Which term describes when an IDS fails to alert on a real attack?

Boost your skills for the EC-Council Certified Ethical Hacker v13 Exam. Use flashcards and multiple choice questions to prepare effectively. Each question includes hints and explanations. Get exam-ready now!

Multiple Choice

Which term describes when an IDS fails to alert on a real attack?

Explanation:
When an IDS fails to alert on a real attack, that is a false negative. It means there is an actual intrusion or malicious activity, but the system does not generate an alert or it misses the detection entirely. This is particularly dangerous because the attack can continue unmitigated, leaving defenders unaware and responders delayed. In contrast, a true positive is when there is an attack and the IDS correctly raises an alert; a false positive is when there is no attack but the IDS still raises an alert; and a true negative is when there is no attack and no alert. Failing to detect real threats reduces the IDS’s detection rate (recall) and can undermine overall security effectiveness.

When an IDS fails to alert on a real attack, that is a false negative. It means there is an actual intrusion or malicious activity, but the system does not generate an alert or it misses the detection entirely. This is particularly dangerous because the attack can continue unmitigated, leaving defenders unaware and responders delayed. In contrast, a true positive is when there is an attack and the IDS correctly raises an alert; a false positive is when there is no attack but the IDS still raises an alert; and a true negative is when there is no attack and no alert. Failing to detect real threats reduces the IDS’s detection rate (recall) and can undermine overall security effectiveness.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy