Certified Ethical Hacker (CEH v13) — Question 251

Infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

Answer options

• A. Scanning
• B. Gaining access
• C. Maintaining access
• D. Reconnaissance

Correct answer: B

Explanation

The correct answer is B, as gaining access involves exploiting vulnerabilities to enter a system, which includes using malware and phishing techniques. The other options do not pertain to the act of obtaining access, with scanning focusing on identifying vulnerabilities, maintaining access being about sustaining control after gaining entry, and reconnaissance involving information gathering before any breaches are attempted.