A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?

Questions › Category: SY0-601 › A security analyst receives an alert from the company’s SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?

0 Vote Up Vote Down

Admin Staff asked 12 months ago

A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26.
The Chief
Information Security officer asks the analyst to block the originating source. Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?

A. True negative

B. True positive

C. False positive

D. False negative





 

Correct Answer: C

This question is in SY0-601 exam
For getting CompTIA Security+ certificate