What describes the impact of false-positive alerts compared to false-negative alerts?
Correct Answer: C
False positives and false negatives are terms used to describe the accuracy of security alerts. A false positive occurs when a security system incorrectly identifies benign activity as malicious, leading to unnecessary investigation and potential disruption of legitimate activities. Conversely, a false negative happens when a security system fails to detect actual malicious activity, allowing the attackers to proceed undetected. The impact of false positives is generally wasted time and resources investigating non-issues, while the impact of false negatives can be much more severe, potentially leading to undetected breaches and significant damage.
References: The CBROPS curriculum covers the concepts of false positives and false negatives in the context of security monitoring and alerting systems