Which of the following type of honey pot essentially gives a hacker a real environment to attack?
A. High-interaction
B. Low-interaction
C. Med-interaction
D. None of the choices
A. High-interaction
B. Low-interaction
C. Med-interaction
D. None of the choices
Correct Answer: A
Explanation:
Explanation:
High-interaction type of honey pot essentially gives an attacker a real environment to attack.
Also, you should know below information about honey pot for CISA exam:
A Honey pot is a software application that pretends to be an unfortunate server on the internet and is not set up actively protect against break-ins.
There are two types of honey pot:
High-interaction Honey pots – Essentially gives hacker a real environment to attack. High-interaction honey pots imitate the activities of the production systems that host a variety of services and, therefore, an attacker may be allowed a lot of services to waste his time. According to recent research into high-interaction honey pot technology, by employing virtual machines, multiple honey pots can be hosted on a single physical machine. Therefore, even if the honey pot is compromised, it can be restored more quickly.
In general, high-interaction honey pots provide more security by being difficult to detect, but they are highly expensive to maintain. If virtual machines are not available, one honey pot must be maintained for each physical computer, which can be exorbitantly expensive. Example: Honey net.
Low interaction – Emulate production environment and therefore, provide more limited information. Low-interaction honey pots simulate only the services frequently requested by attackers. Since they consume relatively few resources, multiple virtual machines can easily be hosted on one physical system, the virtual systems have a short response time, and less code is required, reducing the complexity of the virtual system’s security. Example: Honeyed.
The following were incorrect answers:
Med-interaction – Not a real type of honey pot
Reference:
CISA review manual 2014 Page number 348 http://en.wikipedia.org/wiki/Honeypot_%28computing%29 http://www.ce-infosys.com/english/free_compusec/free_compusec.aspx
High-interaction type of honey pot essentially gives an attacker a real environment to attack.
Also, you should know below information about honey pot for CISA exam:
A Honey pot is a software application that pretends to be an unfortunate server on the internet and is not set up actively protect against break-ins.
There are two types of honey pot:
High-interaction Honey pots – Essentially gives hacker a real environment to attack. High-interaction honey pots imitate the activities of the production systems that host a variety of services and, therefore, an attacker may be allowed a lot of services to waste his time. According to recent research into high-interaction honey pot technology, by employing virtual machines, multiple honey pots can be hosted on a single physical machine. Therefore, even if the honey pot is compromised, it can be restored more quickly.
In general, high-interaction honey pots provide more security by being difficult to detect, but they are highly expensive to maintain. If virtual machines are not available, one honey pot must be maintained for each physical computer, which can be exorbitantly expensive. Example: Honey net.
Low interaction – Emulate production environment and therefore, provide more limited information. Low-interaction honey pots simulate only the services frequently requested by attackers. Since they consume relatively few resources, multiple virtual machines can easily be hosted on one physical system, the virtual systems have a short response time, and less code is required, reducing the complexity of the virtual system’s security. Example: Honeyed.
The following were incorrect answers:
Med-interaction – Not a real type of honey pot
Reference:
CISA review manual 2014 Page number 348 http://en.wikipedia.org/wiki/Honeypot_%28computing%29 http://www.ce-infosys.com/english/free_compusec/free_compusec.aspx