Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 255

What is the impact of false negative alerts when compared to true negative alerts?

Answer options

• A. A false negative is someone trying to hack into the system and no alert is raised, and a true negative is an event that never happened and an alert was not raised.
• B. A true negative is an alert for an exploit attempt when no attack was detected, and a false negative is when no attack happens and an alert is still raised.
• C. A true negative is a legitimate attack that triggers a brute force alert, and a false negative is when no alert and no attack is occurring.
• D. A false negative is an event that alerts for injection attack when no attack is happening, and a true negative is an attack that happens and an alert that is appropriately raised.

Correct answer: A

Explanation

The correct answer, A, accurately describes a false negative as a scenario where an attempted attack goes undetected, resulting in no alert. The other options misrepresent the definitions of true negatives and false negatives, leading to confusion about their implications in security monitoring.