CompTIA Security+ (SY0-701) — Question 349

Which of the following is the primary reason why false negatives on a vulnerability scan should be a concern?

Answer options

• A. The system has vulnerabilities that are not being detected.
• B. The time to remediate vulnerabilities that do not exist is excessive.
• C. Vulnerabilities with a lower severity will be prioritized over critical vulnerabilities.
• D. The system has vulnerabilities, and a patch has not yet been released.

Correct answer: A

Explanation

The correct answer, A, highlights that undetected vulnerabilities pose a significant risk to the system's security. Options B, C, and D address other issues related to vulnerabilities but do not capture the primary concern of undetected vulnerabilities that could be exploited by attackers.