200-201 Question #256: Real Exam Question with Answer & Explanation

Question

What is the difference between vulnerability and risk?

Options

• AA vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of
• BA risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself
• CA vulnerability represents a flaw in a security that can be exploited, and the risk is the potential
• DA risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an

Explanation

Vulnerability: A vulnerability is a weakness or flaw in a system, application, network, or process that could be exploited by a threat actor to compromise the security of that system. It represents a potential entry point or weakness that could be targeted by attackers. Examples include unpatched software, misconfigured settings, or design flaws that could be exploited. Risk: Risk refers to the possibility of harm or loss resulting from exploiting a vulnerability. It encompasses the potential impact or damage that could occur if a vulnerability is exploited by a threat actor. Risk considers the likelihood of an exploit occurring and the potential consequences or impact on an organization's assets, operations, or reputation.

No community discussion yet for this question.