GIAC
GCIH · Question #407
If virtual machines are relatively easy for an attacker to detect, the next best thing might be to put so much honey in your honeypot, attackers won't be able to resist. Which actions would result in
Sign in or unlock GCIH to reveal the answer and full explanation for question #407. The question stem and answer options stay visible for context.
Incident Response & Cyber Kill Chain
Question
If virtual machines are relatively easy for an attacker to detect, the next best thing might be to put so much honey in your honeypot, attackers won't be able to resist. Which actions would result in the most meaningful traffic on your honeypot?
Options
- AInstall the latest OS and patches, use interesting usernames and easy to guess passwords, don't
- BSet file and folder permissions so everyone has full access, allow full directory browsing on the
- CGive the server a tempting name, create directories and files with appealing names, and create
- DInstall only older versions of software, remove the 'Block All' setting on the firewall, and falsify the
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#honeypot#deception technology#attacker luring#security monitoring