Appendix A

Answers to Domain Review Questions

Domain 1 – Security and Risk Management

  1. Within the realm of IT security, which of the following combinations best defines risk?
    1. Threat coupled with a breach
    2. Threat coupled with a vulnerability
    3. Vulnerability coupled with an attack
    4. Threat coupled with a breach of security

Answer: B

A vulnerability is a lack of a countermeasure or a weakness in a countermeasure that is in place. A threat is any potential danger that is associated with the exploitation of a vulnerability. The threat is that someone, or something, will identify a specific vulnerability and use it against the company or individual. ...

Get Official (ISC)2 Guide to the CISSP CBK, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.