CompTIA Security+ (SY0-701) — Question 512

A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to notify the security team if the spreadsheet is opened. Which of the following best describes the deception method being deployed?

Answer options

• A. Honeypot
• B. Honeyfile
• C. Honeytoken
• D. Honeynet

Correct answer: B

Explanation

The correct answer is B, Honeyfile, as it refers to a file that is intentionally created to lure attackers and monitor their activities. A Honeypot (A) is a broader term for a system designed to attract attackers, while a Honeytoken (C) is typically a piece of data meant to alert when accessed. A Honeynet (D) refers to a network of honeypots, which is not applicable in this scenario.