Ch 1.1 - PAN-Security Architecture Flashcards
What is the Cyber Kill Chain Methodology?
The 7 phases of events that a threat actor goes through to infiltrate the network.
What are the 7 Phases of Cyber Kill Chain.
1) Reconnaissance.
2) Weaponization.
3) Delivery.
4) Exploration.
5) Installation.
6) Command and Control.
7) Actions on Objective.
Explain Reconnaissance phase from the Cyber kill chain methodology and what phase is it.
1) The phase where the threat actor attempts to gather information of the organization and plan the attack. This includes Scans for vulnerabilities and exploits.
2) This is step 1.
Explain Weaponization phase from the Cyber kill chain methodology and what phase is it.
1) This is the step where the threat actor attempts to create a weapon against a specific target based off on the reconnaissance phase.
2) This is Phase 2
Explain Delivery phase from the Cyber kill chain methodology and what phase is it.
1) The Weapon created will be transmitted to a target through means of Phishing, USB or website
2) Phase 3
Explain Exploitation Phase phase from the Cyber kill chain methodology and what phase is it.
1) Once the weapon has been successfully delivered it will be used to exploit and attack to gain entry to the organization
2) Phase 4
Explain Installation phase from the Cyber kill chain methodology and what phase is it.
1) Once gain access to the network, the threat actor will create a backdoor into the system.
2) Phase 5.
Explain Command and Control phase from the Cyber kill chain methodology and what phase is it.
1) A communication will be established between the exploited device and the attackers server over the internet.
2) Phase 6.
Explain Action on Objective phase from the Cyber kill chain methodology and what phase is it.
1) Once everything has been established between the attackers server and data can be extracted the attacker will act on their Objectives such as Destruction of critical infrastructure, Data exfiltration, Encrypt and Ransom.
2) Phase 7.
