The helpdesk is receiving numerous reports that a newly installed biometric reader at the entrance
of the data center has a high of false negatives. Which of the following is the consequence of this
reported problem?
A.
Unauthorized employees have access to sensitive systems
B.
All employees will have access to sensitive systems
C.
No employees will be able to access the datacenter
D.
Authorized employees cannot access sensitive systems
“A false negative is when an attacker is actively attacking the network, but the system does not detect it…” from Darril Gibson
0
0
Thats the same thing, detection is being incorrectly rejected, its C
0
0
Answer is A
A false positive will be authorized employees can not access sensitive systems.
A false negative will be that unauthorized employees have access to sensitive systems.
1
0
I agree with itcrowd. Answer A
1
0
False Positive is when the system indicates a problem when there is no problem
False Negative is when the system fails to indicate a problem as a problem.
So in this question having a high False Negative means it is not reporting when it should and unauthorized users are getting access. So answer is A
1
0
It’s C.
A and D is the same, false positive.
False negative is when somebody who doesnt work in Company have access and go around, but system doesnt do nothing.
0
0
There are two matching approaches:
1- Whitelisting systems (such as biometrics).
2- Blacklisting systems (such as AV & IDS).
In whitelisting, we are matching for something allowed.
TP = Allowing authorized person.
TN = Blocking unauthorized person.
FP = Allowing unauthorized person.
FN = Blocking authorized person.
TP is the desired state. And in terms of risk, FP is worse than FN.
In blacklisting approaches, we are matching for something blocked.
TP = Detecting Malicious application.
TN = Allowing benign application.
FP = Detecting benign application as malicious.
FN = Not detecting malicious application.
TN is the desired state. And in terms of risk, FN is worse than FP.
In this question (whitelisting), the FN means preventing authorized persons –> D is the correct answer.
2
0
“Biometric systems are vulnerable to two types of failures: a false-positive, in which a system falsely identifies an imposter as the valid user, and a false-negative, in which the system fails to make a match between a valid user and the stored template.” (source: IEEE) https://www.ieee.org/publications_standards/publications/authors/sample_biometrics_pdf.pdf
In this case, that means a lot of authorized users cannot access the datacenter. So it’s D.
1
0
I think answer is C:
Kingfisher book:
false negative When a system denies a user who actually should be allowed access to
the system—for example, when an IDS/IPS fails to block an attack, thinking it is legitimate
traffi c.
false positive When a system authenticates a user who should not be allowed access to
the system—for example, when an IDS/IPS blocks legitimate traffi c from passing on to
the network.
0
0
Another Badly constructed question.
I think the one on a HIGH was the guys who wrote this question.
What we have in here is a lot of people being BARRED from accessing the data center, when they should have been granted access.
It is a false negative because the biometric system is denying user’s access, when they should be allowed access instead.
Since the default defect of the BIOMETRIC reader is to block access by mistake (and not grant it) the FALSE negative in here is that people are being DENIED access. This eliminates the following answers
A.Unauthorized employees have access to sensitive systems. Not really. It is blocking access to authorized employees, and not granting access to unauthorized employees
B.All employees will have access to sensitive systems. Since it is blocking most people by default, it is not possible to concluded that all employees will have access to sensitive systems
C.No employees will be able to access the datacenter – This again is an overkill. Not all employees are being denied access.
So the best answers is that some authorized employees cannot access sensitive systems, which is best met by: D-Authorized employees cannot access sensitive systems
1
0