Which Kill Chain stage establishes two-way communication between the victim and an adversary-controlled server and may use encryption to hide the channel?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which Kill Chain stage establishes two-way communication between the victim and an adversary-controlled server and may use encryption to hide the channel?

Explanation:
Maintaining remote control over compromised hosts through a covert channel is the key idea. In the cyber kill chain, the stage that does this is Command and Control. It establishes two-way communication between the victim's system and an adversary‑controlled server, so the attacker can issue commands, receive data, and send updates or new instructions. Encrypting the channel is a common technique here to hide the traffic from defenders, making the beaconing, data exfiltration, and command traffic harder to spot. You might see the malware reach out to a C2 server over encrypted protocols (like HTTPS or other tunneled methods) to keep control hidden. Other terms like tactics, techniques, or procedures are broad labels for classes of actions or methods, not the specific mechanism by which an attacker maintains ongoing control over a compromised host.

Maintaining remote control over compromised hosts through a covert channel is the key idea. In the cyber kill chain, the stage that does this is Command and Control. It establishes two-way communication between the victim's system and an adversary‑controlled server, so the attacker can issue commands, receive data, and send updates or new instructions. Encrypting the channel is a common technique here to hide the traffic from defenders, making the beaconing, data exfiltration, and command traffic harder to spot. You might see the malware reach out to a C2 server over encrypted protocols (like HTTPS or other tunneled methods) to keep control hidden. Other terms like tactics, techniques, or procedures are broad labels for classes of actions or methods, not the specific mechanism by which an attacker maintains ongoing control over a compromised host.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy