PT0-003 · Question #275
PT0-003 Question #275: Real Exam Question with Answer & Explanation
The correct answer is D: False positive. Explanation Option D (False Positive) is correct because the scanner reported a vulnerability that does not actually exist - the Nmap results show the device does not have the vulnerable port/service open or running, meaning the initial vulnerability finding was inaccurate and tr
Question
A penetration tester identifies the following vulnerability during a scan of the company's network: An Nmap scan of the affected device produces the following results: Which of the following best describes this scenario?
Options
- ATrue negative
- BTrue positive
- CFalse negative
- DFalse positive
Explanation
Explanation
Option D (False Positive) is correct because the scanner reported a vulnerability that does not actually exist - the Nmap results show the device does not have the vulnerable port/service open or running, meaning the initial vulnerability finding was inaccurate and triggered an alert for a threat that isn't truly present. A true positive (B) would require both the alert AND the actual vulnerability to be confirmed, which the Nmap evidence contradicts. A true negative (A) means no vulnerability was reported and none exists - irrelevant here since a finding was reported. A false negative (C) is the opposite problem: a real vulnerability exists but was missed by the scanner - again contradicted by the evidence.
🧠 Memory Tip: Think of it this way - "False Positive = Crying Wolf." The scanner cried wolf (reported a threat), but when you investigated with Nmap, there was no wolf there. If the danger were real but missed, that would be a false negative (a negative result that was wrong). Positive/Negative refers to what was reported; True/False refers to whether that report was accurate.
Topics
Community Discussion
No community discussion yet for this question.