ExpertHard1 markMultiple Choice
CPA · Question 73 · Area II: Security
An auditor is reviewing the 'Incident Response' logs. They see a 'False Positive'. What does this mean?
An auditor is reviewing the 'Incident Response' logs. They see a 'False Positive'. What does this mean?
Answer options:
A.
The system failed to alert on malicious activity.
B.
The system alerted on benign activity as if it were malicious.
C.
The system correctly identified malicious activity.
D.
The system correctly ignored benign activity.
How to approach this question
False Positive = Alarm rang, but no fire.
Full Answer
B.The system alerted on benign activity as if it were malicious.✓ Correct
The system alerted on benign activity as if it were malicious.
A false positive occurs when a security system incorrectly identifies legitimate activity as a threat (e.g., flagging a normal software update as a virus).
Common mistakes
Confusing False Positive and False Negative.
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard