PrepAway - Latest Free Exam Questions & Answers

Which is the MOST serious risk associated with such tools?

After installing a network, an organization installed a vulnerability assessment tool or security
scanner to identify possible weaknesses. Which is the MOST serious risk associated with such
tools?

PrepAway - Latest Free Exam Questions & Answers

A.
Differential reporting

B.
False-positive reporting

C.
False-negative reporting

D.
Less-detail reporting

Explanation:

False-negative reporting on weaknesses means the control weaknesses in the network are not
identified and therefore may not be addressed, leaving the network vulnerable to attack. Falsepositive reporting is one in which the controls are in place, but are evaluated as weak, which
should prompt a rechecking of the controls. Less-detail reporting and differential reporting
functions provided by these tools compare scan results over a period of time.


Leave a Reply