350-701 · Question #345
What is the difference between a vulnerability and an exploit?
The correct answer is B. A vulnerability is a weakness that can be exploited by an attacker. A vulnerability is a weakness in a system or software that an attacker can take advantage of, while an exploit is the actual code or technique used to leverage that weakness.
Question
What is the difference between a vulnerability and an exploit?
Options
- AA vulnerability is a hypothetical event for an attacker to exploit
- BA vulnerability is a weakness that can be exploited by an attacker
- CAn exploit is a weakness that can cause a vulnerability in the network
- DAn exploit is a hypothetical event that causes a vulnerability in the network
How the community answered
(41 responses)- A5% (2)
- B90% (37)
- C2% (1)
- D2% (1)
Why each option
A vulnerability is a weakness in a system or software that an attacker can take advantage of, while an exploit is the actual code or technique used to leverage that weakness.
A vulnerability is a real existing weakness, not merely a hypothetical event.
A vulnerability is defined as a weakness or flaw in a system, application, or configuration that can be discovered and used by an attacker to compromise its security. An exploit, on the other hand, is the specific piece of code, software, or technique used to take advantage of a vulnerability to achieve an attacker's objective, such as gaining unauthorized access or executing malicious code.
An exploit uses a weakness (vulnerability); an exploit is not the weakness itself.
An exploit is a concrete tool or method, not a hypothetical event, and it uses vulnerabilities, it doesn't cause them.
Concept tested: Differentiating vulnerability and exploit
Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/glossary
Topics
Community Discussion
No community discussion yet for this question.