EC-CouncilEC-Council
312-50V13 · Question #416
312-50V13 Question #416: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V13 to reveal the answer and full explanation for question #416. The question stem and answer options stay visible for context.
Submitted by yuki_2020· Mar 6, 2026Evading IDS, Firewalls, and Honeypots
Question
Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots?
Options
- ADetecting honeypots running on VMware
- BDetecting the presence of Honeyd honeypots
- CDetecting the presence of Snort_inline honeypots
- DDetecting the presence of Sebek-based honeypots
Unlock 312-50V13 to see the answer
You've previewed enough free 312-50V13 questions. Unlock 312-50V13 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#honeypot detection#time-based fingerprinting#TCP fingerprinting#Snort_inline