nerdexam
Cisco

210-255 · Question #167

Which Cyber Kill Model category does attacking vulnerability belong to?

The correct answer is A. Exploitation. In the Lockheed Martin Cyber Kill Chain framework, the Exploitation phase is the stage where an attacker actively triggers a vulnerability to execute code or gain unauthorized access, which directly corresponds to the act of attacking a vulnerability.

Attack Methods

Question

Which Cyber Kill Model category does attacking vulnerability belong to?

Options

  • AExploitation
  • BInstallation
  • CDeliver
  • DAction on Objectives

How the community answered

(34 responses)
  • A
    94% (32)
  • B
    3% (1)
  • D
    3% (1)

Why each option

In the Lockheed Martin Cyber Kill Chain framework, the Exploitation phase is the stage where an attacker actively triggers a vulnerability to execute code or gain unauthorized access, which directly corresponds to the act of attacking a vulnerability.

AExploitationCorrect

Exploitation is the Kill Chain phase immediately following Delivery where the attacker's exploit code fires against a specific vulnerability - such as a buffer overflow, use-after-free, or unpatched CVE - to achieve code execution or privilege escalation on the target system. This phase represents the literal act of attacking a vulnerability, as the weakness in software or hardware is abused to cross the security boundary. Exploitation must succeed before the attacker can advance to Installation or later phases.

BInstallation

Installation occurs after successful exploitation and involves placing a persistent mechanism - such as a web shell, rootkit, or remote access trojan - on the already-compromised system to maintain access.

CDeliver

Delivery is the phase where the weaponized payload is transmitted to the target environment (for example via phishing email or watering hole attack) but the vulnerability has not yet been triggered or attacked.

DAction on Objectives

Actions on Objectives is the final Kill Chain phase where the attacker accomplishes their mission goals such as data exfiltration or destructive action, occurring well after initial exploitation.

Concept tested: Cyber Kill Chain model - Exploitation phase

Source: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Topics

#Cyber Kill Chain#exploitation#attack phases#vulnerability exploitation

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice