๐ Home
โบ
Incident Detection & Response
โบ
Q2
60s
๐
๐จ Incident Detection & Response
Junior
Q2 / 5
Incident Detection & Response
What is a 'true positive' in the context of SIEM alert triage?
A
An alert that fires on benign activity, wasting analyst time
B
An alert that correctly identifies a real security threat or malicious activity
C
An alert that fails to fire even though a real attack is occurring
D
An alert that fires repeatedly due to a misconfigured rule
โ Previous
Select an answer above