Certified Ethical Hacker (CEH v13) — Question 2

You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees’ emails from some public sources and are creating a client-side backdoor to send it to the employees via email.
Which stage of the cyber kill chain are you at?

Answer options

• A. Reconnaissance
• B. Weaponization
• C. Command and control
• D. Exploitation

Correct answer: B

Explanation

The correct answer is B, Weaponization, as this phase involves creating a malicious payload (in this case, a client-side backdoor) to be delivered to the target. The other options represent different stages: A (Reconnaissance) is about gathering information, C (Command and control) involves establishing a connection with the compromised system, and D (Exploitation) refers to executing the payload to compromise the system.