Certified Ethical Hacker (CEH v13) — Question 10

Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to.
What type of hacker is Nicolas?

Answer options

• A. Black hat
• B. White hat
• C. Gray hat
• D. Red hat

Correct answer: C

Explanation

Nicolas is classified as a Gray hat hacker because he found a vulnerability and responsibly disclosed it to both the system owner and Microsoft without malicious intent. A Black hat hacker would exploit vulnerabilities for personal gain, while a White hat hacker would typically be employed to find such issues within an organization. A Red hat hacker is not a standard classification in this context.