CompTIA Security Plus Mock Test Q209

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system. Which of the following describes this cause?

A. Application hardening
B. False positive
C. Baseline code review
D. False negative


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

Incorrect Answers:
A: The term hardening is usually applied to operating systems. The idea is to “lock down” the operating system as much as is practical. For example, ensure that all unneeded services
are turned off, all unneeded software is uninstalled, patches are updated, user accounts are checked for security, and so forth. Hardening is a general process of making certain that
the operating system itself is as secure as it can be.
C: A baseline represents a secure state and a review of the baseline code is not a vulnerability report that security patches are missing as stated in the scenario.
D: A False negative is exactly the opposite of a false positive. With a false negative, you are not alerted to a situation when you should be alerted.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 28, 52
http://www.cgisecurity.com/questions/falsepositive.shtml