Certified Ethical Hacker v11 312-50v11 – Question306

Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request.
Which of the following techniques is employed by Dayn to detect honeypots?

A.
Detecting honeypots running on VMware
B. Detecting the presence of Snort_inline honeypots
C. Detecting the presence of Honeyd honeypots
D. Detecting the presence of Sebek-based honeypots

Correct Answer: B