A user received an email attachment named "Hr405-report2609-empl094.exe" but did not run it. Which category of the cyber kill chain should be assigned to this type of event?
Delivery is the fourth phase of the cyber kill chain, which is a model to describe the stages of a cyberattack. Delivery refers to the transmission of the weaponized payload to the target system, such as via email attachments, web links, USB drives, or network connections. Delivery does not necessarily imply successful installation or execution of the payload, which are subsequent phases of the kill chain. References := Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) - Cisco, page 31.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit