Cisco Exam 200-201 Topic 1 Question 108 Discussion

Actual exam question for Cisco's 200-201 exam

Question #: 108
Topic #: 1

What is the difference between an attack vector and attack surface?

AAn attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.

BAn attack vector identifies components that can be exploited, and an attack surface identifies the potential path an attack can take to penetrate the network.

CAn attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities.

DAn attack vector identifies the potential outcomes of an attack; and an attack surface launches an attack using several methods against the identified vulnerabilities.

Show Suggested Answer

Suggested Answer: B

An attack vector is the method or technique that an attacker uses to exploit a vulnerability in a system or network. An attack vector can be a software, hardware, or human component that can be manipulated to gain unauthorized access, execute malicious code, or cause damage. An attack surface is the sum of all the possible attack vectors that are exposed by a system or network. An attack surface can be reduced by applying security measures such as patching, hardening, firewalling, and encrypting.Reference:Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) - Cisco, page 1-4;200-201 CBROPS - Cisco, exam topic 1.1.c

by Stevie at Apr 08, 2025, 01:42 PM

Limited Time Offer

25%

24 days ago

I think the answer is B.

upvoted 0 times

...