What is the purpose of a "honeypot" in cybersecurity?
2025
What is the purpose of a "honeypot" in cybersecurity?
- A.
To encrypt sensitive data
- B.
To filter network traffic
- C.
To lure attackers and gather information about their techniques
- D.
To prevent unauthorized access to a network
Attempted by 7 students.
Show answer & explanation
Correct answer: C
Answer: To lure attackers and gather information about their techniques.
Explanation: Honeypots are decoy systems that intentionally present seemingly vulnerable services or data to attract attackers. By engaging with attackers in a controlled environment, security teams can observe tools, tactics, and procedures to improve detection, response, and defenses.
Key purposes:
Detect and monitor attacks early by observing attacker behavior.
Collect forensic data about tools, exploits, and command sequences used by attackers.
Divert attackers away from real assets and study adversary tradecraft.
Test and validate detection mechanisms and incident response processes.
Deployment note: Honeypots must be isolated, monitored, and carefully managed so they cannot be used as a launch point to attack other systems. There are different types (for example, low-interaction and high-interaction) that trade realism for complexity and risk.