CompTIA CySA+ (CS0-002) — Question 263

An organization's internal department frequently uses a cloud provider to store large amounts of sensitive data. A threat actor has deployed a virtual machine to attack another virtual machine to gain access to the data. Through the use of the cloud host's hypervisor, the threat actor has escalated the access rights. Which of the following actions would be BEST to remediate the vulnerability the attacker has used to exploit the system?

Answer options

• A. Sandbox the virtual machine.
• B. Implement an MFA solution.
• C. Update to the secure hypervisor version.
• D. Implement dedicated hardware for each customer.

Correct answer: C

Explanation

Updating to the secure hypervisor version is the best option because it addresses vulnerabilities in the hypervisor that the attacker exploited to gain escalated privileges. The other options, while beneficial for security, do not directly mitigate the specific vulnerability associated with the hypervisor that allowed access escalation.