nerdexam
CompTIA

SY0-301 · Question #894

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system. Which of the f

The correct answer is B. False positive. A false positive occurs when a security tool incorrectly flags something as a vulnerability or threat when no actual vulnerability exists. In this scenario, the scanner reported missing patches for an application that is not even installed on the server - the reported vulnerabili

Threats, vulnerabilities, and mitigations

Question

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system. Which of the following describes this cause?

Options

  • AApplication hardening
  • BFalse positive
  • CBaseline code review
  • DFalse negative

How the community answered

(43 responses)
  • A
    2% (1)
  • B
    88% (38)
  • C
    5% (2)
  • D
    5% (2)

Explanation

A false positive occurs when a security tool incorrectly flags something as a vulnerability or threat when no actual vulnerability exists. In this scenario, the scanner reported missing patches for an application that is not even installed on the server - the reported vulnerability does not apply and therefore does not exist. A false negative is the opposite: a real vulnerability that the scanner fails to detect. Application hardening refers to reducing attack surface by removing unnecessary features, not a scan result type. A baseline code review is a software development practice unrelated to vulnerability scanning results.

Topics

#vulnerability scanning#false positive#patch management#scan results

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice