Certified Ethical Hacker (CEH v11) — Question 114

John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation.
What is the type of vulnerability assessment tool employed by John in the above scenario?

Answer options

• A. Agent-based scanner
• B. Network-based scanner
• C. Cluster scanner
• D. Proxy scanner

Correct answer: A

Explanation

The correct answer is A, as an agent-based scanner operates by installing software on individual machines to gather data about vulnerabilities. Options B, C, and D do not fit the scenario, as a network-based scanner would not require an agent on the victim's machine, a cluster scanner is not a standard term in vulnerability scanning, and a proxy scanner functions differently by analyzing traffic rather than directly scanning for vulnerabilities.