Certified Ethical Hacker (CEH v12) — Question 172

In an advanced digital security scenario, a multinational enterprise is being targeted with a complex series of assaults aimed to disrupt operations, manipulate data integrity, and cause serious financial damage. As the Lead Cybersecurity Analyst with CEH and CISSP certifications, your responsibility is to correctly identify the specific type of attack based on the following indicators:

The attacks are exploiting a vulnerability in the target system's hardware, inducing misprediction of future instructions in a program's control flow. The attackers are strategically inducing the victim process to speculatively execute instructions sequences that would not have been executed in the absence of the misprediction, leading to subtle side effects. These side effects, which are observable from the shared state, are then utilized to infer the values of in-flight data.

What type of attack best describes this scenario?

Answer options

• A. Rowhammer Attack
• B. Watering Hole Attack
• C. Side-Channel Attack
• D. Privilege Escalation Attack

Correct answer: C

Explanation

The correct answer is C, Side-Channel Attack, as it involves exploiting vulnerabilities to gain information about system operations through indirect means. The Rowhammer Attack (A) manipulates memory cells, while the Watering Hole Attack (B) targets users through compromised websites, and Privilege Escalation Attack (D) involves gaining higher access rights, none of which align with the described attack's focus on exploiting hardware vulnerabilities for data inference.