A threat actor has gained administrative access to a system and achieved the goal of controlling the system for a future DDoS attack by establishing a communication channel with a CnC owned by the threat actor. Which phase in the Cyber Kill Chain model describes the situation?

A threat actor has gained administrative access to a system and achieved the goal of controlling the system for a future DDoS attack by establishing a communication channel with a CnC owned by the threat actor. Which phase in the Cyber Kill Chain model describes the situation?

• delivery
• exploitation
• command and control
• action on objectives

Explanation: The Cyber Kill Chain specifies seven steps (or phases) and sequences that a threat actor must complete to accomplish an attack:

• Reconnaissance – The threat actor performs research, gathers intelligence, and selects targets.
• Weaponization – The threat actor uses the information from the reconnaissance phase to develop a weapon against specific targeted systems.
• Delivery – The weapon is transmitted to the target using a delivery vector.
• Exploitation - The threat actor uses the weapon delivered to break the vulnerability and gain control of the target.
• Installation - The threat actor establishes a back door into the system to allow for continued access to the target.
• Command and Control (CnC) – The threat actor establish command and control (CnC) with the target system.
• Action on Objectives - The threat actor is able to take action on the target system, thus achieving the original objective.

Exam with this question: CCNA Cyber Ops Final Exam Answers
Exam with this question: CyberOps Associate (Version 1.0) - Module 28: Digital Forensics and Incident Analysis and Response Answers
Exam with this question: Cyber Threat Management - 6.6.2 Digital Forensics and Incident Analysis and Response Quiz