EC-CouncilEC-Council
312-50V12 · Question #313
312-50V12 Question #313: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V12 to reveal the answer and full explanation for question #313. The question stem and answer options stay visible for context.
Submitted by yasin.bd· Mar 4, 2026Reconnaissance Techniques
Question
Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots?
Options
- ADetecting honeypots running on VMware
- BDetecting the presence of Snort_inline honeypots
- CDetecting the presence of Honeyd honeypots
- DDetecting the presence of Sebek-based honeypots
Unlock 312-50V12 to see the answer
You've previewed enough free 312-50V12 questions. Unlock 312-50V12 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#honeypot detection#TCP fingerprinting#Honeyd#evasion techniques