Certified Ethical Hacker (CEH v11) — Question 298

Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.
What is the type of vulnerability assessment that Jude performed on the organization?

Answer options

• A. Application assessment
• B. External assessment
• C. Passive assessment
• D. Host-based assessment

Correct answer: B

Explanation

The correct answer is B, External assessment, as Jude evaluated the network's vulnerabilities from an external perspective, simulating a hacker's approach. Options A, C, and D are incorrect because they focus on different scopes of assessment, such as applications, internal vulnerabilities, or host-specific evaluations, rather than the external environment Jude analyzed.