greatest blast radius because it undermines the entire virtualization security boundary. No VM-level controls or network segmentation can compensate once the hypervisor itself is controlled by an adversary.

BThe same Logical Unit Number (LLN) is used for ail VMs

Sharing the same Logical Unit Number (LUN) across VMs creates data leakage risks between VMs but its impact is limited to storage-level exposure rather than full system compromise of all hosted workloads.

CInsufficient network segregation

Insufficient network segregation increases lateral movement risk after a breach but an attacker is still constrained to network-level access and cannot directly control or read the memory and disk of other VMs as a hypervisor compromise would allow.

DInsufficient hardening of Virtual Machines (VM)

Insufficient VM hardening exposes individual virtual machines to exploitation, but the impact is generally scoped to that specific VM rather than granting control over the entire host and all co-located VMs simultaneously.

Concept tested: Hypervisor security and VM escape impact

Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/hypervisor

Topics

#cloud security#hypervisor security#virtualization security#breach impact

Community Discussion

No community discussion yet for this question.

Full CISSP Practice