A company is moving its applications to the cloud and is concerned about cyber security threats. The security team has been tasked with providing a comprehensive view of how attackers gainaccess, move through networks, and carry out attacks. Which framework identifies the seven phases of an attack, from initial infiltration to post-exploitation?
Correct Answer: C
The correct answer is C - Cyber kill chain. The Cyber Kill Chain, developed by Lockheed Martin, is a model that breaks down a cyber attack into seven distinct phases: reconnaissance, weaponization, delivery, exploitation, installation, command and control (C2), and actions on objectives. According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) study materials, this model helps security teams understand and interrupt an attack at various stages. While MITRE ATT&CK (B) and its ICS variant (A) provide detailed mappings of techniques used by attackers, they are not structured specifically into seven phases like the Cyber Kill Chain. The Diamond Model (D) is an analysis methodology, not a phase-based model. Reference Extract from Study Guide: "The Cyber Kill Chain model divides the sequence of a cyber attack into seven phases, providing a structured method for analyzing and disrupting attacks." - WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Attack Frameworks and Methodologies
