nerdexam
Exams200-201Questions#200
CiscoCisco

200-201 · Question #200

200-201 Question #200: Real Exam Question with Answer & Explanation

The Cyber Kill Chain model, developed by Lockheed Martin, defines sequential phases of a cyberattack. Reconnaissance is correctly matched to 'identification and selection of targets' because this is the initial intelligence-gathering phase where adversaries research potential vic

Submitted by carlos_mx· Mar 6, 2026CompTIA CySA+ / Security+ - Threat and Vulnerability Management: Understanding attack frameworks and threat actor methodology using the Cyber Kill Chain model

Question

Drag and Drop Question Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model. Answer:

Explanation

The Cyber Kill Chain model, developed by Lockheed Martin, defines sequential phases of a cyberattack. Reconnaissance is correctly matched to 'identification and selection of targets' because this is the initial intelligence-gathering phase where adversaries research potential victims. Weaponization is correctly matched to 'coupling an exploit with a remote access trojan' because this phase involves creating a deliverable payload (weapon) by pairing malicious code with an exploit. Delivery is correctly matched to 'transferring the weapon to the target environment' because this phase represents the transmission of the weapon to the victim via vectors such as email, web, or USB.

Topics

#Cyber Kill Chain#Threat Intelligence#Intrusion Analysis#Attack Lifecycle

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-201 PracticeBrowse All 200-201 Questions