Certified Ethical Hacker (CEH v11) — Question 30

You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees' emails from some public sources and are creating a client-side backdoor to send it to the employees via email.
Which stage of the cyber kill chain are you at?

Answer options

• A. Reconnaissance
• B. Weaponization
• C. Command and control
• D. Exploitation

Correct answer: B

Explanation

The correct answer is B, Weaponization, as you are in the process of creating a backdoor to be sent to the employees. This stage involves combining a payload with a delivery mechanism, which is what you're doing by crafting the backdoor for email distribution. The other options describe earlier or later stages in the cyber kill chain, such as gathering information (A), maintaining control over compromised systems (C), and executing the attack on the target (D).