CompTIA Security+ (SY0-701) — Question 215

After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned. Which of the following describes this example?

Answer options

• A. False positive
• B. False negative
• C. True positive
• D. True negative

Correct answer: A

Explanation

A false positive occurs when a scan indicates a vulnerability that is not actually present, which matches the scenario described. In contrast, a false negative would mean the scanner fails to identify an existing vulnerability, while true positive and true negative refer to correctly identifying existing vulnerabilities and correctly confirming their absence, respectively.