From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Cyber kill chain analysis
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Cyber kill chain analysis
- [Instructor] The last attack framework that we'll examine is Lockheed Martin's Cyber Kill Chain. The Cyber Kill Chain is an attempt to model the activity of an individual attacker. Thinking about this in the context of the other frameworks that we've discussed, the Mitre Att&ck Framework seeks to categorize individual attack techniques while the diamond model seeks to dissect the characteristics of an attack. The Cyber Kill Chain's focus is a bit different. It seeks to model the phases of an attack. The cyber kill chain focuses on the activities of sophisticated attackers known as advanced persistent threats. It describes the work that they do as a series of seven phases that can be quite useful to analysts seeking to reconstruct an intrusion. Let's take a look at the cyber kill chain on the Lockheed Martin site. This graphic walks through the steps of the process. The first step of an attack is to engage in reconnaissance…