What is the impact of false positive alerts on business compared to true positive?
A.
True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.
B.
True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks identified as harmless.
C.
False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged.
D.
False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.
False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.
In the context of security alerts and detection systems, a "false positive" occurs when an alert is triggered for something that is not actually a security threat, potentially leading to confusion and wasted resources. On the other hand, a "true positive" is when the system correctly identifies a genuine security threat or attack attempt.
The correct answer is A. True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.
False positive alerts occur when an alert is generated indicating a threat or security incident, but upon investigation, it is determined to be a benign event or a result of a misconfiguration. On the other hand, true positive alerts are generated when an actual security incident or attack has occurred, and the alert accurately identifies it.
A false positive occurs when an alert or warning is triggered when no threat is present. For example, an antivirus program detecting a harmless file as malicious.
A false negative occurs when an alert or warning is not triggered when a threat is present. For example, a virus infecting a system without being detected by antivirus software.
A true positive occurs when an alert or warning is triggered correctly when a threat is present. For example, an intrusion detection system detecting a hacking attempt.
A true negative occurs when an alert or warning is not triggered correctly when no threat is present. For example, an intrusion detection system not detecting any malicious activity on a network that is in fact safe.
D. False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
AhmedAbdalla
6 months, 3 weeks agoFaio
9 months agoTopsecret
9 months, 3 weeks agoTopsecret
9 months, 3 weeks agodrdecker100
1 year, 2 months agoEng_ahmedyoussef
1 year, 6 months ago