DRAG DROP - Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model. Select and Place:
Google Figure 2: Original Lockheed Martin Cyber (Intrusion) Kill Chain - has a very nice image
Based on that I would say
Exploitation - The targeted Environment is taken advantage of triggering the threat actor's code
Installation - Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.
Command and Control - An outbound connection is established to an Internet-based controller server.
Actions and Objectives - The threat actor takes actions to violate data integrity and availability
At a second thought, I think that the provided solution is correct and you - as well as me - might be wrong.
Backdoors are used for C2C and the initial malware installation - which is not a backdoor - has "called home" signaling the accomplish of its mission - system compromise.
After that, a backdoor was deployed in order to assure persistence and C2C functionality for the attackers
Exploitation: The targeted environment is taken advantage of triggering the threat actor's code. (key words: ..taken advantage..).
Installation: Backdoor is placed on the victim system allowing the threat actor to maintain the persistence. (key words: ..is placed on..).
Command an Control: An outbound connection is established on an Internet-based controller server. (key words: ..controller server..).
Actions an Objectives: The threat actor takes actions to violate data integrity and availability. (key words: ..takes actions to violate..).
Lockheed Martin Cyber Kill Chain.
1. reconnaissance, 2.weaponization, 3.delivery, 4.exploitation, 5.installation, 6.command and control (C2), 7. actions on objectives
Exploitation ==> The targeted Environment is taken advantage of triggering the threat actor's code.
Installation ==> Backdoor is placed on the victim system allowing the threat actor to maintain the persistence.
Command and Control ==> An outbound connection is established to an Internet-based controller server.
Actions and Objectives ==> The threat actor takes actions to violate data integrity and availability
Agree with Barney_Stinson entry. Backdoor placement is installation and victim outbound connection would be to the CnC server. Middle two items are reversed in the answer given.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
HarryPotter69
Highly Voted 3 years, 4 months agoSilexis
1 year agoethhacker
1 year, 5 months agoBarney_Stinson
Highly Voted 3 years, 9 months agoalhamry
Most Recent 1 year, 9 months agoEng_ahmedyoussef
2 years, 3 months agoCOLCRISS
2 years, 7 months agoomita
3 years, 1 month agoCiscoTerminator
3 years, 3 months agoanonymous1966
3 years, 4 months agoqz999
3 years, 5 months ago