Certified Ethical Hacker (CEH v13) — Question 281

During a red team exercise, a certified ethical hacker (CEH) is working on exploiting a potential vulnerability in the target’s web server. The CEH has completed the information gathering and footprinting stages and mirrored the website for offline analysis. They have also discovered the server is prone to session hijacking.

Which next step is most likely to be part of a successful attack methodology, keeping in mind the requirement to minimize the possibility of detection?

Answer options

• A. Perform vulnerability scanning with automated tools to find additional weaknesses.
• B. Hijack a session and immediately modify server configuration files.
• C. Attempt SQL Injection to extract database information.
• D. Directly apply brute force attack to crack the server’s password.

Correct answer: B

Explanation

The correct answer is B because hijacking a session allows the attacker to gain unauthorized access while minimizing detection risk. Options A, C, and D involve more noticeable actions that could easily trigger alerts, whereas modifying configuration files after hijacking a session can be done discreetly.