CompTIA Security+ Question D-42

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?

A. Application hardening
B. False positive
C. Baseline code review
D. False negative

Answer: B

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.