SY0-701 · Question #616
SY0-701 Question #616: Real Exam Question with Answer & Explanation
The correct answer is A: Honeytoken. Honeytoken is correct because it refers to a fabricated digital asset - such as a fake user account, credential, or database record - designed specifically to detect unauthorized access or malicious activity when interacted with. A trap user account with suspicious transactions a
Question
A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for malicious activity. Which of the following is the user account an example of?
Options
- AHoneytoken
- BHoneynet
- CHoneypot
- DHoneyfile
Explanation
Honeytoken is correct because it refers to a fabricated digital asset - such as a fake user account, credential, or database record - designed specifically to detect unauthorized access or malicious activity when interacted with. A trap user account with suspicious transactions attached to it is a classic honeytoken deployment.
Honeypot (C) is wrong here because a honeypot is an entire decoy system or server, not a single account or data object. Honeynet (B) is a network of multiple honeypots working together - a broader infrastructure-level trap. Honeyfile (D) is a specific type of honeytoken, but it refers to a fake file (like a document) used as bait, not a user account.
Memory tip: Think of the suffix - a token is a small, singular item (like a credential or account), a pot is a single container (a whole system), a net catches at scale (multiple systems), and a file is literally a file. Match the trap to its scope and you'll nail these every time.
Topics
Community Discussion
No community discussion yet for this question.