Certified Ethical Hacker (CEH v11) — Question 140

John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization.
Which of the following attack techniques is used by John?

Answer options

• A. Insider threat
• B. Diversion theft
• C. Spear-phishing sites
• D. Advanced persistent threat

Correct answer: D

Explanation

The correct answer is D, Advanced persistent threat, as it describes a prolonged and targeted attack where the hacker maintains access without detection to gather information. The other options do not accurately represent this behavior; an insider threat involves someone within the organization, diversion theft relates to distracting while stealing, and spear-phishing sites involve deceptive emails rather than long-term network infiltration.