You are a criminal hacker and have infiltrated a corporate network via a compromised host and a
misconfigured firewall. You find many targets inside the network but all appear to be hardened except for one. It
has several notable vulnerable services and it therefore seems out of place with an otherwise secured network.
(Except for the misconfigured firewall, of course)
What is it that you are likely seeing here?

A.
A Honeypot

B.
A Cisco Switch

C.
An IDS (Intrusion Detection System)

D.
A File Server

Explanation:
A honeypot is a system that is setup to be easy to attack. This seems to be the case in this scenario.
A honeypot system is a computer that usually sits in the screened subnet, or DMZ, and attempts to lure
attackers to it instead of to actual production computers. To make a honeypot system lure attackers,
administrators may enable services and ports that are popular to exploit.
Incorrect Answers:
B: A switch would not host vulnerable services.
C: An Intrusion Detection System would not host vulnerable services.
D: A file server could host vulnerable services. But it is more likely that the server was set up as honeypot as all
other targets are setup in a secure manner.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 655