Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

During a security assessment of an IaaS environment, you are asked to recommend a way to perform malware scanning on several hundred tenant VMs without installing an antivirus agent inside every guest. The method should leverage functionality already built into most enterprise hypervisors and keep the scanning engine isolated from the workloads. Which approach best satisfies these requirements?

  • Apply paravirtualized device drivers so malware scanning tasks are off-loaded to the guest kernel space.

  • Use virtual machine introspection to run an agentless antivirus appliance that inspects guests from the hypervisor layer.

  • Enable nested virtualization in each VM and deploy a lightweight scanning VM inside the guest.

  • Leverage cloud-init to automatically install and update an antivirus agent within every guest at boot time.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Platform & Infrastructure Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot