312-50V13 · Question #430
312-50V13 Question #430: Real Exam Question with Answer & Explanation
The correct answer is B: Weaponization. Josh's actions of drafting a malicious email with an attached disguised file, before sending it, represent the Weaponization stage of the cyber kill chain.
Question
Josh has finished scanning a network and has discovered multiple vulnerable services. He knows that several of these usually have protections against external sources but are frequently susceptible to internal users. He decides to draft an email, spoof the sender as the internal IT team, and attach a malicious file disguised as a financial spreadsheet. Before Josh sends the email, he decides to investigate other methods of getting the file onto the system. For this particular attempt, what was the last stage of the cyber kill chain that Josh performed?
Options
- AExploitation
- BWeaponization
- CDelivery
- DReconnaissance
Explanation
Josh's actions of drafting a malicious email with an attached disguised file, before sending it, represent the Weaponization stage of the cyber kill chain.
Common mistakes.
- A. Exploitation is the act of triggering the vulnerability and gaining access to the system, which occurs after successful delivery.
- C. Delivery is the transmission of the weapon (the malicious email) to the target, which Josh has not yet done.
- D. Reconnaissance involves gathering information about the target, which Josh completed earlier by scanning the network and discovering vulnerabilities.
Concept tested. Cyber Kill Chain - Weaponization stage
Reference. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
Topics
Community Discussion
No community discussion yet for this question.