nerdexam
EC-Council

312-50V10 · Question #331

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

The correct answer is B. Honeypot. A honeypot emulates real services like mail and FTP to lure attackers and log their activity, making it the ideal tool for this purpose.

Evading IDS, Firewalls, and Honeypots

Question

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

Options

  • AFirewall
  • BHoneypot
  • CCore server
  • DLayer 4 switch

How the community answered

(42 responses)
  • A
    2% (1)
  • B
    86% (36)
  • C
    2% (1)
  • D
    10% (4)

Why each option

A honeypot emulates real services like mail and FTP to lure attackers and log their activity, making it the ideal tool for this purpose.

AFirewall

A firewall filters and controls network traffic based on rules but does not emulate services or capture attacker behavior.

BHoneypotCorrect

A honeypot is a decoy system designed to mimic real network services such as SMTP, FTP, and HTTP. It records all interaction attempts including login credentials and commands issued, providing threat intelligence without exposing production systems.

CCore server

A core server is a legitimate production server providing real services, not a deception tool designed to trap or monitor attackers.

DLayer 4 switch

A Layer 4 switch forwards traffic based on TCP/UDP port information and has no capability to emulate application services or log attacker actions.

Concept tested: Honeypot deception and attacker activity capture

Source: https://csrc.nist.gov/glossary/term/honeypot

Topics

#honeypot#deception technology#service emulation#intrusion detection

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice