A security analyst is reviewing an infrastructure-as-a-service (IaaS) cloud that hosts many customer virtual machines on the same physical hardware. The analyst is concerned that a flaw in the virtualization layer could let one virtual machine break isolation, compromise the hypervisor, and gain control over every other guest. Which cloud threat identified by the Cloud Security Alliance does this scenario BEST illustrate?
This scenario represents the CSA threat category of shared technology vulnerabilities. Components such as hypervisors, CPU caches, and virtualized hardware are shared among multiple tenants in an IaaS cloud. If a vulnerability or misconfiguration allows a VM escape, an attacker can compromise the hypervisor and affect all other customers hosted on the same infrastructure. Insecure interfaces, data breaches, and account hijacking are important threats but they do not focus on vulnerabilities within the shared virtualization layer itself.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.