CompTIA CASP+ (CAS-003) — Question 126

An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker could gain access to multiple user environments by simply gaining a foothold on a single one with malware. Which of the following reasons BEST explains this?

Answer options

• A. Malware on one virtual environment could enable pivoting to others by leveraging vulnerabilities in the hypervisor.
• B. A worm on one virtual environment could spread to others by taking advantage of guest OS networking services vulnerabilities.
• C. One virtual environment may have one or more application-layer vulnerabilities, which could allow an attacker to escape that environment.
• D. Malware on one virtual user environment could be copied to all others by the attached network storage controller.

Correct answer: C

Explanation

The correct answer is C because application-layer vulnerabilities can allow an attacker to break out of the isolated environment, gaining access to other environments. Options A and B involve potential flaws related to the hypervisor and networking services, but they don't directly address the escape from the environment. Option D incorrectly suggests malware can be transferred via network storage, which is not the primary concern in this context.