According to information outlined by the Cyber Kill Chain, which two approaches can help identify reconnaissance threats? (Choose two.)

IT Questions BankCategory: CCNA CyberOpsAccording to information outlined by the Cyber Kill Chain, which two approaches can help identify reconnaissance threats? (Choose two.)
According to information outlined by the Cyber Kill Chain, which two approaches can help identify reconnaissance threats? (Choose two.) 1ITExamAnswers Staff asked 6 months ago

According to information outlined by the Cyber Kill Chain, which two approaches can help identify reconnaissance threats? (Choose two.)

  • Analyze web log alerts and historical search data.
  • Audit endpoints to forensically determine origin of exploit.
  • Build playbooks for detecting browser behavior.
  • Conduct full malware analysis.
  • Understand targeted servers, people, and data available to attack.

Explanation: Threat actors may use port scanning toward a web server of an organization and identify vulnerabilities on the server. They may visit the web server to collect information about the organization. The web server logging should be enabled and the logging data should be analyzed to identify possible reconnaissance threats. Building playbooks by filtering and combining related web activities by visitors can sometimes reveal the intentions of threat actors.

More Questions: CCNA Cyber Ops Chapter 13 Exam Answers
More Questions: CyberOps Associate Final Exam Answers


Related Articles