Can following be termed as false positives in Intrusion Prevention System (IPS) ?
1 |
Application is not used in the entire infrastructure |
2 |
Events where victim IP address does not exist |
3 |
Application is not hosted on the server any more and .vhd file has been deleted |
4 |
Signature which has triggered an event for a particular application does not exist on the victim device
|