Which of the following trends would be of GREATEST concern when reviewing the performance of an organization's intrusion detection systems (IDSs)?
Which of the following trends would be of GREATEST concern when reviewing the performance of an organization's intrusion detection systems (IDSs)?
False negatives happen when the IDS fails to detect actual malicious activity, So Option A
False negatives occur when the IDS does not alert on an attack or malicious activity that is present. This is much more of a concern than false positives--at least the IDS is detecting something with those.
B - False Positive means that the IDS failed to identify a true incident, False Negative is actually a false identification of something that is legit.