Certified Ethical Hacker (CEH v12) — Question 210

A cyber attacker has initiated a series of activities against a high-profile organization following the Cyber Kill Chain Methodology. The attacker is presently in the "Delivery" stage. As an Ethical Hacker, you are trying to anticipate the adversary's next move. What is the most probable subsequent action from the attacker based on the Cyber Kill Chain Methodology?

Answer options

• A. The attacker will attempt to escalate privileges to gain complete control of the compromised system.
• B. The attacker will exploit the malicious payload delivered to the target organization and establish a foothold.
• C. The attacker will initiate an active connection to the target system to gather more data.
• D. The attacker will start reconnaissance to gather as much information as possible about the target.

Correct answer: B

Explanation

The correct answer is B because once the payload is delivered, the attacker typically exploits it to gain access and establish a foothold in the system. Options A, C, and D are actions that may occur later in the Cyber Kill Chain but are not the immediate next step after the 'Delivery' phase.