Part 1: Explain what a honeypot is. In your explanation, give at least one advan
ID: 3601849 • Letter: P
Question
Part 1: Explain what a honeypot is. In your explanation, give at least one advantage and one disadvantage of deploying a honeypot on a corporate network.
Part 2: An organization has a network architecture similar to that discussed in class, with a DMZ and an internal network. Should the organization's Active Directory server go in the DMZ or the internal network. Explain your answer in about a paragraph. (If you're not familiar with Active Directory, do some research!)
Part 3: Distinguish among packet filtering firewalls, stateful inspection firewalls, and proxy firewalls. A thorough answer will require at least a paragraph for each type of firewall.
Acme Corporation wants to be sure employees surfing the web aren't victimized through drive-by downloads. Which type of firewall should Acme use? Explain why your answer is correct.
Part 4: Explain why an organization's firewall should block incoming packets the destination address of which is the organization's broadcast address.
Part 5: Explain why an organization's firewall should block outgoing packets the source addresses of which are not in the organization's address space.
Explanation / Answer
Answer to Question 1)
A Honeypot is a network security feature used in a computer Network. Honeypots are generally viewed as Traps that lures in unauthorized users or hackers and lures them to view the trap as if it contains some valuable information which certainly it doesn’t and the unauthorized user or hacker gets blocked on some occasions. So this is just a bait for a hacker used to protect an organization’s computer network from cyber-attacks. Honeypots appear legitimate part of an organization’s website which however they are not and they are remote from that and are regularly monitored for abnormal activity on the network. There is very low or minimal or no security in case of a honeypot and they are usually open. They are also used to learn from the attacks that the hackers or unauthorized users do and in future further improve the security as a basis of the data collected in the past from attacks.
Advantages: The advantage of using a honeypot on a corporate network would be to analyze the type of the attacks made and be ready for them. Also if correctly used it could alert the network of upcoming security risk even before real damage is done to the corporate network.
Disadvantage: Attracting attackers on the corporate network might not be such a good idea. As in no one knows that how smart or skilled they would be or equipment and tools they’re having for such things and they could also do some real damage to systems. Also smart attackers may recognize honeypots and may not step into them.