How can you detect a false negative on an IPS?

A.
View the alert on the IPS.

B.
Review the IPS log.

C.
Review the IPS console.

D.
Use a third-party system to perform penetration testing.

E.
Use a third-party to audit the next-generation firewall rules.

Explanation:
BD
A false negative, however, is when there is malicious traffic on the network, and for whatever reason the IPS/
IDS did not trigger an alert, so there is no visual indicator (at least from the IPS/IDS system) that anything
negative is going on. In the case of a false negative, you must use some third-party or external system to
alert you to the problem at hand, such as syslog messages from a network device.
Source: Cisco Official Certification Guide, Positive/Negative Terminology, p.463