Weekly CISSP Exam Questions
After a scan, you discover many false positives. What should you do first?
A. Disable the scanner
B. Update the scanner's database
C. Perform a penetration test
D. Reconfigure the network firewall
Correct Answer: B
Explanation:
Disable the scanner: This would not solve the issue of false positives and would leave your network unprotected from actual vulnerabilities.
Update the scanner's database: Updating the database with the latest signatures and rules is often the first step in resolving false positives. This will ensure that the scanner is using the most current information to evaluate your network's security.
Perform a penetration test: While a penetration test can provide a more in-depth analysis of your network's security, it's generally more time-consuming and costly than simply updating your scanner's database. Also, if the scanner is producing many false positives, a penetration test may also be affected or may require additional work to separate real vulnerabilities from false positives.
Reconfigure the network firewall: While tuning your network firewall is important, it's unlikely to resolve issues of false positives from a security scan. Also, doing so without accurately knowing your vulnerabilities (due to false positives) could introduce new security risks.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
