210-255 · Question #167
210-255 Question #167: Real Exam Question with Answer & Explanation
The correct answer is A: Exploitation. In the Lockheed Martin Cyber Kill Chain framework, the Exploitation phase is the stage where an attacker actively triggers a vulnerability to execute code or gain unauthorized access, which directly corresponds to the act of attacking a vulnerability.
Question
Options
- AExploitation
- BInstallation
- CDeliver
- DAction on Objectives
Explanation
In the Lockheed Martin Cyber Kill Chain framework, the Exploitation phase is the stage where an attacker actively triggers a vulnerability to execute code or gain unauthorized access, which directly corresponds to the act of attacking a vulnerability.
Common mistakes.
- B. Installation occurs after successful exploitation and involves placing a persistent mechanism - such as a web shell, rootkit, or remote access trojan - on the already-compromised system to maintain access.
- C. Delivery is the phase where the weaponized payload is transmitted to the target environment (for example via phishing email or watering hole attack) but the vulnerability has not yet been triggered or attacked.
- D. Actions on Objectives is the final Kill Chain phase where the attacker accomplishes their mission goals such as data exfiltration or destructive action, occurring well after initial exploitation.
Concept tested. Cyber Kill Chain model - Exploitation phase
Reference. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Community Discussion
No community discussion yet for this question.