A honeytoken is a form of deception technology in which a fake asset (such as credentials, files, or database records) is planted in a system or network to detect unauthorized access or malicious activity. The fake password stored in a hidden spreadsheet, with monitoring for access, is a classic example of a honeytoken. It is not an interactive system (like a honeypot or honeynet) but rather a marker or tripwire intended to alert the security team to suspicious behavior. This method helps identify attackers and their methods early in the intrusion process.
[References:, CompTIA Security+ SY0-701 Official Study Guide, Domain 1.1, "Deception and Disruption Technologies", CompTIA Security+ Exam Objectives: 1.1, CompTIA Glossary: “Honeytoken—A fictitious record or file intended to attract or identify unauthorized access.”, , , , ]
Submit