Certified Network Defender (CND) — Question 41

Ryan works as a network security engineer at an organization the recently suffered an attack. As a countermeasure, Ryan would like to obtain more information about the attacker and chooses to deploy a honeypot into the organizations production environment called Kojoney. Using this honeypot, he would like to emulate the network vulnerability that was attacked previously. Which type of honeypot is he trying to implement?

Answer options

• A. High interaction honeypots
• B. Research honeypot
• C. Low interaction honeypots
• D. Pure honeypots

Correct answer: C

Explanation

The correct answer is C, as low interaction honeypots are designed to simulate specific vulnerabilities without the risk of full system compromise, which aligns with Ryan's goal of emulating the previous attack. High interaction honeypots (A) provide extensive interaction and can be more complex to manage, while research honeypots (B) are typically used for academic purposes rather than immediate threat response. Pure honeypots (D) are fully functional systems that are rarely used in production environments for defensive measures.