Certified Ethical Hacker (CEH v12) — Question 6

What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?

Answer options

• A. httpd.conf
• B. administration.config
• C. php.ini
• D. idq.dll

Correct answer: C

Explanation

The correct answer is C, php.ini, as it is a configuration file for PHP that can expose sensitive information if misconfigured. Options A (httpd.conf) and B (administration.config) are important but typically do not directly provide verbose error messages. Option D (idq.dll) is a dynamic link library file that is not commonly associated with providing detailed error information.