Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam SY0-501 topic 1 question 899 discussion

Actual exam question from CompTIA's SY0-501
Question #: 899
Topic #: 1
[All SY0-501 Questions]

Which of the following explains why a vulnerability scan might return a false positive?

  • A. The scan is performed at a time of day when the vulnerability does not exist.
  • B. The test is performed against the wrong host.
  • C. The signature matches the product but not the version information.
  • D. The hosts are evaluated based on an OS-specific profile.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Kalich at Nov. 24, 2020, 3:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
DisasterRec
Highly Voted 3 years, 4 months ago
A is wrong, B sound weird, as vulnerability scan is signature nature I would go for C.
upvoted 10 times
Groove120
3 years, 3 months ago
Can't confirm in my books but this seems to fortify your and idolL's thoughts: "A false positive might occur when the scanner can read only the configuration information from service banners. For example, a scanner that reads an Apache banner can detect that only version 2.2.15 is installed from the HTTP banner, even when version 2.2.15-39 is also installed and that the version contains a software fix that was backported. " https://www.ibm.com/support/knowledgecenter/en/SSKMKU/com.ibm.qradar.doc/c_qvm_false_positive_vulns.html
upvoted 4 times
...
idoIL
3 years, 4 months ago
C for example banner garbing
upvoted 5 times
...
...
buzz_lightbeer
Highly Voted 3 years, 4 months ago
(A) is not correct, because "false positive" means the scan found something (even though there is no vulnerability).
upvoted 7 times
...
yeaggie
Most Recent 3 years ago
C. Seems right
upvoted 2 times
...
simo77
3 years ago
correct answer is c
upvoted 1 times
...
mcNik
3 years, 2 months ago
Answer is D . they ask what could return false positive , well from all answers "The hosts are evaluated based on an OS-specific profile.". If you run OS specific VS against OS which does not match, what would you expect to happen.
upvoted 4 times
Cindan
3 years, 1 month ago
That's correct. Guys please read it and you will come to D. Who needs the d
upvoted 4 times
[Removed]
3 years ago
Comptia exam writers need the D
upvoted 4 times
...
...
...
Lumeya
3 years, 3 months ago
I think there is no correct answer for this question.
upvoted 2 times
stibadd
3 years, 2 months ago
The given answer is correct. The computer clock/time is out of sync with the NTP/server protocol. So, Yes the vulnerability does not exist at that time for that node. Reboot the computer so that the clock /time can sync to the correct current time. We had to do this as part of our turnover routine when we were starting and leaving our shifts when I worked as a datacenter tech.
upvoted 5 times
Funkydave
3 years ago
possibly the worst answer i've came across yet
upvoted 4 times
...
...
...
Lumeya
3 years, 3 months ago
A would be correct if the question were "Which of the following explains why a vulnerability scan might return a false negative?" Not false positive. False positive = The vulnerability does not exist. False negative = The vulnerability exists, but not detected.
upvoted 2 times
...
agapetus
3 years, 3 months ago
disregard my last.
upvoted 1 times
...
agapetus
3 years, 3 months ago
I have found "B" as the correct answer on several different sites and in my text book.
upvoted 1 times
...
exiledwl
3 years, 4 months ago
A would be false negative...Not sure what correct answer is either C or D but def not A
upvoted 1 times
...
kumax
3 years, 4 months ago
The scan is performed at a time of day when the vulnerability does not exist. <= Zero-Day
upvoted 1 times
...
Kalich
3 years, 5 months ago
shouldn't be B? any help please?
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel