A company provides on-demand cloud computing resources for a sensitive project. The company implements a
fully virtualized datacenter and terminal server access with two-factor authentication for customer access to the
administrative website. The security administrator at the company has uncovered a breach in data
confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B.
Company B is not in the same industry as company A and the two are not competitors. Which of the following
has MOST likely occurred?

A.
Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each
and move the data.

B.
A stolen two factor token was used to move data from one virtual guest to another host on the same
network segment.

C.
A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to
gain unauthorized access.

D.
An employee with administrative access to the virtual guests was able to dump the guest memory onto a
mapped disk.