Which phase immediately follows Installation in Lockheed Martin's Cyber Kill Chain?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the SANS FOR508 Exam. Use flashcards and multiple-choice questions, each with hints and explanations. Maximize your readiness for the test!

Multiple Choice

Which phase immediately follows Installation in Lockheed Martin's Cyber Kill Chain?

Explanation:
The phase immediately after Installation is Command and Control. Once the malware is installed on the target system, it needs a remote channel to reach back to the attacker, receive instructions, report status, and exfiltrate data. Establishing this C2 channel enables the attacker to control the infected host and coordinate actions across the network. Delivery and Exploitation occur earlier in the chain—Delivery brings the payload to the target, and Exploitation triggers the vulnerability or user action that allows the payload to run. Therefore they are not the steps that follow Installation. After Command and Control, the attacker typically proceeds to Actions on Objectives, but the immediate successor to Installation is the establishment of the C2 channel.

The phase immediately after Installation is Command and Control. Once the malware is installed on the target system, it needs a remote channel to reach back to the attacker, receive instructions, report status, and exfiltrate data. Establishing this C2 channel enables the attacker to control the infected host and coordinate actions across the network.

Delivery and Exploitation occur earlier in the chain—Delivery brings the payload to the target, and Exploitation triggers the vulnerability or user action that allows the payload to run. Therefore they are not the steps that follow Installation. After Command and Control, the attacker typically proceeds to Actions on Objectives, but the immediate successor to Installation is the establishment of the C2 channel.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy