Exam CISA topic 1 question 198 discussion

A- False Positive.. giving access to persons who should not be given access is a concern..

C- False negative is correct. An instance in which a security tool intended to detect a particular threat fails to do so

False negatives occur when the biometric system fails to recognize a legitimate user, denying access even though the person is authorized. This is of GREATEST concern because it directly impacts the availability of the system and could prevent authorized users from gaining access to critical areas or systems. In the context of a biometric system used for physical access control, false negatives can lead to significant operational disruptions, reduced security (if users are locked out and try alternative unauthorized methods to gain access), and frustration.

false positive As per Isaca: False-acceptance rate (FAR) is the frequency of accepting an unauthorized person as authorized, thereby granting access when it should be denied. In an enterprise with high security requirements, limiting the number of false acceptances is more important than the impact on the false reject rate.

False negative is a concern but the IS auditor's convern. Auditor is concerned more with false positives.

I completly disagree with letter C. Given unauthorized people to access any place is a greatest concern that not granting an allowed person to it. It's unauthorized access.

Q: the GREATEST concern for a biometric system used to control PHYSICAL access Answer: C - False Negative if it was about a biometric system used to control logical access then the greatest concern is A False Positive

c. should be more concerning coz it affects the business if authorized users are not allowed

Answer is False Positive. A If you are reading this, don’t be confused

False positive leads to unauthorized access in this case

False negatives occur when the biometric system fails to correctly identify an authorized user, leading to a denial of access to individuals who should be granted access

C for sure