Certificate of Cloud Security Knowledge (CCSK) — Question 27

ENISA: `VM hopping` is:

Answer options

• A. Improper management of VM instances, causing customer VMs to be commingled with other customer systems.
• B. Looping within virtualized routing systems.
• C. Lack of vulnerability management standards.
• D. Using a compromised VM to exploit a hypervisor, used to take control of other VMs.
• E. Instability in VM patch management causing VM routing errors.

Correct answer: D

Explanation

The correct answer, D, describes how an attacker can use a compromised VM to gain unauthorized access to a hypervisor, allowing control over other VMs. The other options discuss different issues related to virtualization but do not accurately define VM hopping.