Information
Guest Operations are a set of functions that underpin most host-to-guest interaction. Deactivating them reduces attack surface but also drastically reduces functionality. Ensure that your environment does not require these functions. Do not do this on template VMs. For a list of functions see:
https://vdc-download.vmware.com/vmwb-repository/dcr-public/fe08899f-1eec-4d8d-b3bc-a6664c168c2c/7fdf97a1-4c0d-4be0-9d43-2ceebbc174d9/doc/vim.vm.guest.GuestOperationsManager.html
Reducing the attack surface by deactivating unnecessary functions is a standard security measure. This control is crucial for mitigating risks associated with host-to-guest interactions.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Impact:
Deactivation of Guest Operations can hinder the functionality of certain products and services within the VMware ecosystem, requiring alternative configurations or methods to maintain required functionalities. This includes guest customization.