Which term describes a vulnerability assessment result where the test reports no issues, but exploitable vulnerabilities exist?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

Which term describes a vulnerability assessment result where the test reports no issues, but exploitable vulnerabilities exist?

Explanation:
Understanding false negatives in vulnerability assessments: When a scan reports no issues but exploitable vulnerabilities exist, the test has failed to detect real problems. This is a false negative—the vulnerability is present, but the tool or process didn’t flag it. The risk is that you assume the system is secure when it isn’t, leaving exploitable flaws unchecked. By contrast, a true negative would be no vulnerabilities and the scan correctly reports none; a true positive would be detecting a vulnerability that exists; a false positive would be reporting a vulnerability that doesn’t actually exist.

Understanding false negatives in vulnerability assessments: When a scan reports no issues but exploitable vulnerabilities exist, the test has failed to detect real problems. This is a false negative—the vulnerability is present, but the tool or process didn’t flag it. The risk is that you assume the system is secure when it isn’t, leaving exploitable flaws unchecked. By contrast, a true negative would be no vulnerabilities and the scan correctly reports none; a true positive would be detecting a vulnerability that exists; a false positive would be reporting a vulnerability that doesn’t actually exist.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy