CompTIA CySA+ CS0-003 Practice Question
An organization has just detected anomalous activity on its network suggesting the presence of an intruder. According to the Cyber Kill Chain framework, which stage is the organization most likely in, and what should be the key focus at this stage?
Intrusion: identifying and neutralizing the threat
Delivery: delivering the payload to the target network
Reconnaissance: gathering information about the target
Installation: deploying malware on the target system