SY0-701 Domain 1: General Security Concepts

Which of the following should not be used as honeytokens? (Select all that apply)

Multiple response — select two or more answers

Answer choices

  1. a. Active user account credentials
  2. b. Database entries mimicking real data
  3. c. Actual URLs to live websites or resources
  4. d. Dummy server logs with enticing information
  5. e. Fake identifiers, including usernames, passwords, email addresses, and IP addresses

Architectural breakdown & explanation

Honeytokens must be fake. Active credentials and real URLs to live resources would create genuine risk if exposed.

Correct answer(s): a. Active user account credentials, c. Actual URLs to live websites or resources

Exam domain: Domain 1: General Security Concepts (12% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA Security+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.