Which of the following should not be used as honeytokens? (Select all that apply)
Multiple response — select two or more answers
Answer choices
Architectural breakdown & explanation
Honeytokens must be fake. Active credentials and real URLs to live resources would create genuine risk if exposed.
Correct answer(s): a. Active user account credentials, c. Actual URLs to live websites or resources
Exam domain: Domain 1: General Security Concepts (12% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the CompTIA Security+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.