You have hired a new security administrator for your organization. He calls you in the middle of the night and says “I am receiving too many positives” What is talking about?

A.
Alarms from the Intrusion Sensor are detected by illegitimate traffic.

B.
Alarms from the Intrusion Sensor are detected by legitimate traffic.

C.
Alarms from the Intrusion Sensor are detected-without any further action.

D.
Alarms from the Intrusion Sensor are detected and logged.

Explanation:
Positives – are alarms that are detected and logged. False-positives are defined as alarms caused by legitimate traffic or activity. False negatives are attacks that the IDS system fails to see.