Your organization has detected a potential security breach. During the investigation, you observe that the attacker is installing a hidden remote-access tool intended to maintain long-term access to the network. According to the Lockheed Martin cyber kill chain, which phase is the attacker currently in?
In the Lockheed Martin cyber kill chain, installing a backdoor or other persistence mechanism belongs to the Installation phase. During Installation, the adversary places malware that provides a foothold so they can return even after reboots or other changes. Reconnaissance is the initial information-gathering phase; Delivery is when the weaponized payload is transmitted to the target; Command and Control (C2) follows Installation and involves establishing interactive communication with the compromised host.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the main goal of the Command and Control (C2) stage in the cyber kill chain?
Open an interactive chat with Bash
How does a backdoor differ from other forms of malware used in attacks?
Open an interactive chat with Bash
How does the cyber kill chain model help improve an organization’s security posture?