A network administrator is trying to download a valid file from an internal server. However, the process triggers an alert on a NMS tool. What condition describes this alert?

A network administrator is trying to download a valid file from an internal server. However, the process triggers an alert on a NMS tool. What condition describes this alert?

• false negative
• false positive
• true negative
• true positive

Explanation: Alerts can be classified as follows:

True Positive: The alert has been verified to be an actual security incident.
False Positive: The alert does not indicate an actual security incident. Benign activity that results in a false positive is sometimes referred to as a benign trigger.
An alternative situation is that an alert was not generated. The absence of an alert can be classified as:

True Negative: No security incident has occurred. The activity is benign.
False Negative: An undetected incident has occurred.

Exam with this question: Modules 26 - 28: Analyzing Security Data Group Exam
Exam with this question: Modules 11 - 12: Intrusion Prevention Group Exam Answers
Exam with this question: Network Defense (NetDef) Course Final Exam Answers