Certified Ethical Hacker (CEH v12) — Question 102

While browsing his Facebook feed, Matt sees a picture one of his friends posted with the caption, “Learn more about your friends!”, as well as a number of personal questions. Matt is suspicious and texts his friend, who confirms that he did indeed post it. With assurance that the post is legitimate, Matt responds to the questions on the post. A few days later, Matt’s bank account has been accessed, and the password has been changed.
What most likely happened?

Answer options

• A. Matt inadvertently provided the answers to his security questions when responding to the post.
• B. Matt inadvertently provided his password when responding to the post.
• C. Matt’s computer was infected with a keylogger.
• D. Matt’s bank-account login information was brute forced.

Correct answer: A

Explanation

The correct answer is A because the personal questions that Matt answered are often used as security questions for account recovery. The other options are less likely; Matt did not provide his password directly, there is no evidence of a keylogger, and brute force attacks typically do not require user input.