Free CompTIA CySA+ CS0-003 Practice Question

During a post-breach analysis, an analyst identifies that the adversary used a PowerShell script to establish a reverse shell, allowing them to remotely access and control the compromised system. Which phase of the MITRE ATT&CK framework is the identified action MOST closely associated with?

  • Impact

  • Privilege Escalation

  • Initial Access

  • Command and Control

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.