ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your company runs several regulated workloads on a multi-tenant public IaaS platform. While preparing for an upcoming compliance audit, internal auditors request direct access to the provider's hypervisor configuration and patch records. The cloud provider declines, stating that customers cannot inspect the underlying virtualization layer. Which assurance challenge of virtualization and cloud computing is best illustrated by this situation?
Loss of direct visibility and control over the cloud provider's underlying infrastructure.
The inherent single point of failure represented by the cloud provider's hypervisor layer.
The risk of hypervisor escape attacks between co-tenants in the same physical server.
Residual data remaining on de-provisioned virtual disks due to rapid elasticity.
In public cloud and other multi-tenant environments, customers no longer control or even see the physical and virtualization layers that host their workloads. This lack of direct physical and logical access makes it difficult for auditors to obtain evidence about underlying controls such as hypervisor hardening and patch management. The primary assurance challenge is therefore loss of visibility and control over the infrastructure owned and managed by the cloud provider. While hypervisor vulnerabilities, single points of failure, or data remanence are genuine concerns, they describe technical risks rather than the audit-specific problem of being unable to gain sufficient assurance because the infrastructure is outside the customer's span of control.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why can't customers access the cloud provider's hypervisor configuration?
Open an interactive chat with Bash
What does 'loss of visibility and control' mean in cloud computing?
Open an interactive chat with Bash
What are hypervisor escape attacks, and why aren't they the main issue here?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Legal, Risk and Compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .