What is the most proper answer?
Darius is analysing logs from IDS. He want to understand what have triggered one alert and verify if it’s true positive or false positive.
Looking at the logs he copy and paste basic details like below:
source IP: 192.168.21.100
source port: 80
destination IP: 192.168.10.23
destination port: 63221
What is the most proper answer?
A . This is most probably true negative.
B . This is most probably true positive which triggered on secure communication between client and server.
C . This is most probably false-positive, because an alert triggered on reversed traffic.
D . This is most probably false-positive because IDS is monitoring one direction traffic.
Answer: A
Latest CPEH-001 Dumps Valid Version with 736 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Subscribe
Login
0 Comments
Inline Feedbacks
View all comments