312-50V13 · Question #272
Infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?
The correct answer is D. Gaining access. Infecting a system with malware or using phishing to obtain credentials are both actions taken to successfully compromise and gain unauthorized access to a target system.
Question
Options
- AReconnaissance
- BMaintaining access
- CScanning
- DGaining access
How the community answered
(63 responses)- A3% (2)
- B3% (2)
- C2% (1)
- D92% (58)
Why each option
Infecting a system with malware or using phishing to obtain credentials are both actions taken to successfully compromise and gain unauthorized access to a target system.
Reconnaissance (or information gathering) is the initial phase where an attacker passively or actively collects information about the target *before* attempting to gain access.
Maintaining access is a post-exploitation phase where an attacker tries to retain control over a compromised system, often by installing backdoors or rootkits, after access has already been gained.
Scanning is the phase where an attacker uses tools to identify open ports, services, and potential vulnerabilities, typically *after* reconnaissance but *before* attempting to gain access.
Infecting a system with malware (like a Trojan) or successfully using phishing to obtain credentials directly leads to establishing unauthorized entry or control over a target. These actions are primary mechanisms for 'gaining access' to a system or network, allowing an ethical hacker to proceed with further exploitation or post-exploitation activities.
Concept tested: Ethical hacking phases; gaining access
Source: https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/phases-of-ethical-hacking/
Topics
Community Discussion
No community discussion yet for this question.