An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability scan has been performed, and analysts are reviewing the results. Before starting any remediation, the analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of the following would be an indicator of a likely false positive?
A. Reports show the scanner compliance plug-in is out-of-date.
B. Any items labeled ‘low’ are considered informational only.
C. The scan result version is different from the automated asset inventory.
D. ‘HTTPS’ entries indicate the web page is encrypted securely.
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
This is a CompTIA ideology question more than anything, and their misuse of “false positives” but rather, “what can be disregarded as non-relevant” is that they mean.
The correct answer as per CompTIA would be : B
Correct Answer is C.
Explain it here:
A: This is to general, doesn’t indicate a false positive for me
B: Just saying that you only look an low findings doesn’t indicate that they are false-positive
C: Version not correct may indicate a false positive
D: HTTPS is encrypted so this can’t be an indicator of a false positive
B. Any items labeled ‘low’ are considered informational only.
I think its C.
why does B indicate a false positive ?