Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 144

What is the impact of false positive alerts on business compared to true positive?

Answer options

• A. True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them.
• B. True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks identified as harmless.
• C. False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged.
• D. False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately.

Correct answer: D

Explanation

The correct answer, D, accurately describes that false-positive alerts are mistakenly identified as threats, potentially leading to confusion, while true positives correctly identify actual attack attempts. The other options misrepresent the roles of true and false positives, either confusing their definitions or implications on security measures.