A weakness that can be exploited by an adversary to obtain your critical information.

Enhance your criminal investigation skills with our comprehensive CITP Exam 2 preparation. Test your knowledge with flashcards and multiple choice questions, each supported by hints and explanations. Get exam-ready now!

Multiple Choice

A weakness that can be exploited by an adversary to obtain your critical information.

A vulnerability is a weakness in a system, process, or control that an adversary could exploit to obtain your critical information. This might be a software flaw, misconfigured access rights, weak authentication, or even a susceptible human behavior that can be tricked or bypassed. The key idea is that a vulnerability is the gap that an attacker can take advantage of; once a threat actor exploits it, sensitive information can be compromised. In contrast, a threat is the potential for an attack or harmful action, not the flaw itself; an indicator is a sign that something has or might be happening; and OPSEC is the set of practices used to protect information, not a weakness. Therefore, the correct term is vulnerability because it directly describes the exploitable weakness that could lead to information exposure.

A weakness that can be exploited by an adversary to obtain your critical information.

Enhance your criminal investigation skills with our comprehensive CITP Exam 2 preparation. Test your knowledge with flashcards and multiple choice questions, each supported by hints and explanations. Get exam-ready now!

A weakness that can be exploited by an adversary to obtain your critical information.

Get the latest from Examzify