Path and resourceType both are used for registering the servlet.
When we register a servlet using path, we must be specific what all paths are allowed as If we define something randomly, our servlet might not be function properly. Only a limited set of paths are allowed and the rest are blocked. We can add more path using Apache Sling Servlet / Script Resolver and Error Handler. Allowing more paths to execute servlet to make your application vulnerable. like below image

That’s why you should not open more doors for servlets to run until and unless it is required. You might also need to tell specific paths to your consumers, who are consuming servlet response using ajax and any change in that path could have a serious affect.
This might not be the case when you use resourceType. Sling Engine will take care of permissions if you register servlet using Resource Type. Users who cannot access a particular resource will not be able to invoke the servlet.
There is a good article by Ankur. please check this and let us know if you have any question in this.
http://www.aemcq5tutorials.com/tutorials/sling-servlet-in-aem/#advantages_selector_over_path
http://www.aemcq5tutorials.com/tutorials/sling-servlet-in-aem/
~ Prince