Every morning, a systems administrator monitors failed login attempts on the company's log management server.
The administrator notices the DBAdmin account has five failed username and/or password alerts during a ten-minute window.
The systems administrator determines the user account is a dummy account used to attract attackers.
Which of the following techniques should the systems administrator implement?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The most appropriate technique for the systems administrator to implement, given the scenario described, is a honeypot.
A honeypot is a decoy system or network used to lure attackers away from critical systems and gather information about their methods and tools. In this case, the DBAdmin account is a dummy account used specifically for this purpose, and the failed login attempts suggest that attackers are targeting it. By implementing a honeypot, the administrator can redirect attackers to a system designed to look like a legitimate target, while at the same time monitoring their activities and gathering valuable information about their techniques and tools.
Role-based access control (A) and rule-based access control (C) are both access control methods used to restrict access to systems and resources based on predefined policies. However, these techniques are not directly relevant to the scenario described, as they do not address the specific issue of attackers targeting a dummy account.
Password cracker (D) is a tool used to guess or crack passwords by brute force or dictionary attacks. While password cracking may be useful in some situations (such as when attempting to recover a forgotten password), it is not an appropriate technique for addressing the scenario described. In this case, the goal is not to recover a password, but to redirect attackers to a decoy system in order to gather information about their methods and tools.