The BEST method for detecting and monitoring a hacker’s activities without exposing information
assets to unnecessary risk is to utilize:
A.
firewalls.
B.
bastion hosts.
C.
decoy files.
D.
screened subnets.
Explanation:
Decoy files, often referred to as honcypots, are the best choice for diverting a hacker away from
critical files and alerting security of the hacker’s presence. Firewalls and bastion hosts attempt to
keep the hacker out, while screened subnets or demilitarized zones (DM/.s) provide a middle
ground between the trusted internal network and the external untrusted Internet.