ISC2 Certified Cloud Security Professional (CCSP) Practice Question
An organization is selecting a virtualization technology for its new public IaaS offering. Customer VMs will share physical hosts. The security team wants the architecture that minimizes dependence on a general-purpose host OS so that a compromised guest has the least opportunity to escalate privileges to the underlying hardware. Which option best meets this requirement?
Running a Type 2 hypervisor on top of a stripped-down Linux host operating system
Using a hosted desktop virtualization platform installed within a Windows Server OS
Hosting workloads in Linux containers managed by Kubernetes on each server
Deploying a Type 1 (bare-metal) hypervisor directly on the server hardware
A Type 1 hypervisor, also called a bare-metal hypervisor, installs directly on the server hardware and exposes virtualization services without first loading a conventional host operating system. Eliminating that extra software layer reduces the attack surface, making it harder for code running inside a guest VM to reach or manipulate the hardware resources.
A Type 2 hypervisor relies on a host OS; even when that OS is hardened, its kernel and services increase the paths an attacker could exploit. Containers share the host OS kernel entirely, so a kernel-level flaw could jeopardize every tenant. A desktop-oriented hosted virtualization platform likewise runs above a full OS, inheriting its vulnerabilities. Therefore, the bare-metal Type 1 approach offers the most secure isolation for multi-tenant cloud compute nodes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Type 1 hypervisor?
Open an interactive chat with Bash
What are the differences between Type 1 and Type 2 hypervisors?
Open an interactive chat with Bash
Why are containers less secure than Type 1 hypervisors for multi-tenant environments?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Platform & Infrastructure Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .