The difference between a threat and an attack would be that a threat is a known issue where a person or organization is planning an attack or has indicated that an attack may take place.  An attack would be the actual occurrence of the cybersecurity attack, whether it be a DDoS or some other attack against an individual or organization. Exploits related to vulnerabilities in that they are created and normally only work while the vulnerability exists.  For instance, software is often patched to removed vulnerabilities.  Which in turn makes the current exploit unusable until a new vulnerability is discovered and a new exploit is developed.  In my opinion, it is ethically acceptable to study and use the attack methods described in the module.  By learning the tools and methods of hackers, it makes it much easier to learn the weaknesses of systems and the ways in which to prevent these attacks.  I believe law enforcement sometimes works in a similar fashion.  Where an undercover cop might let a few things slide, such as drug deals and violence, in the short terms.  So that they can build a stronger case against the individuals.