Computer Hacking Forensic Investigator (CHFI) — Question 53

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

Answer options

• A. False negatives
• B. False positives
• C. True negatives
• D. True positives

Correct answer: A

Explanation

The correct answer is A, False negatives, because the vulnerability analysis incorrectly indicated that there were no exploitable vulnerabilities when, in fact, the exploits were able to succeed. False positives would imply that the analysis indicated vulnerabilities that did not actually exist, while true negatives and true positives do not apply in this context since they relate to accurate identification of vulnerabilities.