Systems Security Certified Practitioner (SSCP) — Question 83

What is called the probability that a threat to an information system will materialize?

Answer options

• A. Threat
• B. Risk
• C. Vulnerability
• D. Hole

Correct answer:

Explanation

The correct answer is 'Risk', which refers to the chance that a threat may impact an information system. 'Threat' refers to a potential danger, 'Vulnerability' indicates weaknesses in the system, and 'Hole' typically describes a specific type of security flaw, none of which directly relate to the probability of occurrence.