Which of the following is NOT a phase in Lockheed Martin's Cyber Kill Chain?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Multiple Choice

Which of the following is NOT a phase in Lockheed Martin's Cyber Kill Chain?

The key idea here is how the Cyber Kill Chain models an intrusion as a sequence of distinct steps an attacker typically follows to achieve an objective. In Lockheed Martin’s original framework, the stages are reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. Exfiltration, which means pulling data out of the environment, isn’t listed as its own stage in the kill chain. It’s generally the outcome or a capability that can occur during the actions on objectives phase or as post‑compromise activity, but it isn’t a separate phase in the model. So the item describing Exfiltration is the one that doesn’t fit the canonical sequence.

Which of the following is NOT a phase in Lockheed Martin's Cyber Kill Chain?

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Which of the following is NOT a phase in Lockheed Martin's Cyber Kill Chain?

Get the latest from Examzify