A school has a web server mainly used for parents to view school events, access student performance indicators, and communicate with teachers. The network administrator suspects a security-related event has occurred and is reviewing what steps should be taken.
The threat actor has already placed malware on the server causing its performance to slow. The network administrator has found and removed the malware as well as patched the security hole where the threat actor gained access. The network administrator can find no other security issue. What stage of the Cyber Kill Chain did the threat actor achieve?
- actions on objectives
- command and control
- delivery
- exploitation
- installation
Explanation: During the installation step, the threat actor installed a server backdoor in order to install the malware (installation step), and an outside server command channel was created to manipulate the target (CnC step). The final step is used to access the server to achieve the objective of the attack.
The Cyber Kill Chain has seven steps:
- reconnaissance
- weaponization
- delivery
- exploitation
- installation
- command and control (CnC)
- actions on objectives
Exam with this question: CCNA Cyber Ops Chapter 13 Exam Answers
Please login or Register to submit your answer