Question 36
Domain 3: Infrastructure, Network, and Workload SecurityIn a virtualized cloud environment, which component is responsible for enforcing isolation between virtual machines running on the same physical host?
Correct answer: B
Explanation
The hypervisor enforces isolation between virtual machines on the same physical host by controlling access to hardware resources and separating each VM’s execution environment. In virtualization, the hypervisor is the layer that manages and partitions the underlying physical machine, so VMs remain isolated from one another.
Why each option is right or wrong
A. The guest operating systems
B. The hypervisor
The hypervisor is the software layer that sits directly on the physical host and mediates each VM’s access to CPU, memory, storage, and network resources, which is what prevents one guest from directly interacting with another. In both Type 1 and Type 2 virtualization, this control point is the mechanism that enforces separation between VMs on the same machine; without it, the guests would share hardware with no enforced boundary.
C. The network firewall only
D. The storage array