Easy
|
Medium
|
Hard
Cyber Kill Chain - Medium
Note: You will NOT be able to complete this challenge without completing the easy challenge first
Enter the flag from the easy challenge here
Instructions:
Determine which phase of the Lockheed-Martin Cyber Kill Chain the attacker is in
An attacker is in the process of emailing a malicious Word document to several employes in an organization
An attacker begins exfiltrating sensitive data from an organization and posting it to a pastebin on the internet
An attacker has achieved persistence on an organization's network and is now able to access the network through a remote shell
An attacker buys access to a botnet for use in a DDOS attack
An attacker attends a security conference posing as a student to network with a specific organization's employees
Malware uses a security flaw in the Windows OS to create a temporary listener on port TCP 40036
Malware downloads netcat onto a compromised server
An attacker lays dormant for 5 months after achieving persistence on a network