DRAG DROP - Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model. Select and Place:
Google Figure 2: Original Lockheed Martin Cyber (Intrusion) Kill Chain - has a very nice image
Based on that I would say
Exploitation - The targeted Environment is taken advantage of triggering the threat actor's code
Installation - Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.
Command and Control - An outbound connection is established to an Internet-based controller server.
Actions and Objectives - The threat actor takes actions to violate data integrity and availability
At a second thought, I think that the provided solution is correct and you - as well as me - might be wrong.
Backdoors are used for C2C and the initial malware installation - which is not a backdoor - has "called home" signaling the accomplish of its mission - system compromise.
After that, a backdoor was deployed in order to assure persistence and C2C functionality for the attackers
I agree with HarryPotter69.
Correct answer is: 2,3,4,1
Exploitation - The targeted Environment is taken advantage of triggering the threat actor's code
Installation - Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.
Command and Control - An outbound connection is established to an Internet-based controller server.
Actions and Objectives - The threat actor takes actions to violate data integrity and availability
Exploitation: The targeted environment is taken advantage of triggering the threat actor's code. (key words: ..taken advantage..).
Installation: Backdoor is placed on the victim system allowing the threat actor to maintain the persistence. (key words: ..is placed on..).
Command an Control: An outbound connection is established on an Internet-based controller server. (key words: ..controller server..).
Actions an Objectives: The threat actor takes actions to violate data integrity and availability. (key words: ..takes actions to violate..).
Lockheed Martin Cyber Kill Chain.
1. reconnaissance, 2.weaponization, 3.delivery, 4.exploitation, 5.installation, 6.command and control (C2), 7. actions on objectives
Exploitation ==> The targeted Environment is taken advantage of triggering the threat actor's code.
Installation ==> Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.
Command and Control ==> An outbound connection is established to an Internet-based controller server.
Actions and Objectives ==> The threat actor takes actions to violate data integrity and availability
Agree with Barney_Stinson entry. Backdoor placement is installation and victim outbound connection would be to the CnC server. Middle two items are reversed in the answer given.
The answer is shuffeled.
e.g. the outbound connection is definitely CnC, not installation
upvoted 5 times
...
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
HarryPotter69
Highly Voted 3 years, 2 months agoSilexis
10 months agoethhacker
1 year, 2 months ago[Removed]
Highly Voted 3 years, 2 months agoalhamry
Most Recent 1 year, 7 months agoEng_ahmedyoussef
2 years, 1 month agoCOLCRISS
2 years, 5 months agoomita
2 years, 11 months agoCiscoTerminator
3 years, 1 month agoanonymous1966
3 years, 2 months agoqz999
3 years, 3 months agoBarney_Stinson
3 years, 6 months ago