Understanding the Attackers and Their Methods

Question 1

Cyber Kill Chain Methodology

Answer 1

A framework to secure cyberspace.

Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command & Control
Action on Objectives

Question 2

Reconnaissance

Answer 2

Where the attacker gathers as much information they can about the intended victim.

eg. network info, system info

Question 3

Weaponization

Answer 3

Analyze the gathered information and identify vunlerabilities.

Question 4

Delivery

Answer 4

Deliver the payload.

Question 5

Exploitation

Answer 5

Step where the initial breach occurs, allowing the attacker to execute malicious exploit.

eg. break into system / gain unauthorized control

Question 6

Installation

Answer 6

Concerned with establishing a persistent presence in the system. Aims to maintain and reinforce control over time.

Question 7

Command & Control

Answer 7

Create a two way channel between the hacking system to the target system.

Question 8

Action on Objectives

Answer 8

Where the attackger goes through and steals confidential data.

Question 9

MITRE | ATT&CK

Answer 9

Designed to document common tactics, techniques, and procedures that advanced persistent threats use against Windows

Question 10

MITRE | Tactic

Answer 10

The adversary’s strategic goal.

Question 11

MITRE | Techniques

Answer 11

The action an adversary takes.

Question 12

MITRE | Procedures

Answer 12

Carries out techniques or sub-techniques.