Certified Ethical Hacker (CEH v12) — Question 10

You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees’ emails from some public sources and are creating a client-side backdoor to send it to the employees via email.
Which stage of the cyber kill chain are you at?

Answer options

• A. Reconnaissance
• B. Weaponization
• C. Command and control
• D. Exploitation

Correct answer: B

Explanation

The correct answer is B, Weaponization, because you are creating a backdoor to exploit vulnerabilities once you have gathered information. The other options do not fit this stage; A, Reconnaissance, involves gathering information, C, Command and control, relates to maintaining control over the compromised systems, and D, Exploitation, is about executing the attack, which comes after weaponization.