What is a vulnerability as defined in the ISO 27000 vocabulary?
-
A
A confirmed attack that has compromised an information asset
-
B
A weakness of an asset or control that can be exploited by one or more threats
-
C
The complete absence of security controls in an ISMS
-
D
A type of malware specifically targeting ISO-certified organizations