A high profile company has been receiving a high volume of attacks on their web site. The network administrator wants to be able to collect information on the attacker(s) so legal action can be taken.
What should be implemented?
A.
A DMZ (Demilitarized Zone)
B.
A honey pot
C.
A firewall
D.
A new subnet
Explanation:
A deception active response fools the attacker into thinking the attack is succeeding while monitoring the activity and potentially redirecting the attacker to a system that is designed to be broken. This allows the operator or administrator to gather data about how the attack is unfolding and what techniques are being used in the attack. This process is referred to as sending them to the honey pot.
Reference: Security + (SYBEX) page 183