SY0-701 · Question #662
SY0-701 Question #662: Real Exam Question with Answer & Explanation
The correct answer is B: Honeyfile. Honeyfile is correct because the deception asset is specifically a file (a spreadsheet) planted in a non-obvious location with monitoring to detect unauthorized access - that's the definition of a honeyfile. A (Honeypot) is wrong because a honeypot is a decoy system or server, no
Question
A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to notify the security team if the spreadsheet is opened. Which of the following best describes the deception method being deployed?
Options
- AHoneypot
- BHoneyfile
- CHoneytoken
- DHoneynet
Explanation
Honeyfile is correct because the deception asset is specifically a file (a spreadsheet) planted in a non-obvious location with monitoring to detect unauthorized access - that's the definition of a honeyfile.
- A (Honeypot) is wrong because a honeypot is a decoy system or server, not a single file.
- C (Honeytoken) is wrong because a honeytoken is a decoy data element (like a fake credential, API key, or database record) embedded within real data to detect misuse - not a standalone file with an alert.
- D (Honeynet) is wrong because a honeynet is a network of honeypots, an entire decoy infrastructure.
Memory tip: Match the suffix to the asset type - a honeyfile is a decoy file, a honeypot is a decoy system, a honeynet is a decoy network, and a honeytoken is a decoy data token (credential/record) hidden among real data.
Topics
Community Discussion
No community discussion yet for this question.