Threat Models Pt.2 (Cyber Kill Chain)

Question 1

A ______ _______ is a systematic process to target and engage an adversary to create desired effects.

Answer 1

Kill chain

Question 2

Enables analysis to detect and mitigate intrusions.

Answer 2

Cyber Kill Chain

Question 3

Research, identification, and selection of targets, often represented as crawling internet websites such as conferences proceedings and mailing lists for email addresses, social relationships, or information on specific technologies.

Answer 3

Reconnaissance

Question 4

Coupling a payload with an exploit into a deliverable.

Answer 4

Weaponization

Question 5

Transmission of the weapon to the targeted environment.

Answer 5

Delivery

Question 6

After the weapon is delivered to the victim host, ___________ triggers the intruders’ code

Answer 6

Exploitation

Question 7

Installation of malware on the victim system allows the adversary to maintain persistence inside the environment.

Answer 7

Installation

Question 8

Typically, compromised hosts must beacon outbound to an internet controller server to establish a C2 channel.

Answer 8

Command and Control

Question 9

Only now, after progressing through the first six phases, can intruders take actions to achieve their original objectives.

Answer 9

Actions on Objectives