Certified Ethical Hacker (CEH v11) — Question 160

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", the user is directed to a phishing site.
Which file does the attacker need to modify?

Answer options

• A. Boot.ini
• B. Sudoers
• C. Networks
• D. Hosts

Correct answer: D

Explanation

The correct answer is D, as the Hosts file is used to map hostnames to IP addresses, allowing the attacker to redirect traffic to a phishing site. The other options, such as Boot.ini, Sudoers, and Networks, do not control hostname resolution and would not achieve the desired redirection.