Learn about the greatest software vulnerability risks in virtual server environments and how IS auditors assess them. Understand the impact of diverse guest OS, update frequencies, and antivirus implementations.
Table of Contents
Question
Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm for potential software vulnerabilities?
A. Guest operating systems are updated monthly.
B. Antivirus software has been implemented on the guest operating system only.
C. A variety of guest operating systems operate on one virtual server.
D. The hypervisor is updated quarterly.
Answer
C. A variety of guest operating systems operate on one virtual server.
Explanation
This scenario presents the greatest risk due to the potential for a single vulnerability to compromise multiple operating systems, escalating the impact significantly.
Explanation of other options:
Option A: Monthly updates are generally a good security practice, but the frequency may not be sufficient depending on the criticality of the systems and the emergence of new vulnerabilities.
Option B: Antivirus on guest OS only leaves the host OS and hypervisor susceptible to threats.
Option D: Quarterly updates for the hypervisor may not be frequent enough to address newly discovered vulnerabilities.
Isaca Certified Information Systems Auditor CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Isaca Certified Information Systems Auditor CISA exam and earn Isaca Certified Information Systems Auditor CISA certification.