The likelihood of a given threat-source attempting to exploit a vulnerability is known as?

The likelihood of a given threat-source attempting to exploit a vulnerability is identified as risk. In the context of risk management, risk is generally defined as the combination of the probability of an event occurring and the impact that event would have on an organization. It encapsulates both the vulnerabilities present within a system and the potential threats that could take advantage of those vulnerabilities.

When evaluating risk, understanding the probability of exploitation helps organizations prioritize their resources and efforts to mitigate the most significant threats. This can involve implementing preventative measures, monitoring systems for suspicious activity, and planning for incidents if they occur. The focus on likelihood within the definition of risk emphasizes its role in proactive security measures.

In contrast, other choices are related but do not directly address the concept of risk as defined here. The adequacy of planned controls refers to whether security measures are sufficient to mitigate exposure to threats, while overall impact assessment looks at the consequences of a realized threat without specifically addressing its likelihood. "All relevant risks" is a broader term that does not pinpoint the likelihood aspect of risk directly. Therefore, understanding that risk is fundamentally about the likelihood of exploitation solidifies the choice of C as the correct answer.