Hi,
When you hide any SSID, still one can connect to that by knowing the SSID, if you configure a client with SSID, client will send a probe request with that SSID, and AP will send back Probe response and then association process can be completed, this is called Active scanning.
In order to prevent this, we need to configure the AP to send back the probe response hence we need to check "Deny_Broadcast Probe" along with "Hide SSID"
Or if you don't want to use that SSID temporarily you can disable by unchecking "SSID enable"