Which of the following types of technologies is used by security and research personnel for
identification and analysis of new security threats in a networked environment by using false
data/hosts for information collection?

A.
Honeynet

B.
Vulnerability scanner

C.
Port scanner

D.
Protocol analyzer

Explanation:
A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that
an attacker’s activities and methods can be studied and that information used to increase network
security. A honeynet contains one or more honey pots, which are computer systems on the
Internet expressly set up to attract and “trap” people who attempt to penetrate other people’s
computer systems. Although the primary purpose of a honeynet is to gather information about
attackers’ methods and motives, the decoy network can benefit its operator in other ways, for
example by diverting attackers from a real network and its resources. The Honeynet Project, a
non-profit research organization dedicated to computer security and information sharing, actively
promotes the deployment of honeynets.
In addition to the honey pots, a honeynet usually has real applications and services so that it
seems like a normal network and a worthwhile target. However, because the honeynet doesn’t
actually serve any authorized users, any attempt to contact the network from without is likely an
illicit attempt to breach its security, and any outbound activity is likely evidence that a system has
been compromised. For this reason, the suspect information is much more apparent than it would
be in an actual network, where it would have to be found amidst all the legitimate network data.
Applications within a honeynet are often given names such as “Finances” or “Human Services” to
make them sound appealing to the attacker.