Certified Ethical Hacker (CEH v11) — Question 150

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's Computer to update the router configuration. What type of an alert is this?

Answer options

• A. False negative
• B. True negative
• C. True positive
• D. False positive

Correct answer: D

Explanation

The correct answer is D, False positive, because the alert was triggered for legitimate activity (the administrator accessing the router) that should not be flagged as a security issue. The other options are incorrect as they refer to alerts that are either misidentified or do not represent the scenario of a legitimate action being falsely flagged.