A weakness or lack of a safeguard, which may be exploit…

adminDecember 20, 2017

A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information
systems or networks is called:

PrepAway - Latest Free Exam Questions & Answers

A.
a vulnerability.

B.
a risk.

C.
a threat.

D.
an overflow.

Explanation:
A vulnerability is defined as “the absence or weakness of a safeguard that could be exploited”.
A vulnerability is a lack of a countermeasure or a weakness in a countermeasure that is in place. It can be a
software, hardware, procedural, or human weakness that can be exploited. A vulnerability may be a service
running on a server, unpatched applications or operating systems, an unrestricted wireless access point, an
open port on a firewall, lax physical security that allows anyone to enter a server room, or unenforced password
management on servers and workstations.
Incorrect Answers:
B: A risk is the likelihood of a threat agent exploiting a vulnerability and the corresponding business impact.C: A threat is any potential danger that is associated with the exploitation of a vulnerability.
D: An overflow is not what is described in this question.
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 26

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

A weakness or lack of a safeguard, which may be exploit…

Leave a Reply Cancel reply