SSCP Question #380: Real Exam Question with Answer & Explanation

Sign in or unlock SSCP to reveal the answer and full explanation for question #380. The question stem and answer options stay visible for context.

Submitted by khalil_dz· Apr 18, 2026Security Operations and Administration

Question

Why would anomaly detection IDSs often generate a large number of false positives?

Options

ABecause they can only identify correctly attacks they already know about.
BBecause they are application-based are more subject to attacks.
CBecause they can't identify abnormal behavior.
DBecause normal patterns of user and system behavior can vary wildly.

Unlock SSCP to see the answer

You've previewed enough free SSCP questions. Unlock SSCP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock SSCP - $49.99 / 30 days Sign in

Topics

#Anomaly Detection#Intrusion Detection Systems (IDS)#False Positives#Security Monitoring

Full SSCP Practice Browse All SSCP Questions