Last Updated on July 31, 2021 by Admin
Which of the following represents an exploitable, unpatched, and unmitigated weakness in software?
A vulnerability is a susceptibility to a threat that exists in a system that has not been mitigated. Patching would be a form of mitigation if it were used to address the vulnerability
When a security weakness or vulnerability exists in a system and threat actor takes advantage, the attack is considered an exploit. An example of a vulnerability is keeping ports open for nonessential services.
A threat is an external danger to which a system may or may not be vulnerable. Is it a potential danger that could take advantage of a system it is vulnerable. An attacker picking the lock of the back entrance to a facility is an example of a threat, not a vulnerability.
A breach is when an exploit is successful in providing unauthorized access to data.
Objective: Security Concepts
Sub-Objective: Compare and contrast these concepts: Risk, Threat, Vulnerability, Exploit