EC-Council Certified Ethical Hacker (CEH) - 340 Questions

1. A security consultant is explaining the CIA triad to a new client. The client asks which property ensures that only authorized individuals can read sensitive data. Which element of the CIA triad does this describe?

2. During a security awareness training, a trainer asks participants to identify which hacker classification describes someone who hacks systems without authorization and with malicious intent for personal gain. Which classification is correct?

3. An ethical hacker is preparing a penetration test engagement. She is reviewing the five phases of ethical hacking and wants to confirm the correct sequence. Which of the following represents the correct order?

4. A threat intelligence analyst is reviewing a recent attack campaign. She notices the attackers first researched the target organization publicly, then sent a spear-phishing email with a malicious attachment. After the employee clicked, a backdoor was installed. Which phase of the Cyber Kill Chain does the initial spear-phishing delivery represent?

5. During a threat hunting exercise, a security team wants to map observed attacker behaviors to a structured framework that categorizes tactics, techniques, and procedures (TTPs). Which framework is specifically designed for this purpose?