Think of it as a separate PC accessed from your windows 7 PC.
This separate PC needs all the protection you would have applied to a XP PC. Otherwise it can be taken over by virus and malware
If malware gets into your XP mode of course it then has access to the hard drive and get infect windows 7 as well.
Any data you download on this PC will use storage space on the hard drive of your machine programs will have entries in the XP registry not the windows 7 registry and therefore often cannot be used in windows 7 only XP mode.