SY0-301 · Question #315
Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identi
The correct answer is A. Set up a honeypot and place false project documentation on an unsecure share.. A honeypot is a decoy resource designed to attract and expose unauthorized or malicious users. By placing convincing but fake project documentation on an intentionally accessible (unsecured) share, the administrator creates a trap: any employee who accesses it is immediately flag
Question
Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identify any such users, the security administrator could:
Options
- ASet up a honeypot and place false project documentation on an unsecure share.
- BBlock access to the project documentation using a firewall.
- CIncrease antivirus coverage of the project servers.
- DApply security updates and harden the OS on all project servers.
How the community answered
(16 responses)- A75% (12)
- B6% (1)
- C13% (2)
- D6% (1)
Explanation
A honeypot is a decoy resource designed to attract and expose unauthorized or malicious users. By placing convincing but fake project documentation on an intentionally accessible (unsecured) share, the administrator creates a trap: any employee who accesses it is immediately flagged as someone seeking data they should not have. Because legitimate users have no reason to access an unsecured decoy share, any access is a strong indicator of insider threat activity. Blocking access with a firewall, increasing antivirus coverage, or hardening the OS are all defensive measures that protect data but do nothing to identify which employees are already accessing it inappropriately.
Topics
Community Discussion
No community discussion yet for this question.