What is the primary purpose of a honeypot? • To divert attackers to systems where they cannot cause damage • To learn new techniques being used by attackers • To let attackers know that the network is being monitored • To lure intruders so they can be prosecuted by law enforcement agencies
Added by Jenna C.
Step 1
A honeypot is a security mechanism set up to attract and trap potential attackers by simulating a vulnerable system or network. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 74 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
Security personnel generally have two goals when using a honeypot. A honeypot can deflect or redirect threat actors' attention away from legitimate servers by encouraging them to spend their time and energy on the decoy server, distracting their attention from the data on the actual server. A honeypot can also trick threat actors into revealing their attack techniques. Once these techniques are discovered, it can then be determined if actual production systems could thwart such an attack. However, honeypots can introduce risk. A honeypot, once attacked and compromised, could be used as a launching pad to attack and infiltrate other systems, either those of the organization itself or another organization. Although honeypots should be designed to "capture" the threat actor, a misconfiguration could inadvertently give an attacker an actual platform to attack other systems. If a threat actor were able to do this, would the organization that set up the honeypot then be liable? How would you define "without authorization"? The Computer Fraud and Abuse Act (CFAA) imposes both criminal and civil liability on someone who intentionally accesses a computer "without authorization" or "exceeds authorized access" to obtain information from the computer. Some businesses argue that "without authorization" also applies to security researchers who are probing programs or apps for vulnerabilities. Often these businesses do not want security researchers looking into their security (or lack of it). One such company filed a brief in a court case stating that "necessary research and testing can be performed by authorized parties... and shows how unauthorized research and public dissemination of unvalidated or theoretical security vulnerabilities can actually cause harmful effects." Should "without authorization" be used to prohibit security researchers who want to pinpoint vulnerabilities? Or can it still allow for security researchers to find unknown vulnerabilities in software—even if they have not been asked to?
Akash M.
Spoofing (4.2) To collect information such as passwords, online criminals use “spoofing” to direct Internet users to fraudulent Web sites. In one study of Internet fraud, students were warned about spoofing and then asked to log in to their university account starting from the university’s home page. In some cases, the login link led to the genuine dialog box. In others, the box looked genuine but in fact was linked to a different site that recorded the ID and password the student entered. An alert student could detect the fraud by looking at the true Internet address displayed in the browser status bar below the window, but most just entered their ID and password. Is this study an experiment? Why? What are the explanatory and response variables?
Random Variables
Binomial and Geometric Random Variables
To collect information such as passwords, online criminals use "spoofing" to direct Internet users to fraudulent Web sites. In one study of Internet fraud, students were warned about spoofing and then asked to log in to their university account starting from the university's home page. In some cases, the login link led to the genuine dialog box. In others, the box looked genuine but in fact was linked to a different site that recorded the ID and password the student entered. The box that appeared for each student was determined at random. An alert student could detect the fraud by looking at the true Internet address displayed in the browser status bar, but most just entered their ID and password. Is this study an experiment? Why? What are the explanatory and response variables?
Sri K.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD