Certified Ethical Hacker (CEH v12) — Question 17

Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection.
What is the APT lifecycle phase that Harry is currently executing?

Answer options

• A. Initial intrusion
• B. Persistence
• C. Cleanup
• D. Preparation

Correct answer: A

Explanation

Harry is in the Initial intrusion phase of the APT lifecycle as he has successfully gained access to the target network by deploying malware. The Persistence phase occurs after the initial access is established, where the attacker ensures continued access. Cleanup phase involves removing traces after the attack, and Preparation refers to the planning and reconnaissance done before the attack.