Certified Ethical Hacker (CEH v12) — Question 53
Jude, a pen tester, examined a network from a hacker’s perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.
What is the type of vulnerability assessment that Jude performed on the organization?
Answer options
- A. Application assessment
- B. External assessment
- C. Passive assessment
- D. Host-based assessment
Correct answer: B
Explanation
The correct answer is B, as Jude focused on vulnerabilities accessible from outside the network, indicative of an external assessment. Option A, application assessment, pertains to vulnerabilities within specific applications, while C, passive assessment, involves analyzing without direct interaction, and D, host-based assessment, focuses on vulnerabilities specific to individual hosts within the network.