nerdexam
GIAC

GCIA · Question #98

GCIA Question #98: Real Exam Question with Answer & Explanation

The correct answer is A. Honeypot. A honeypot is a decoy system intentionally configured to attract and deceive attackers while logging their activities for analysis and intelligence gathering.

Question

John works as a Security Administrator for NetPerfect Inc. The company uses Windows-based systems. A project has been assigned to John to track malicious hackers and to strengthen the company's security system. John configures a computer system to trick malicious hackers into thinking that it is the company's main server, which in fact is a decoy system to track hackers. Which system is John using to track the malicious hackers?

Options

  • AHoneypot
  • BHoneytokens
  • CIntrusion Detection System (IDS)
  • DBastion host

Explanation

A honeypot is a decoy system intentionally configured to attract and deceive attackers while logging their activities for analysis and intelligence gathering.

Common mistakes.

  • B. Honeytokens are fake data artifacts (credentials, files, records) embedded in real systems to detect unauthorized access, not full decoy systems designed to simulate an entire server.
  • C. An Intrusion Detection System (IDS) passively monitors real network traffic or system activity for known attack signatures and does not act as a decoy or fake server.
  • D. A bastion host is a hardened, intentionally exposed server that provides a controlled gateway into a network, not a deceptive decoy designed to mislead attackers.

Concept tested. Honeypot as attacker deception and tracking mechanism

Reference. https://csrc.nist.gov/glossary/term/honeypot

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIA Practice