Certified Ethical Hacker (CEH v11) — Question 227

A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by
Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors.
What is the type of vulnerability assessment performed by Martin?

Answer options

• A. Database assessment
• B. Host-based assessment
• C. Credentialed assessment
• D. Distributed assessment

Correct answer: B

Explanation

Martin performed a Host-based assessment since he evaluated the system for vulnerabilities directly on the machine itself. This type of assessment examines the security posture of individual systems, which aligns with the findings related to user directories and system parameters. The other options do not apply as they refer to different scopes or methodologies of assessments.