Which of the following would BEST be defined as an abse…

adminDecember 21, 2017

Which of the following would BEST be defined as an absence or weakness of safeguard that could be
exploited?

PrepAway - Latest Free Exam Questions & Answers

A.
A threat.

B.
A vulnerability.

C.
A risk.

D.
An exposure.

Explanation:
A vulnerability is defined as “the absence or weakness of a safeguard that could be exploited”.
A vulnerability is a lack of a countermeasure or a weakness in a countermeasure that is in place. It can be a
software, hardware, procedural, or human weakness that can be exploited. A vulnerability may be a service
running on a server, unpatched applications or operating systems, an unrestricted wireless access point, an
open port on a firewall, lax physical security that allows anyone to enter a server room, or unenforced password
management on servers and workstations.
Incorrect Answers:
A: A threat is any potential danger that is associated with the exploitation of a vulnerability.
C: A risk is the likelihood of a threat agent exploiting a vulnerability and the corresponding business impact.
D: An exposure is an instance of being exposed to losses. A vulnerability exposes an organization to possible
damages.
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 26

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which of the following would BEST be defined as an abse…

Leave a Reply Cancel reply