Certified Ethical Hacker (CEH v13) — Question 185

Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection.
What is the APT lifecycle phase that Harry is currently executing?

Answer options

• A. Initial intrusion
• B. Persistence
• C. Cleanup
• D. Preparation

Correct answer: A

Explanation

Harry is currently in the 'Initial intrusion' phase of the APT lifecycle, as he has successfully infiltrated the target system and deployed malware. The other options do not apply because 'Persistence' refers to maintaining access after the initial breach, 'Cleanup' involves removing traces of the attack, and 'Preparation' is about planning and gathering information before launching an attack.