CISSP · Question #977
CISSP Question #977: Real Exam Question with Answer & Explanation
The correct answer is B: Honeypot. A honeypot is a decoy system that is designed to attract and trap attackers. A honeypot can be used to collect evidence of a zero-day attack, which is an attack that exploits a previously unknown vulnerability. A honeypot can capture the attacker's actions, tools, and techniques,
Question
Which of the following is MOST appropriate to collect evidence of a zero-day attack?
Options
- AFirewall
- BHoneypot
- CAntispam
- DAntivirus
Explanation
A honeypot is a decoy system that is designed to attract and trap attackers. A honeypot can be used to collect evidence of a zero-day attack, which is an attack that exploits a previously unknown vulnerability. A honeypot can capture the attacker's actions, tools, and techniques, and provide valuable information for analysis and mitigation. A honeypot can also divert the attacker's attention from the real targets and waste their time and resources. A firewall, an antispam, and an antivirus are not effective in detecting or preventing zero-day attacks, as they rely on known signatures or rules that may not match the new attack.
Topics
Community Discussion
No community discussion yet for this question.