CST07 - Cyber Kill Chain and Intro to Active Directory

To classify malware types based on severity

To define stages of a cyber attack for analysis and response

To identify vulnerabilities in hardware components

To rank threat actors by sophistication

Running a Nessus vulnerability scan

Sending phishing emails to employees

Searching LinkedIn for employee roles and skills

Attempting to brute-force login credentials

To improve performance of the script

To ensure compatibility with older systems

To evade detection by security tools

To simplify debugging and error handling

To deliver malware to the target system

To establish communication with compromised systems

To scan for vulnerabilities in external networks

To exfiltrate data from the target environment

Gaining initial access through phishing

Moving from one compromised system to others within the network

Encrypting files on a single endpoint

Sending spam emails from a hijacked account

LDAP

Kerberos

RADIUS

SAML

Initial scanning of the network

Exploiting a vulnerability

Data exfiltration or ransomware deployment

Sending phishing emails

They offer free encryption tools

They are less likely to trigger security alerts

They automatically delete logs

They block outbound traffic

To allow users to share passwords

To simplify password rotation and reduce risk

To enable remote desktop access

To bypass group policy restrictions

Manages DNS records

Synchronizes time across the domain

Handles schema updates

Controls DHCP leases