After a threat actor completes a port scan of the public web server of an organization and identifies a potential vulnerability, what is the next phase for the threat actor in order to prepare and launch an attack as defined in the Cyber Kill Chain?

After a threat actor completes a port scan of the public web server of an organization and identifies a potential vulnerability, what is the next phase for the threat actor in order to prepare and launch an attack as defined in the Cyber Kill Chain?

• Exploitation
• Weaponization
• Reconnaissance
• Action on objectives

Explanation: The Cyber Kill Chain specifies seven steps (or phases) and sequences that a threat actor must complete to accomplish an attack:
1. Reconnaissance: The threat actor performs research, gathers intelligence, and selects targets.
2. Weaponization: The threat actor uses the information from the reconnaissance phase to develop a weapon against specific targeted systems.
3. Delivery: The weapon is transmitted to the target using a delivery vector.
4. Exploitation: The threat actor uses the weapon delivered to break the vulnerability and gain control of the target.
5. Installation: The threat actor establishes a backdoor into the system to allow for continued access to the target.
6. Command and Control (CnC): The threat actor establishes command and control (CnC) with the target system.
7. Action on Objectives: The threat actor is able to take action on the target system, thus achieving the original obj

Exam with this question: CCNA Cyber Ops Chapter 13 Exam Answers
Exam with this question: CyberOps Associate (Version 1.0) - Module 28: Digital Forensics and Incident Analysis and Response Answers
Exam with this question: Cyber Threat Management - 6.6.2 Digital Forensics and Incident Analysis and Response Quiz