Certified Ethical Hacker (CEH v11) — Question 130

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

Answer options

• A. Public
• B. Private
• C. Shared
• D. Root

Correct answer: B

Explanation

The correct answer is B, Private, because Heartbleed exposes private keys which are critical for securing communications. Public keys, by contrast, are meant to be shared and do not pose the same risk if exposed. Shared keys are not applicable in this context, while root keys are not specifically affected by this bug.