Which activity is typically performed by a threat actor in the installation phase of the Cyber Kill Chain?
- Install a web shell on the target web server for persistent access.
- Harvest email addresses of user accounts.
- Open a two-way communication channel to the CnC infrastructure.
- Obtain an automated tool to deliver the malware payload.
Explanation: In the installation phase of the Cyber Kill Chain, the threat actor establishes a back door into the system to allow for continued access to the target.
Exam with this question: CyberOps Associate (Version 1.0) - CyberOps Associate 1.0 Practice Final exam
Exam with this question: CCNA Cyber Ops Chapter 13 Exam Answers
Exam with this question: Checkpoint Exam: Incident Response Answers
Please login or Register to submit your answer