An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?
A false positive is a false alarm. A false negative state is the most serious and dangerous state. This is when the IDS identifies an activity as acceptable when the activity is actually an attack. That is, a false negative is when the IDS fails to catch an attack.
False positive is the answer. Incorrectly identifies a vulnerability meaning vulnerability doesn't exist but it still identifies it which might waste a lot of resources in verifying it.
Answer: C (False Positive)
A false positive incorrectly raises an alert indicating an attack
when an attack is not active. False positives increase the workload of
administrators. A false negative is when an attack is active, but not
reported. Source: Get Certified Get Ahead.
Answer False Positive. From NIST.gov on IDPS states: "Incorrectly identifying benign activity as malicious is known as a false positive; the opposite case, failing to identify malicious activity, is a false negative."
It's pretty easy: it's works like in medical tests. If the test IDENTIFIES something, the result is POSITIVE; if this "thing" that was identified is correct (correct identification of a problem) then it's a TRUE POSITIVE; if the "thing" that was identified is incorrect (incorrect identification of a problem) then it's a FALSE POSITIVE.
On the opposite side if the test does NOT identify any desease, the result is NEGATIVE; if there was really no desease to find, then it is a TRUE NEGATIVE; if there was something to find (and the test didn't find it) then it is a FALSE NEGATIVE.
In this case it identified something, so the result is POSITIVE; however as this identification was incorrect ("incorrectly identified") it is a FALSE POSITIVE.
False Negative is correct. It specifies a VULNERABILITY being identified incorrectly, therefore the threat exists but is not identified. By the way, I think that a lot of the answers are marked wrong on purpose by the website admins. This might allow them to not get shut down for test compromise. Not sure though.
It should be 'false positive' because "incorrectly identify the vulnerability" means there are actually NO vulnerability, which stands for a ''positive' thing.
false positive would be the answer since a source code review is the examination of an application source code to find errors overlooked in the intial development phase. A tester launches a code analyzer thats scans line by line of an application. Once the analyzer finds vulnerabilities,, the pentester manually checks them to eliminate false positives
This should be false negative. It says that it "incorrectly identified THE vulnerability", meaning that there is a vulnerability that wasn't identified. from www.whitehatsec.com: "False Positives occur when a scanner, Web Application Firewall (WAF), or Intrusion Prevention System (IPS) flags a security vulnerability that you do not have. A false negative is the opposite of a false positive, telling you that you don't have a vulnerability when in fact you do". We have a vulnerability that wasn't detected, therefore it's a false negative.
incorrectly identifies a vulnerability implies that a vulnerability exists, and if it exists and incorrectly identified, then it is a false negative. a false positive is when there is no vulnerability but the system identifies ones anyways.
"incorrectly identifies a vulnerability" would mean that it identified a vulnerability that doesn't exist and is a false positive. "Incorrectly identifies the vulnerability" is a false negative since it didn't identify the vulnerability that exists.
should be False negative. the question ask "when incorrectly identifies a vulnerability" a vulnerability is a risk, and incorrect is false, therefore, false negative.
False Positive: a test result which incorrectly indicates that a particular condition or attribute is present.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SirFrates24
Highly Voted 4 years, 11 months agoHanzero
Most Recent 4 years, 7 months agoTauhid
4 years, 8 months agoArist
4 years, 9 months agomlonz
4 years, 9 months agoDuranio
4 years, 9 months agoBlaze42
4 years, 9 months agoCrimson
4 years, 9 months agoMagicianRecon
4 years, 10 months agoAWS_NEWBIE_2020
4 years, 10 months agoSirFrates24
4 years, 11 months agocolamix
4 years, 11 months agoEnder89
4 years, 12 months agoClintBeavers
5 years agoEnder89
4 years, 12 months agoClintBeavers
5 years agozaws
5 years, 3 months ago