Systems Security Certified Practitioner – SSCP – Question0536

A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a ?

A.
Vulnerability
B. Risk
C. Threat
D. Overflow

Correct Answer: A

Explanation:

The Answer: Vulnerability; Vulnerability is a weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Pages 16, 32.