PrepAway - Latest Free Exam Questions & Answers

To identify any such users, the security administrator could:

Based on information leaked to industry websites, business management is concerned that unauthorized
employees are accessing critical project information for a major, well-known new product. To identify any
such users, the security administrator could:

PrepAway - Latest Free Exam Questions & Answers

A.
Set up a honeypot and place false project documentation on an unsecure share.

B.
Block access to the project documentation using a firewall.

C.
Increase antivirus coverage of the project servers.

D.
Apply security updates and harden the OS on all project servers.

Explanation:
In this scenario, we would use a honeypot as a ‘trap’ to catch unauthorized employees who are accessing
critical project information.
A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the
attack to research current attack methodologies.
According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main purposes:The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where
the system has weaknesses that need to be redesigned.
The hacker can be caught and stopped while trying to obtain root access to the system.
By studying the activities of hackers, designers can better create more secure systems that are potentially
invulnerable to future hackers.
There are two main types of honeypots:
Production – A production honeypot is one used within an organization’s environment to help mitigate
risk.
Research – A research honeypot add value to research in computer security by providing a platform to
study the threat.
Incorrect Answers:
B: Blocking access to the project documentation by using a firewall would block all access to the
documentation including access to authorized employees. It would not help to determine which
unauthorized employees are attempting to access the documentation.
C: Antivirus software is used to scan a system for known virus threats. It would not detect unauthorized
users attempting to access the project documentation.
D: Applying security updates to harden a server is always a good idea. However, security updates would
not detect unauthorized users attempting to access the project documentation.

https://ethics.csc.ncsu.edu/abuse/hacking/honeypots/study.php


Leave a Reply