Certified Ethical Hacker (CEH v11) — Question 210

Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to.
What type of hacker is Nicolas?

Answer options

• A. Black hat
• B. White hat
• C. Gray hat
• D. Red hat

Correct answer: C

Explanation

Nicolas is classified as a Gray hat hacker because he discovered a vulnerability and informed both the system owner and Microsoft, demonstrating responsible disclosure. Black hat hackers exploit vulnerabilities for malicious purposes, while White hat hackers typically work with permission to improve security, and Red hat hackers are known for aggressively pursuing Black hats.