COMPUTER THREATS SECURITY
WHAT IS A FIREWALL IN NETWORK SECURITY
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
False
|
|
|
True
|
|
|
Either A or B
|
|
|
None of the above
|
Detailed explanation-1: -A false positive state is when the IDS identifies an activity as an attack but the activity is acceptable behavior. A false positive is a false alarm. A false negative state is the most serious and dangerous state. This is when the IDS identifies an activity as acceptable when the activity is actually an attack.
Detailed explanation-2: -A false positive is when a scientist determines something is true when it is actually false (also called a type I error). A false positive is a “false alarm.” A false negative is saying something is false when it is actually true (also called a type II error).
Detailed explanation-3: -Definition(s): An alert that incorrectly indicates that a vulnerability is present. Source(s): NIST SP 800-115. An alert that incorrectly indicates that malicious activity is occurring.
Detailed explanation-4: -A false positive error, or false positive, is a result that indicates a given condition exists when it does not. For example, a pregnancy test which indicates a woman is pregnant when she is not, or the conviction of an innocent person.
Detailed explanation-5: -A true positive is where a rule is configured and logs match that rule for a real threat. This means the rule worked as intended and alarmed correctly. A false positive is where a rule is configured and the log matches the rule, however the logs that matched are not considered a threat and should be ignored.