Information Security Officer Question: Download Information Security Professional PDF
Tell me what’s the difference between a threat, vulnerability, and a risk?
Answer:
As weak as the CISSP is as a security certification it does teach some good concepts. Knowing basics like risk, vulnerability, threat, exposure, etc. (and being able to differentiate them) is important for a security professional. Ask as many of these as you’d like, but keep in mind that there are a few differing schools on this. Just look for solid answers that are self-consistent.
Previous Question | Next Question |
What is certified Firewall Analyst? | Explain what do you think of social networking sites such as Facebook and LinkedIn? |