NOT SELECTED FOR INDUSTRIAL CONTROL SYSTEMS
The information system includes components specifically designed to be the target of malicious attacks for the purpose of detecting, deflecting, and analyzing such attacks.
A honeypot is set up as a decoy to attract adversaries and to deflect their attacks away from the operational systems supporting organizational missions/business function. Depending upon the specific usage of the honeypot, consultation with the Office of the General Counsel before deployment may be needed.
RELATED CONTROLS: SC-26
SC-26 (1) HONEYPOTS | DETECTION OF MALICIOUS CODE
[Withdrawn: Incorporated into SC-35].
- NIST Special Publication 800-82 | GUIDE TO INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY