nerdexam
GAQM

CPEH-001 · Question #976

CPEH-001 Question #976: Real Exam Question with Answer & Explanation

The correct answer is B. Detecting the presence of Honeyd honeypots. See the full explanation below for the reasoning.

Question

Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots?

Options

  • ADetecting honeypots running on VMware
  • BDetecting the presence of Honeyd honeypots
  • CA Detecting the presence of Snort_inline honeypots
  • DDetecting the presence of Sebek-based honeypots

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CPEH-001 Practice