Computer Hacking Forensic Investigator (CHFI v10) — Question 179

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

Answer options

• A. False negatives
• B. False positives
• C. True negatives
• D. True positives

Correct answer: A

Explanation

The correct answer is A, false negatives, because the vulnerability analysis incorrectly indicated that there were no exploitable vulnerabilities when, in fact, the second utility revealed that there were. False positives would imply that the analysis incorrectly identified vulnerabilities that did not exist, while true negatives would suggest that the assessment correctly identified no vulnerabilities, which is not the case here.