Which type of alert is generated when an IPS incorrectly identifies normal network user traffic as attack traffic?
- true positive
- true negative
- false negative
- false positive
Explanation: A false positive occurs when an IPS generates an alarm after processing normal user network traffic. The IPS must be tuned to change these alarm types to true negatives. The alert does not indicate an actual security incident. Benign activity that results in a false positive is sometimes referred to as a benign trigger. False positives are costly because they must be investigated.
Exam with this question: Module 12: Quiz – IPS Operation and Implementation Network Security
Please login or Register to submit your answer