A user on a virtual machine downloads a large file using a popular peer-to-peer torrent program.
The user is unable to execute the program on their VM. A security administrator scans the VM and
detects a virus in the program. The administrator reviews the hypervisor logs and correlates
several access attempts to the time of execution of the virus. Which of the following is the MOST
likely explanation for this behavior?
A.
The hypervisor host does not have hardware acceleration enabled and does not allow DEP.
B.
The virus scanner on the VM changes file extensions of all programs downloaded via P2P to
prevent execution.
C.
The virtual machine is configured to require administrator rights to execute all programs.
D.
The virus is trying to access a virtual device which the hypervisor is configured to restrict.