Which term describes a condition when an intrusion detection system fails to react to an actual attack event?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which term describes a condition when an intrusion detection system fails to react to an actual attack event?

Explanation:
Failing to react to an actual attack is a false negative—the system misses a real incident and does not raise an alert or take protective action. It’s a miss where malicious activity is present but the IDS treats it as normal. This is dangerous because the attack can continue unchallenged. In contrast, a true negative is when there is no attack and the system correctly stays quiet. An intrusion prevention system is a related control that can block or prevent attacks, and a firewall filters traffic; neither describes the specific situation of a missed detection by an IDS.

Failing to react to an actual attack is a false negative—the system misses a real incident and does not raise an alert or take protective action. It’s a miss where malicious activity is present but the IDS treats it as normal. This is dangerous because the attack can continue unchallenged. In contrast, a true negative is when there is no attack and the system correctly stays quiet. An intrusion prevention system is a related control that can block or prevent attacks, and a firewall filters traffic; neither describes the specific situation of a missed detection by an IDS.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy