Your organization has detected a potential security breach, and as the cybersecurity analyst, you are tasked with analyzing the attack. During investigation, you notice the attacker is currently in the process of establishing a backdoor for persistent access to the network. According to the cyber kill chain model, which stage of the attack is currently being executed?
In the cyber kill chain model, establishing a backdoor for persistent access falls under the 'Command and Control (C2)' stage. During this stage, attackers establish a method to continuously govern the compromised system or network, often by creating hidden access paths that ensure their continued control. 'Reconnaissance' is incorrect because it is the first stage where attackers gather information before launching an attack. 'Delivery' is also incorrect; it refers to the stage where the attack vector, like a phishing email or a malware-infested file, is delivered to the target. 'Weaponization' is the stage where an attacker combines an exploit with a backdoor into a deliverable payload, which precedes delivery and exploitation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the main goal of the Command and Control (C2) stage in the cyber kill chain?
Open an interactive chat with Bash
How does a backdoor differ from other forms of malware used in attacks?
Open an interactive chat with Bash
How does the cyber kill chain model help improve an organization’s security posture?