CISA Certified Information Systems Auditor – Question1546

An IS auditor should be MOST concerned with what aspect of an authorized honeypot?

A.
The data collected on attack methods
B. The information offered to outsiders on the honeypot
C. The risk that the honeypot could be used to launch further attacks on the organization's infrastructure
D. The risk that the honeypot would be subject to a distributed denial-of-service attack

Correct Answer: C

Explanation:

Explanation:
Choice C represents the organizational risk that the honeypot could be used as a point of access to launch further attacks on the enterprise’s systems. Choices A and B are purposes for deploying a honeypot, not a concern. Choice D, the risk that the honeypot would be subject to a distributed denial-of-service (DDoS) attack, is not relevant, as the honeypot is not a critical device for providing service.