EC-CouncilEC-Council
312-50V12 · Question #81
312-50V12 Question #81: Real Exam Question with Answer & Explanation
The correct answer is B: Actions on objectives. The Cyber Kill Chain model defines seven stages of an attack, with data exfiltration occurring in the final 'Actions on Objectives' phase after the attacker has achieved full access.
Submitted by lars.no· Mar 4, 2026Information Security and Ethical Hacking Overview
Question
At what stage of the cyber kill chain theory model does data exfiltration occur?
Options
- AWeaponization
- BActions on objectives
- CCommand and control
- DInstallation
Explanation
The Cyber Kill Chain model defines seven stages of an attack, with data exfiltration occurring in the final 'Actions on Objectives' phase after the attacker has achieved full access.
Common mistakes.
- A. Weaponization is the second stage where the attacker creates a deliverable malicious payload (e.g., coupling an exploit with a backdoor), which happens before any intrusion into the target network.
- C. Command and Control (C2) is the stage where the attacker establishes a remote communication channel to the compromised system, enabling ongoing control, but data exfiltration has not yet occurred at this point.
- D. Installation refers to the stage where the attacker installs a persistent backdoor or remote access tool on the victim's system to maintain long-term access, which precedes the execution of the attacker's final objectives.
Concept tested. Cyber Kill Chain stages and data exfiltration phase
Reference. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Topics
#Cyber Kill Chain#Data exfiltration#Actions on objectives#Attack phases
Community Discussion
No community discussion yet for this question.