The BEST method for detecting and monitoring a hacker’s activities without exposing information assets to
unnecessary risk is to utilize:
A.
firewalls.
B.
bastion hosts.
C.
decoy files.
D.
screened subnets.
Explanation:
Decoy files, often referred to as honcypots, are the best choice for diverting a hacker away from critical files and alerting security of the hacker’s presence. Firewalls and bastion hosts attempt to keep the hacker out, while screened subnets or demilitarized zones (DM/.s) provide a middle ground between the trusted internal network and the external untrusted Internet.