Which signature type results in a legitime alert been dismissed?

210-255 1 Comment

Which signature type results in a legitime alert been dismissed?
A . True negative
B . False negative
C . True Positive
D . False Positive

Answer: D

Latest 210-255 Dumps Valid Version with 170 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 210-255 PDF     210-255 Questions Online Training
Subscribe
Notify of
guest
1 Comment
Inline Feedbacks
View all comments
Junk
Junk
4 years ago

This is incorrect.
If the IDS/IPS identifies the traffic as malicious, it is a Positive.
If the traffic is in fact malicious, this is a True Positive.
If the traffic in NOT malicious, this is a False Positive.

If the IDS/IPS identifies the traffic as legitimate, it is a Negative.
If the traffic is in fact legitimate, this is a True Negative.
If the traffic in NOT legitimate, this is a False Negative.

This question is asking the condition for MALICIOUS (legitimate alert) traffic being dismissed.
This means that the engine has identified the traffic as legitimate when it is in fact malicious.
The result is a FALSE NEGATIVE.
This means that the malice test on the traffic showed that the traffic was not malicious (NEGATIVE), but was incorrectly identified this way (FALSE)
The result of the engine classifying the traffic as legitimate despite it being malicious, is a FALSE NEGATIVE

0
Reply