Assignment 2

Discussion 1

With the constant efforts to improve the security of networks, the honeypot has become one of the security strategies to improve network security. Though the honeypots have proved to be effective, there are issues that companies need to understand before implementing one. Vendors might make portray honeypots as easy to install and configure because they aim to sell one. Still, it is essential for buyers, especially small companies, to understand its advantages and disadvantages before implementing a honeypot.

There are various advantages as to why every company should have a honeypot. One, honeypots are associated with low false positives and high success. When attackers test their malware against standard security measures used in companies, the malware cannot easily detect the standards in cases where honeypots are used (Lemos, 2013). The low positive false rate nature of honeypots ensures attackers have a difficult time accessing the network, thus improving its security status. Another advantage is that honeypots can confuse attackers. In case of attackers successfully access the network, honeypots slow them down by distracting attackers using virtual decoys. Decoys play an essential role in securing critical data by moving the threat away from it to fake assets (Lemos, 2013). Additionally, honeypots can protect a company against insider threats since the 2016 Cyber Security Intelligence Survey, IBM, revealed that over 50% of organizational attacks were from insiders (IBM 2020 Report). Therefore, all employees should not be aware that honeypots exist.

As much as organizations are advised to install honeypots, there are two major cons associated with them. One is that their effectiveness is compromised as attackers are avoiding them which means that companies must have extra equipment in ensuring their networks are secure. Another disadvantage is that most organizations lack the qualified staff to monitor honeypots, making them less effective.

Discussion 2

There are various advantages associated with honey pot. One of its advantages is low false positives, high success. Unlike the traditional defensive technologies, honey pot presents significant challenges to attackers to predict their use. It is therefore difficult for attackers to counter the defenses associated with this technology. Another advantage is that honey pot is able to confuse attackers. This significantly slows down the activity of attackers who manage to access the organization’s network. This distracts the attackers and makes them to spend more time looking for valuable data (Padda et al., 2016).

Honey pot also allows security teams to focus o other important functions of the organization until it sets off an alert. In addition, honey pot allows IT mangers to train their teams. Defenders can easily learn new techniques by using the technology to watch actions of attackers. Honey pots also provide numerous free options for organizations to get started. With the increased competition in the business environment, most organizations want to optimize their costs to remain relevant in the market (Padda et al., 2016). As a result, these free options can help such organization ensure security for their network while at the same time optimizing costs.

Just like other technologies in the market, honey pot has its limitations. The main disadvantage associated with this technology is that it has a narrow field of view. They can only see activities that are directing affecting them. Honey pot will be unaware if an attacker breaks at a network and attacks numerous systems (Zobal, Kolář & Fujdiak, 2019). Finger printing is also another disadvantage associated with honey pot. Attackers can easily identify the true identity of the defensive technology. In addition, honey pots introduce risk into an organization’s network environment.

1.Evaluate one pro and con above proposed above discussions

Response Requirements:

1. Be 1 paragraphs in length for each Discussion

2. Your responses to above discussions must be more than a simple "Good job" or "I agree with your post". They must also not just be "Let me add to your post..." Instead, your responses to each other should do three things:

1. Acknowledge the above discussions with some form of recognition.

2. Relate the discussions to something you have learned or are familiar with

3. Add to the conversation by asking additional questions about the discussion, or discussing the topic further.