SOC Experts Community - Beta
0 like 0 dislike
47 views
in SOC by (2.2k points)

4 Answers

0 like 0 dislike
by (4.1k points)

True Positive: A legitimate attack which triggers to produce an alarm.

  • You have a brute force alert, and it triggers. You investigate the alert, and find out that somebody was indeed trying to break into one of your systems via brute force methods.

True Negative: An event when no attack has taken place and no detection is made.

  • No attack occurred and your rule didn't fire.

 

0 like 0 dislike
by (580 points)
True positive : It means that you get a warning and after verification you find that alert is real . example : you get a warning that there are attack on facility and after the verification you find that there are attacks against the facility

True negative : this is the best kind .no warning gets you & at the same time all the security matters are good
0 like 0 dislike
by
True positive- alert gets triggered and the attack is real when you investigate

True negative-no alert get triggered because no attack
0 like 0 dislike
by (5.4k points)
true positive: detects vulnerability when there is vulnerability.

true negative: not detects vulnerability when there is no vulnerability.

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses

Categories

...