Certified Information Systems Security Professional (CISSP) — Question 340
The security organization is looking for a solution that could help them determine with a strong level of confidence that attackers have breached their network.
Which solution is MOST effective at discovering a successful network breach?
Answer options
- A. Developing a sandbox
- B. Installing an intrusion detection system (IDS)
- C. Deploying a honeypot
- D. Installing an intrusion prevention system (IPS)
Correct answer: C
Explanation
A honeypot is specifically designed to attract and trap potential attackers, allowing security teams to analyze their behavior and confirm a breach. While an IDS can detect attacks and an IPS can prevent them, they do not provide the same level of insight into successful breaches as a honeypot does. Developing a sandbox is useful for testing but does not directly indicate breaches in a live network.