When is a virtual machine susceptible to attacks while a physical server in the same state would not be?
When is a virtual machine susceptible to attacks while a physical server in the same state would not be?
A virtual machine is ultimately an image file residing on a file system. Because of this, even when a virtual machine is powered off, it is still susceptible to attacks and modification. For example, if the hypervisor or host system it resides on is compromised, the offline VM’s resources can be accessed or tampered with. A physical server that is powered off, however, is much less vulnerable since it typically requires physical access to be compromised.
Should be D, since vm is still vulnerable even when powered off, because if hypervisor or host machine gets compromised while powered ON, offline VM can be the target still. Physical machine when offline is not accessible .
Patch issues exists in both cases.
why not option C ? un-patched VM's can be susceptible to attacks.
I believe that the stipulation of the question that a physical server would not be susceptible to the same attack would disqualify C as both VMs and Physical servers are susceptible if unpatched.
C. When it is not patched
C. When it is not patched
When a virtual machine (VM) is powered off, it's still susceptible to certain types of attacks; whereas a physical server in the same state would not be.
When a VM is not patched, it remains susceptible to attacks even when powered off. In contrast, a powered-off physical server is less exposed.
I apologize for any confusion earlier. Let's address the question directly: When is a virtual machine susceptible to attacks while a physical server in the same state would not be? The correct answer is: D. When it is powered off Explanation: Powered-off Virtual Machine (VM): Even when a virtual machine is powered off, its virtual disks and configurations are still stored on the hypervisor's storage system. While access to these resources is typically secured, vulnerabilities could potentially be exploited through administrative interfaces or if snapshots are not properly managed or encrypted. Powered-off Physical Server: A powered-off physical server, on the other hand, typically requires physical access to the server hardware to compromise its data or security. Physical security measures such as locked server rooms or cabinets provide significant protection against unauthorized access.