Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
What would be the least desired intrusion response from an IDS in a critical environment?
False positive
Alert
False negative
Alarm
A false negative means an attack occurred but the IDS failed to detect it. A false positive might be worse in the long term from a credibility standpoint (too many will throw any subsequent alerts and therefore the value of your IDS product into question) but a false negative is worse in the short term when dealing with an immediate attack and damage.
EDIT: A false negative means the condition existed but the system did not detect it. So in terms of a "response from an IDS" the alarm would be most concerning. A false negative is of high concern but in the context of this question, it shouldn't be considered a potential response from an IDS. If it was a response then technically it identified that a problem existed and isn't truly a condition that the system failed to recognize.
Edit2: How would an alarm be a least desired response then? If we rule out False Negative due to it not alerting, then would a false positive not be the lease desired as in it should be tried to be reduced. We would want alerts and alarms, as it is proving the system is working and providing opportunities to act. Overall this is a very poorly worded question that is trickier due to poor construction than due to actual content.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.