CISSP PRACTICE QUESTIONS – 20200216

Effective CISSP Questions

There is no consistent definition of “threat,” and people tend to use this term literally or intuitively. As a threat may refer to the threat source, threat event, or risk exposure, which of the following is least likely to be a threat?
A. Script kiddie
B. The financial loss of millions of dollars
C. Unpatched servers
D. Initiating SQL injection using SQLMap


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Unpatched servers.

Common Expressions of Threat

  • The threat is enormous! (magnitude of threat; risk exposure)
  • It (hacktivist) is a considerable threat to information systems. (threat source)
  • The threat escalates privileges through a buffer overflow. (threat event)

A. Script kiddie => threat source
B. The financial loss of millions of dollars => risk exposure
C. Unpatched servers => vulnerability
D. Initiating SQL injection using SQLMap => threat event

 


“威脅”一詞沒有統一的定義,人們傾向於從字面上或直覺地使用此術語。 因此威脅可能是指威脅來源、威脅事件或曝險程度,以下哪項最不可能是威脅?
A. 劇本小子 (Script kiddie)
B. 數百萬美元的財務損失
C. 未修補的服務器
D. 使用SQLMap啟動SQL Injection

1 thought on “CISSP PRACTICE QUESTIONS – 20200216

Leave a Reply