network is compromised => Exploit
lack of an access list => Vulnerability
configuration review => Risk Assessment
leakage of condidential information => Threat
Exploit = network is compromised
"[...] exploit means to take advantage of a vulnerability [...] an exploit refers to a tool, typically in the form of source or binary code."
So by taking advantage of the vulnerability the network is compromised.
Vulnerability - lack of an access list
"A vulnerability is any weakness (known or unknown) in a system, process, or other entity that could lead to its security being compromised by a threat."
So not having an ACL could be considered an vulnerability which is then compromised by the threat.
Risk Assessment - configuration review
"risk constitutes a specific vulnerability matched to a specific threat"
So risk assessment work to check for vulenrabilities so doing configuration review matches this.
Threat - leakage of confidential information
"A threat is any action that could disrupt, harm, destroy, or otherwise adversely affect an information system."
This will negativly affect the information system, none of the other options does this so this should be the threat.
Vulnerability ==> Lack of an access list
Exploit ==> Network is compromised
Threat ==> leakage of confidential information
Risk Assessment ==> Configuration review
Network is compromised: An exploit is a specific type of attack or technique that is used to take advantage of a vulnerability in a system or network. If an attacker successfully exploits a vulnerability, they may be able to compromise a network and gain unauthorized access to its resources.
Leakage of confidential information: A threat is any potential danger or risk to the confidentiality, integrity, or availability of a system or network. If confidential information is leaked, it represents a potential threat to the confidentiality of that information, as well as to the reputation and legal liability of the organization that owns it.
Vulnerability ==> Lack of an access list
Exploit ==> Network is compromised
Threat ==> leakage of confidential information
Risk Assessment ==> Configuration review
For me the answer is correct, based on the definitions:
risk assessment
The process of identifying risks to organizational operations. Synonymous with risk analysis.
vulnerability
Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability.
Cyber Threat
Any circumstance or event with the potential to adversely impact organizational operations.
Network is compromised by a Cyber Threat
Lack of an Access List is a Vulnerability of a system
Risk assessment does Configuration Review
An Exploit causes a Leakage of confidential information
Answer:
Network is compromised <--> Threat
Lack of an Access List <--> Vulnerability
Configuration Review <--> Risk assessment
Leakage of confidential information <--> Exploit
A Threat is a consequence an organization faces when a vulnerability has been exploited.
So the leakage of confidential information is the threat and not the exploit.
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nataldogomes
Highly Voted 2 years, 8 months agoLeo_Visser
Highly Voted 2 years, 10 months agoLeo_Visser
2 years, 10 months agoWISDOM2080
Most Recent 8 months, 2 weeks agodrdecker100
1 year, 2 months agoEng_ahmedyoussef
1 year, 7 months agoanonymous1966
2 years, 8 months agoanonymous1966
2 years, 7 months agoadodoccletus
1 year, 10 months agoBlackDealth
2 years, 10 months ago