What does 'Risk' represent in information security? a. A confirmed security breach b. The cost of an attack c. The likelihood and impact of a threat exploiting a vulnerability d. A firewall misconfiguration
c. The likelihood and impact of a threat exploiting a vulnerability
In information security, 'risk' is typically defined as the combination of the likelihood of a threat exploiting a vulnerability and the impact that such an exploitation would have on an asset or organization.