Certified Ethical Hacker (CEH v11) — Question 68

Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection.
What is the APT lifecycle phase that Harry is currently executing?

Answer options

• A. Initial intrusion
• B. Persistence
• C. Cleanup
• D. Preparation

Correct answer: A

Explanation

Harry is in the 'Initial intrusion' phase, as he is actively trying to breach the network and has successfully deployed malware. The 'Persistence' phase occurs after gaining access to maintain control, while 'Cleanup' involves removing traces of the attack and 'Preparation' is focused on planning before the actual attack begins.