nerdexam
EC-Council

312-50V11 · Question #711

It is an entity or event with the potential to adversely impact a system through unauthorized acces, destruction, disclosure, denial of service or modification of data. Which of the following terms be

The correct answer is C. Threat. The definition describes a Threat - any entity or event with the potential to cause harm to a system through unauthorized actions.

Information Security and Ethical Hacking Fundamentals

Question

It is an entity or event with the potential to adversely impact a system through unauthorized acces, destruction, disclosure, denial of service or modification of data. Which of the following terms best matches the definition?

Options

  • AAttack
  • BVulnerability
  • CThreat
  • DRisk

How the community answered

(21 responses)
  • C
    95% (20)
  • D
    5% (1)

Why each option

The definition describes a Threat - any entity or event with the potential to cause harm to a system through unauthorized actions.

AAttack

An attack is the actual execution or attempt to exploit a vulnerability, not merely the potential to cause harm.

BVulnerability

A vulnerability is a specific weakness or flaw in a system that can be exploited, not the external entity or event that could cause harm.

CThreatCorrect

In information security, a threat is formally defined as any circumstance or event with the potential to adversely impact organizational operations or assets through unauthorized access, destruction, disclosure, denial of service, or data modification. This definition aligns precisely with the NIST and CEH frameworks, which distinguish a threat from a risk (likelihood x impact) or a vulnerability (exploitable weakness). The threat itself does not require active exploitation - only the potential for harm.

DRisk

Risk is the probability that a threat will exploit a vulnerability combined with the resulting impact, not the threat itself.

Concept tested: Information security threat definition and taxonomy

Source: https://csrc.nist.gov/glossary/term/threat

Topics

#threat definition#security terminology#risk concepts#vulnerability vs threat

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice