A network administrator is trying to download a valid file from an internal server. However, the process triggers an alert on a NMS tool. What condition describes this alert?
- false negative
- false positive
- true negative
- true positive
Explanation: Alerts can be classified as follows:
True Positive: The alert has been verified to be an actual security incident.
False Positive: The alert does not indicate an actual security incident. Benign activity that results in a false positive is sometimes referred to as a benign trigger.
An alternative situation is that an alert was not generated. The absence of an alert can be classified as:
True Negative: No security incident has occurred. The activity is benign.
False Negative: An undetected incident has occurred.
Exam with this question: Modules 26 - 28: Analyzing Security Data Group Exam
Exam with this question: Modules 11 - 12: Intrusion Prevention Group Exam Answers
Exam with this question: Network Defense (NetDef) Course Final Exam Answers
Please login or Register to submit your answer