312-50V10 · Question #331
Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?
The correct answer is B. Honeypot. A honeypot emulates real services like mail and FTP to lure attackers and log their activity, making it the ideal tool for this purpose.
Question
Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?
Options
- AFirewall
- BHoneypot
- CCore server
- DLayer 4 switch
How the community answered
(42 responses)- A2% (1)
- B86% (36)
- C2% (1)
- D10% (4)
Why each option
A honeypot emulates real services like mail and FTP to lure attackers and log their activity, making it the ideal tool for this purpose.
A firewall filters and controls network traffic based on rules but does not emulate services or capture attacker behavior.
A honeypot is a decoy system designed to mimic real network services such as SMTP, FTP, and HTTP. It records all interaction attempts including login credentials and commands issued, providing threat intelligence without exposing production systems.
A core server is a legitimate production server providing real services, not a deception tool designed to trap or monitor attackers.
A Layer 4 switch forwards traffic based on TCP/UDP port information and has no capability to emulate application services or log attacker actions.
Concept tested: Honeypot deception and attacker activity capture
Source: https://csrc.nist.gov/glossary/term/honeypot
Topics
Community Discussion
No community discussion yet for this question.