During report preparation, you must describe how the attacker progressed from initial foothold to business impact. Which reporting approach most clearly conveys the path taken, the techniques used at each stage, and the consequences for the environment?
Showing which security controls were assessed without detailing how an attacker bypassed them
Presenting each attack step in chronological order, explaining how weaknesses were exploited and the resulting impact
Listing discovered weaknesses without further detailing their contribution to system compromise
Providing an architectural diagram with limited information about the sequence or outcomes of exploit attempts
A detailed chronology highlights each phase of the compromise, including initial entry, lateral movement, and the resulting outcomes. This allows stakeholders to see how attackers overcame defenses and how multiple weaknesses contributed to the final impact. Simply listing weaknesses, relying on a limited diagram, or outlining tested controls without explaining how defenses were circumvented do not show how the environment was penetrated or what the attacker achieved.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is presenting the attack steps in chronological order important?
Open an interactive chat with Bash
What is lateral movement, and why is it significant in a compromise?
Open an interactive chat with Bash
How does understanding the attacker’s methods help improve defenses?