Certified Ethical Hacker (CEH v12) — Question 143

A Certified Ethical Hacker (CEH) is given the task to perform an LDAP enumeration on a target system. The system is secured and accepts connections only on secure LDAP. The CEH uses Python for the enumeration process. After successfully installing LDAP and establishing a connection with the target, he attempts to fetch details like the domain name and naming context but is unable to receive the expected response. Considering the circumstances, which of the following is the most plausible reason for this situation?

Answer options

• A. The system failed to establish a connection due to an incorrect port number.
• B. The enumeration process was blocked by the target system's intrusion detection system.
• C. The secure LDAP connection was not properly initialized due to a lack of 'use_ssl = True' in the server object creation.
• D. The Python version installed on the CEH's machine is incompatible with the Idap3 library.

Correct answer: C

Explanation

The correct answer is C, as the secure LDAP connection requires SSL to be enabled for proper communication. If 'use_ssl = True' is not set in the server object, the connection will not be established correctly, leading to the inability to fetch details. Options A and B are less likely because the connection was established, and option D is irrelevant since the version of Python does not affect the secure LDAP connection initialization.