Which of the following phases of the Cyber Kill Chain involv

Which of the following phases of the cyber kill chain involv - CompTIA CySA+ CSO-003

Question

Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?

Answers

correct

Command and control
Actions on objectives
Exploitation
Delivery

Explanation

The correct answer is: A. Command and control

This is the correct answer because in the Command and Control (C2) phase of the Cyber Kill Chain, the adversary attempts to establish a communication channel with the compromised system. After successfully exploiting a target, the attacker will establish a command-and-control channel to allow remote communication and control over the compromised system, often for further exploitation or data exfiltration. This phase is crucial for maintaining persistence within the target network.

Why the Other Options Are Incorrect:

Actions on objectives

This is incorrect because the Actions on Objectives phase occurs after the adversary has established control over the system. It involves the attacker achieving their ultimate goals, such as stealing data, disrupting operations, or executing further malicious actions. The establishment of communication happens earlier, in the C2 phase.

Exploitation

This is incorrect because Exploitation refers to the phase where the adversary takes advantage of a vulnerability in the target system to gain unauthorized access. While exploitation is critical for gaining access, it does not involve establishing communication. Communication is set up in the Command and Control phase, which follows successful exploitation.

Delivery

This is incorrect because Delivery involves the adversary sending the malicious payload to the target, such as through phishing emails or malware-laden attachments. Delivery is the initial phase of the kill chain, not the phase where communication is established.

View Full Course Content Try our Free Questions

No Payment Cards Needed

CompTIA CySA+ CSO-003 exam

Normally $69

$45/month