Certified Information Security Manager (CISM) — Question 1155
Which of the following trends would be of GREATEST concern when reviewing the performance of an organization's intrusion detection systems (IDSs)?
Answer options
- A. Increase in false negatives
- B. Increase in false positives
- C. Decrease in false positives
- D. Decrease in false negatives
Correct answer: A
Explanation
An increase in false negatives is the most concerning trend because it indicates that potential threats are not being detected by the IDS, allowing attacks to go unnoticed. In contrast, an increase in false positives may lead to unnecessary alerts but does not directly compromise security. A decrease in false positives or false negatives is generally seen as an improvement, not a concern.