Certified Ethical Hacker (CEH v11) — Question 257

Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

Answer options

• A. False-negative
• B. False-positive
• C. Brute force attack
• D. Backdoor

Correct answer: B

Explanation

The correct answer is B, false-positive, which refers to a reported vulnerability that is not actually present because it has already been resolved. A false-negative (A) would indicate a vulnerability that exists but was not detected, while a brute force attack (C) and backdoor (D) are types of security threats, not categories of vulnerability detection accuracy.