The Hypervisor is a piece of software that provides abstraction of all physical resources (such as CPU, Memory, Network and Storage) and thus enables multiple computing stacks (basically made of an O/S and Application programs and optionally a middleware in some instances) called Virtual Machines (VMs) to be run on a single physical host. In addition, it may have the functionality to define a network within the single physical host (called virtual network) to enable communication among the VMs resident on that host as well as with physical and virtual machines outside the host. With all this functionality, the hypervisor has the responsibility to mediate access to physical resources, provide run time isolation among resident VMs and enable a virtual network that provides security-preserving communication flow among the VMs and between the VMs and the external network. To design a hypervisor with the core functionality described above, there are architectural options with each option presenting a different size of Trusted Computing Base (TCB) and hence different degree of ease in providing the required security assurance. Hence in providing security recommendations for the hypervisor, two different approaches have been adopted in this document– one approach based on architectural options that provide ease of security assurance and the second approach based on configuration choices that form part of its core administrative functions such as management of VMs, hypervisor host, hypervisor software and virtual networks.