Certified Ethical Hacker (CEH v12) — Question 187

Sarah, a system administrator, was alerted of potential malicious activity on the network of her company. She discovered a malicious program spread through the instant messenger application used by her team. The attacker had obtained access to one of her teammate's messenger accounts and started sending files across the contact list. Which best describes the attack scenario and what measure could have prevented it?

Answer options

• A. Insecure Patch Management; updating application software regularly
• B. Instant Messenger Applications; verifying the sender's identity before opening any files
• C. Rogue/Decoy Applications; ensuring software is labeled as TRUSTED
• D. Portable Hardware Media/Removable Devices; disabling Autorun functionality

Correct answer: B

Explanation

The correct answer is B, as the incident involved an attack via an instant messaging application where verifying the sender's identity could have prevented the malicious file transfer. The other options do not directly address the nature of the attack, which was primarily about user verification in an instant messaging context.