Certified Ethical Hacker (CEH v13) — Question 275

Sarah, a system administrator, was alerted of potential malicious activity on the network of her company. She discovered a malicious program spread through the instant messenger application used by her team. The attacker had obtained access to one of her teammate's messenger accounts and started sending files across the contact list. Which best describes the attack scenario and what measure could have prevented it?

Answer options

• A. Insecure Patch Management; updating application software regularly
• B. Instant Messenger Applications; verifying the sender's identity before opening any files
• C. Rogue/Decoy Applications; ensuring software is labeled as TRUSTED
• D. Portable Hardware Media/Removable Devices; disabling Autorun functionality

Correct answer: B

Explanation

The correct answer is B because the attack exploited the instant messenger application, and verifying the sender's identity could have helped prevent the malicious file distribution. Options A, C, and D do not directly address the method of attack or the context of the incident, making them less relevant in this scenario.