Which virtual machine characteristic may create unnecessary risk if inactive for extended periods?

The characteristic that creates unnecessary risk when inactive for extended periods is dormant virtual machines (VMs). When a VM is dormant, it means that it is powered off or not actively in use, yet it still maintains its virtual hard disk and other configurations. This inactivity can pose security risks for several reasons.

First, dormant VMs may still contain sensitive data or configurations that could be vulnerable to unauthorized access. If these VMs are not regularly monitored or managed, they can become targets for attackers who might exploit the data they hold, as their inactivity can lead to a lack of security patches and updates being applied.

Secondly, dormant VMs may not benefit from security measures that are in effect for actively used systems. Without regular updates, they may miss critical security patches, leaving them susceptible to known vulnerabilities. This can create a situation where organizations unknowingly retain insecure systems within their infrastructure.

Maintaining an inventory of active and dormant VMs, along with applying best security practices, helps mitigate risks associated with these inactive resources. This underscores the importance of not only managing live environments but also keeping track of and securing dormant systems to prevent situations where they could be exploited.