Exam 200-201 topic 1 question 196 discussion

I think the Correct answer is D. "**ongoing** spam campaign targeting the organization." ==> Delivery

The security team should mitigate the spam attack at the delivery phase of the cyber kill chain.

D. delivery. The cyber kill chain is a framework that describes the stages of a typical cyber attack. These stages include reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions/objectives. In the context of a spam campaign, the delivery phase is where the malicious emails are sent to the target recipients. This phase involves the actual transmission or delivery of the spam emails to the victims' email accounts. It is during this phase that the security team should focus on mitigating the attack by implementing measures to detect and block the malicious emails, such as filtering or blocking techniques, spam detection mechanisms, and email security controls. By addressing the attack at the delivery phase, the security team aims to prevent the spam emails from reaching the intended recipients, thereby reducing the potential impact and mitigating the ongoing incidents related to the spam campaign. Therefore, the correct answer is D. delivery.

Correct ANS=D

Based on the description provided, the security team is focusing on pushing back the cyber kill chain and mitigating ongoing incidents. Therefore, the phase of the cyber kill chain where they should aim to mitigate this type of attack is likely to be the delivery phase. This phase involves the delivery of the malicious payload to the target system, which can happen through various means such as email, social engineering, or other methods.

my guess is also delivery as spam is not malicious just bothering