So, just to re-emphasize what everyone has said to this point, you will never have 100% protection. There are a number of discussions on the Internet about the eventual possibility that malware could break out of the VM and infect the host.
So that is something you have to address no matter how you configure your VM. I would encourage you to do things like update your software for your VMs on your host (VirtualBox) regularly and disable features like shared clipboard, shared folders, and drag and drop.
If you don't need to save things to the VM then again, I would recommend making your virtual machine hard drive immutable. If you decide that is what you want and you need help doing that, please let me know and I will be glad to give you instructions.
Problem with bridged network: you let malware full access to you real network.
Problem with VBox NAT: you cannot control connectivity at will (the way you can do with an external NAT solution).
That depends on how you configure your network. ;) A very important question you still answer is if you need the VM to have Internet access? If you do, then regardless of what networking option you choose you still have to protect the VM from getting infected. Again, please refer to the previous recommendations. If you don't, then choose "Not Attached".
I think a few things you need to consider are ways that a computer usually get infected. Usually, a computer is infected by the user doing something (Clicking an advertisement, opening an attachment in an email, or going to an infected web site). But also realize that if your host gets infected, the attacker may be able to access your VM so this isn't a pick and choose situation. You have to protect BOTH your VM and your HOST. If you don't protect the host, you have put your host and VM at risk. If you don't protect your VM, you have put your VM at risk.
If you don't need Internet on your VM, select "Not Attached" for the "Attach to" in the VM's network configuration. If you do need Internet on your VM, follow all of the normal security practices you would on your host.
If you don't need to save files on your VM make the VM hard drive immutable. If you do need to save files on your VM, you can save them to a flash drive which you can set a filter for in VirtualBox so only that flash drive connects to the VM. You can burn the files to CD. You can store the files in the cloud.
You can VLAN your VM to put it on a different network than your host. To do that you need to use Bridged. Please be aware, VLANs are an advanced networking concept and in some cases even get little help on the VirtualBox forums.
the VM has to be completely isolated from the Real Machine so that any malware should infect the VM despite all the precautions taken, it won't touch my W7 OS or any other file on my computer
So your biggest concern is about malware that will spread over your network?
Really, the solution is no different than what you do to protect your host from becoming the source of a network spread virus.
More best practices for security are available on Symantec's Website.
If you are very concerned that your VM is going to get infected and that the infection will spread to other computers connected to your network, you need to either VLAN the traffic on the VM to a different network your host is not connected to or place a type of firewall, IDS, IPS between your VM and the host.
You can do this by creating an additional VM that will be a virtual firewall, IDS, IPS appliance and connecting one virtual network adapter from the virtual firewall, IDS, IPS appliance to the VM and the other virtual network adapter from the appliance to the host.
That is a process that is better suited for the Networking forum. If you do decide you want to add a virtual firewall, IDS, IPS appliance and install it between your VM and your host, please ask that question in the Networking forum and send me a PM.
Edited by packetanalyzer, 25 January 2016 - 02:00 PM.