Which classification indicates that an alert is verified as an actual security incident?
- false negative
- true positive
- false positive
- true negative
Explanation: Alerts can be classified as follows:
True Positive: The alert has been verified to be an actual security incident.
False Positive: The alert does not indicate an actual security incident. Benign activity that results in a false positive is sometimes referred to as a benign trigger.
An alternative situation is that an alert was not generated. The absence of an alert can be classified as follows:
True Negative: No security incident has occurred. The activity is benign.
False Negative: An undetected incident has occurred.
Exam with this question: Checkpoint Exam: Analyzing Security Data Group Exam
Exam with this question: Module 12: Quiz – IPS Operation and Implementation Network Security
Exam with this question: Checkpoint Exam: Evaluating Security Alerts Answers
Please login or Register to submit your answer