nerdexam
EC-Council

312-50V11 · Question #975

Which among the following is the best example of the third step (delivery) in the cyber kill chain?

The correct answer is C. An intruder's malware is triggered when a target opens a malicious email attachment.. The Delivery phase (step 3) of the cyber kill chain is when the weaponized payload is successfully activated at the target, such as when the victim opens a malicious attachment and the malware executes.

Information Security and Ethical Hacking Fundamentals

Question

Which among the following is the best example of the third step (delivery) in the cyber kill chain?

Options

  • AAn intruder sends a malicious attachment via email to a target.
  • BAn intruder creates malware to be used as a malicious attachment to an email.
  • CAn intruder's malware is triggered when a target opens a malicious email attachment.
  • DAn intruder's malware is installed on a target's machine.

How the community answered

(37 responses)
  • A
    3% (1)
  • B
    14% (5)
  • C
    76% (28)
  • D
    8% (3)

Why each option

The Delivery phase (step 3) of the cyber kill chain is when the weaponized payload is successfully activated at the target, such as when the victim opens a malicious attachment and the malware executes.

AAn intruder sends a malicious attachment via email to a target.

Sending a malicious attachment via email represents the transport mechanism but not confirmed delivery - it corresponds to the attacker initiating transmission, which precedes the actual delivery confirmation that occurs when the target activates the payload.

BAn intruder creates malware to be used as a malicious attachment to an email.

Creating malware to use as a malicious email attachment represents the Weaponization phase (step 2), where the attacker couples an exploit with a payload to form a deliverable weapon.

CAn intruder's malware is triggered when a target opens a malicious email attachment.Correct

In the Lockheed Martin Cyber Kill Chain, Delivery represents the moment the attacker's weapon is conveyed into the target environment and triggered, confirming successful transfer of the payload to the victim's operational context. When the target opens the malicious email attachment and the malware fires, the weapon has been effectively delivered and activated within the victim's system. This triggered execution event is the defining marker that separates confirmed delivery from mere transmission.

DAn intruder's malware is installed on a target's machine.

Malware being installed on the target's machine corresponds to the Installation phase (step 5) of the kill chain, which occurs after the payload has already been delivered and exploited successfully.

Concept tested: Cyber kill chain delivery phase identification

Source: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Topics

#cyber kill chain#delivery phase#attack lifecycle#malware stages

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice