Your organization has detected a potential security breach, and as the cybersecurity analyst, you are tasked with analyzing the attack. During investigation, you notice the attacker is currently in the process of establishing a backdoor for persistent access to the network. According to the cyber kill chain model, which stage of the attack is currently being executed?
In the cyber kill chain model, establishing a backdoor for persistent access falls under the 'Command and Control (C2)' stage. During this stage, attackers establish a method to continuously govern the compromised system or network, often by creating hidden access paths that ensure their continued control. 'Reconnaissance' is incorrect because it is the first stage where attackers gather information before launching an attack. 'Delivery' is also incorrect; it refers to the stage where the attack vector, like a phishing email or a malware-infested file, is delivered to the target. 'Weaponization' is the stage where an attacker combines an exploit with a backdoor into a deliverable payload, which precedes delivery and exploitation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does Command and Control (C2) entail in the context of cybersecurity?
Open an interactive chat with Bash
Can you explain the Cyber Kill Chain model and its stages?
Open an interactive chat with Bash
What are common methods attackers use to establish a backdoor during the C2 stage?