Which of the following does a lack of adequate security controls represent?

ISO-IEC-27001 Lead Auditor V1 0 Comments

Which of the following does a lack of adequate security controls represent?
A . Asset
B . Vulnerability
C . Impact
D . Threat

Answer: B

Explanation:

A lack of adequate security controls represents a vulnerability, which is a weakness or flaw in an asset or its protection that can be exploited by a threat. A vulnerability can increase the likelihood or impact of a security incident, and therefore should be identified and treated as part of the risk management process. ISO/IEC 27001:2022 defines vulnerability as “the absence or weakness of a safeguard that could be exploited by a threat source” (see clause 3.49).

Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements

Latest ISO-IEC-27001 Lead Auditor Dumps Valid Version with 100 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download ISO-IEC-27001 Lead Auditor PDF     ISO-IEC-27001 Lead Auditor Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments