Network layers
In the event of an unknown zero-day attack, an intrusion detection system (IDS) might not be able to detect the attack and therefore fail to alert the administrator. Any failure to detect an attack is called a false negative. When alarms are not going off, it’s common to assume that no malicious events are taking place. If that’s a false assumption, real attacks are occurring and security staff is unaware.
False positives may create a false sense of security for the opposite reason—too many alarms from benign occurrences. An administrator might react quickly to the first few alarms. However, after receiving additional false positives, a busy administrator might put off investigating the alarms or ignore them.
Answer the following question(s):
Assume you are a network administrator responsible for security. In your opinion, which is worse—false positives or false negatives? Why?
Needs help with similar assignment?
We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper
Get Answer Over WhatsApp
Order Paper Now
