Network Security Administrator (NSA, legacy) — Question 3

Lance wants to place a honeypot on his network. Which of the following would be your recommendations?

Answer options

• A. Use a system that has a dynamic addressing on the network
• B. Use a system that is not directly interacting with the router
• C. Use it on a system in an external DMZ in front of the firewall
• D. It doesn't matter as all replies are faked

Correct answer: D

Explanation

The correct answer is D because the purpose of a honeypot is to deceive attackers into thinking they are interacting with a legitimate system, and thus, the authenticity of replies is not important. Options A, B, and C suggest configurations that may not be effective for a honeypot's role, which is primarily to attract and observe malicious activity without needing real responses.