Certified Ethical Hacker (CEH v13) — Question 260

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration.
What type of an alert is this?

Answer options

• A. False negative
• B. True negative
• C. True positive
• D. False positive

Correct answer: D

Explanation

The correct answer is D, False positive, because the alert was triggered for legitimate activity (updating the router configuration) that should not have resulted in an alert. The other options are incorrect as a false negative means a threat was not detected, a true negative indicates no threat was present and correctly reported, and a true positive means a real threat was correctly identified.