Prev Question
Next Question

The network of an organization has been the victim of several intruders’ attacks. Which of the
following measures would allow for the early detection of such incidents?

Antivirus software

Hardening the servers

Screening routers


Honeypots can collect data on precursors of attacks. Since they serve no business function,
honeypots are hosts that have no authorized users other than the honeypot administrators. All
activity directed at them is considered suspicious. Attackers will scan and attack honeypots, giving
administrators data on new trends and attack tools, particularly malicious code. However,
honeypots are a supplement to, not a replacement for, properly securing networks, systems and
applications. If honeypots are to be used by an organization, qualified incident handlers and
intrusion detection analysts should manage them. The other choices do not provide indications of
potential attacks.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *