CompTIA Security+ (SY0-601) — Question 601

A company wants to get alerts when others are researching and doing reconnaissance on the company. One approach would be to host a part of the infrastructure online with known vulnerabilities that would appear to be company assets. Which of the following describes this approach?

Answer options

• A. Watering hole
• B. Bug bounty
• C. DNS sinkhole
• D. Honeypot

Correct answer: D

Explanation

The correct answer is D, Honeypot, as it refers to a decoy system designed to attract attackers and monitor their activities. Options A, B, and C do not serve the same purpose; a watering hole targets groups, a bug bounty incentivizes finding vulnerabilities, and a DNS sinkhole redirects malicious traffic away from the intended target.