PrepAway - Latest Free Exam Questions & Answers

Which of the following does a lack of adequate security controls represent?

Which of the following does a lack of adequate security controls represent?

PrepAway - Latest Free Exam Questions & Answers

A.
Threat

B.
Asset

C.
Impact

D.
Vulnerability

Explanation:

The lack of adequate security controls represents a vulnerability, exposing sensitive information
and data to the risk of malicious damage, attack or unauthorized access by hackers. This could
result in a loss of sensitive information and lead to theloss of goodwill for the organization. A
succinct definition of risk is provided by the Guidelines for the Management of IT Security
published by the International Organization for Standardization (ISO), which defines risk as the
‘potential that a given threat will exploit the vulnerability of an asset or group of assets to cause
loss or damage to the assets.’ The various elements of the definition are vulnerability, threat, asset
and impact. Lack of adequate security functionalityin this context is a vulnerability.

2 Comments on “Which of the following does a lack of adequate security controls represent?

    1. Akin says:

      I think its the other way around. You have to be vulnerable first, only then you can have threat. threat must have vulnerability to exploit. When these two materialize, then you have Risk.




      0



      0

Leave a Reply