Certified Ethical Hacker (CEH v13) — Question 48
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization.
Which of the following attack techniques is used by John?
Answer options
- A. Insider threat
- B. Diversion theft
- C. Spear-phishing sites
- D. Advanced persistent threat
Correct answer: D
Explanation
The correct answer is D, Advanced persistent threat, as it describes a prolonged and stealthy attack where the intruder maintains access to the network over time to gather sensitive information. The other options do not fit this scenario; an Insider threat typically involves someone within the organization, Diversion theft refers to stealing while distracting, and Spear-phishing sites are related to targeted phishing attacks rather than long-term network infiltration.