Certified Ethical Hacker (CEH v13) — Question 144

In an advanced digital security scenario, a multinational enterprise is being targeted with a complex series of assaults aimed to disrupt operations, manipulate data integrity, and cause serious financial damage. As the Lead Cybersecurity Analyst with CEH and CISSP certifications, your responsibility is to correctly identify the specific type of attack based on the following indicators:
The attacks are exploiting a vulnerability in the target system's hardware, inducing misprediction of future instructions in a program's control flow. The attackers are strategically inducing the victim process to speculatively execute instructions sequences that would not have been executed in the absence of the misprediction, leading to subtle side effects. These side effects, which are observable from the shared state, are then utilized to infer the values of in-flight data.
What type of attack best describes this scenario?

Answer options

• A. Rowhammer Attack
• B. Watering Hole Attack
• C. Side-Channel Attack
• D. Privilege Escalation Attack

Correct answer: C

Explanation

The correct answer is C, Side-Channel Attack, because it involves exploiting observable side effects from a system's shared state to gain information about in-flight data. The other options do not fit the scenario: Rowhammer attacks exploit memory vulnerabilities, Watering Hole attacks target specific users, and Privilege Escalation attacks aim to gain higher access rights, none of which align with the described exploitation of hardware vulnerabilities and speculative execution.