nerdexam
ExamsCAS-002Questions#363
CompTIA

CAS-002 · Question #363

CAS-002 Question #363: Real Exam Question with Answer & Explanation

The correct answer is C: Determining the weaknesses in your network that would allow a threat to be exploited. Weaknesses in your network due to inherent technology weaknesses, mis-configuration, or lapses in security are vulnerabilities. Answer option A is incorrect. Determining the threats to your network is threat assessment not vulnerability assessment. In fact this phase is done befo

Question

Which of the following is the best description of vulnerability assessment?

Options

  • ADetermining what threats exist to your network.
  • BDetermining the impact to your network if a threat is exploited.
  • CDetermining the weaknesses in your network that would allow a threat to be exploited
  • DDetermining the likelihood of a given threat being exploited.

Explanation

Weaknesses in your network due to inherent technology weaknesses, mis-configuration, or lapses in security are vulnerabilities. Answer option A is incorrect. Determining the threats to your network is threat assessment not vulnerability assessment. In fact this phase is done before vulnerability assessment Answer option D is incorrect. Determining the likelihood of a given attack is likelihood assessment. This would be done after vulnerability assessment. Answer option B is incorrect. Impact analysis is certainly important, but this is done after vulnerability assessment.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-002 Practice