A vulnerability scan is reporting that patches are missing on a server. After a review, it is
determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?
A.
Application hardening
B.
False positive
C.
Baseline code review
D.
False negative
It should have been
“it is determined that the application requiring the patch does exist on the operating system.”
wouldn’t it be FALSE NEGATIVE, since missing patches indeed do not exist on the OS?
Vulnerability scan sees patch needs updated = positive, it caught a patch that needs updated
False = Program that needs patch isn’t there
= False positive
The Vulnerability Scan came back with a positive alert, saying that there is something missing. Because there is no such patch, the whole alert is false. That is why it is a false positive alert.
I too shall say the same thing differently.
It is scanning for vulnerabilities. Finding a vulnerability is a positive result. Eg, if I am looking for 4 leaf clovers and find one, that is a positive result. If I am looking for murderers and find one, that is a positive result. Positive because I found what I was looking for. 🙂
But it turns out it was a mistake. It wasn’t a real vulnerability. It was a false find, it was a false positive. The clover was just two clovers stuck together. The murderer had a twin. False positives 🙁
Cf. I go looking for vulnerabilities, I don’t find any. Negative result 🙁 But it turns out I didn’t look hard enough, false negative :((.