This is an example of a false negative, where a valid concern goes undetected by the scanning tool or configuration. This differs from a true positive, which confirms a legitimate finding, or a false positive, which incorrectly flags a harmless service. Connectivity issues that disturb the scan do not necessarily mean a gap remains missed, and confirming a gap means it was ultimately recognized by the testing process.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a false negative in penetration testing?
Open an interactive chat with Bash
How does a false positive differ from a false negative?
Open an interactive chat with Bash
What steps can be taken to reduce false negatives in security scanning?