CompTIA CySA+ (CS0-002) — Question 217

A security technician configured a NIDS to monitor network traffic. Which of the following is a condition in which harmless traffic is classified as a potential network attack?

Answer options

• A. True positive
• B. True negative
• C. False positive
• D. False negative

Correct answer: C

Explanation

A false positive occurs when legitimate traffic is incorrectly flagged as malicious, indicating an error in the detection system. In contrast, a true positive accurately identifies a real threat, a true negative correctly recognizes benign traffic, and a false negative fails to detect an actual attack, making them not relevant to this scenario.