A false negative occurs when the security system (usually a WAF) fails to identify a threat. It produces a “negative” outcome (meaning that no threat has been observed), even though a threat exists. This is the opposite of a false positive alarm, where a system mistakenly identifies legitimate traffic as being hostile.
while option B (Decreased effectiveness of root cause analysis) could also be a consequence of deteriorating detective controls, it typically follows after the detection phase. If the detective control fails to detect incidents accurately (leading to increased false negatives), it undermines the ability to conduct effective root cause analysis because incidents are missed or not properly logged.
Therefore, the deterioration of detective controls primarily impacts the accuracy and reliability of incident detection, resulting in an increased number of false negatives in security logs. This makes option A the correct answer.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MIMIBAK
1 month agoSwallows
7 months, 3 weeks ago