Process / Procedure / Policy Flashcards
When a piece of malware is installed on a endpoint / victim what stage of the malware kill chain would this be?
- Installation
What is Exploitation in the malware Kill chain
Exploiting a vulnerability to execute code on a system.
What is Delivery in the Kill chain?
Method in which the payload is delivered. USB, Email, Drive By Download…
What is “Action on Objective” in the malware kill chain?
With hands on key board access intruders accomplish there original goals.
What is installation In the malware kill chain
Installing malware on the asset
What stage in the kill chain is the following?
An attacker combines a exploit with a backdoor with the intention of using it on a targeted victim.
- Weaponization
Reconnaissance stage in the kill chain means to what?
Harvesting email addresses, Identifying targets, network scans, Information gathering that will help in the attack.
What is stage 7 of the kill chain?
Action on Goal - Attacker here achieves his original goal. Examples include exfiltration of data. Increasing the motor speed on a cylinder “Stuxnet”
What stage in the kill chain is the following.
Network is being scanned?
- Reconnaissance
Exfiltration of data is considered as what step in the malware kill chain?
- Action on Goal
What part of the Kill chain would a 0 day exploit be utilized
- Exploitation phase.
What is stage 2 of the malware kill chain?
Weaponization - Combining a exploit with a backdoor for use on a target. “Building of Malware”
Multiple systems are reaching out to known malicious domains what is this a sign of? and what stage of the Malware Kill chain would this reflect?
Multiple systems are reaching out to a command and control server, the systems are likely all infected.
- Command and Control / c&c
What is c&c In the malware kill chain
Command channel for remote manipulation of victim
what is Weaponization in the malware kill chain?
Coupling exploit with a backdoor into deliverable payload
