Question 2Which technique is NOT used to break the command and control – CnC - phase of the Cyber Kill Chain®?1 pointBlocking outbound traffic to known malicious sites and IP addressesDNS sinkholingVulnerability and Patch ManagementDNS poisoning
Question
Question 2Which technique is NOT used to break the command and control – CnC - phase of the Cyber Kill Chain®?1 pointBlocking outbound traffic to known malicious sites and IP addressesDNS sinkholingVulnerability and Patch ManagementDNS poisoning
Solution
Para responder a esta pregunta, primero debemos entender las técnicas mencionadas y cómo se relacionan con la fase de comando y control (CnC) de la Cyber Kill Chain®.
-
Bloqueo de tráfico saliente a sitios y direcciones IP maliciosas conocidas: Esta técnica se utiliza para impedir que el malware se comunique con su servidor de comando y control, interrumpiendo así la fase de CnC.
-
DNS sinkholing: Esta técnica redirige las solicitudes de DNS de dominios maliciosos a un servidor controlado por el defensor, evitando que el malware se comunique con su servidor de comando y control.
-
Gestión de vulnerabilidades y parches: Esta técnica se centra en identificar y corregir vulnerabilidades en el sistema para prevenir la explotación inicial. No está directamente relacionada con la interrupción de la fase de CnC, sino más bien con la prevención de la infección inicial.
-
Envenenamiento de DNS (DNS poisoning): Esta técnica implica alterar las respuestas de DNS para redirigir el tráfico a direcciones IP maliciosas. Aunque puede ser utilizada por atacantes, no es una técnica comúnmente utilizada para interrumpir la fase de CnC.
Por lo tanto, la técnica que NO se utiliza para interrumpir la fase de comando y control (CnC) de la Cyber Kill Chain® es la Gestión de vulnerabilidades y parches.
Similar Questions
What is the purpose of using Cyber Kill Chain?This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option.optionAIdentifying attackersoptionBDefining monitoring actionsoptionCDescribing an attack processoptionDDeveloping command and control systems
Please choose the best answer from the choices belowWhich of the following phases of the cyber kill chain methodology involves the collection of information about the target system or organization from the Internet before initiating an attack?Actions on objectiveReconnaissanceDeliveryInstallation
What is the last stage of the Cyber Kill Chain framework?Question 2Select one:creation of malicious payloadgathering target informationremote control of the target devicemalicious action
Please choose the best answer from the choices belowIn which of the following phases of the cyber kill chain methodology does an adversary communicate with remote compromised systems through an encrypted session?Command and control serverProxy serverData stagingHTTP User-Agent
What will a threat actor do to create a back door on a compromised target according to the Cyber Kill Chain model?Add services and autorun keys.Open a two-way communications channel to the CnC infrastructure.Obtain an automated tool to deliver the malware payload.Collect and exfiltrate data.Navigation Bar
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.