O'Reilly logo
  • Sreeman Mishra thinks this is interesting:

Software flaws can be considered vulnerabilities if they can be exploited in a way that can prevent the software's reliable information and:

  1. They are outside the control of an attacker.

  2. They are externally accessible to an attacker.

  3. They are extensible by an attacker.

  4. They are part of the attack surface.

Answer: A

Option B is the correct answer. A, C and D are distracters

From

Cover of The CSSLP™ Prep Guide: Mastering the Certified Secure Software Lifecycle Professional

Note

There is a mismatch in Answer, which says its "A" and explanation below says Option "B" is the correct answer and "A" is a distractor.