From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Unlock the full course today
Join today to access over 24,200 courses taught by industry experts.
Cyber kill chain analysis
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Cyber kill chain analysis
- [Instructor] The last attack framework that we'll examine is Lockheed Martin's Cyber Kill Chain. The Cyber Kill Chain is an attempt to model the activity of an individual attacker. Thinking about this in the context of the other frameworks that we've discussed, the MITRE attack framework seeks to categorize individual attack techniques, while the Diamond model seeks to dissect the characteristics of an attack. The Cyber Kill Chain's focus is a little bit different. The Cyber Kill Chain seeks to model the phases of an attack. Cyber Kill Chain focuses on the activities of sophisticated attackers, known as advanced persistent threats or APTs. The kill chain describes the work that an APT does as a series of seven phases that can be very useful to analysts who are seeking to reconstruct an intrusion. Here we can take a look at the elements of the Cyber Kill Chain on the Lockheed Martin website. This graphic walks us through the…