Certified Ethical Hacker (CEH v10) — Question 167

Which of the following statements regarding ethical hacking is incorrect?

Answer options

• A. An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services
• B. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization's systems
• C. Ethical hacking should not involve writing to or modifying the target systems.
• D. Testing should be remotely performed offsite.

Correct answer: B

Explanation

Option B is incorrect because ethical hackers often use tools and methods to identify and exploit vulnerabilities as part of their testing process. The other options, A, C, and D, accurately reflect principles and best practices in ethical hacking, such as avoiding conflicts of interest and ensuring testing is done safely.