Explain the different phases of an advanced persistent threat (APT).
What will be an ideal response?
An advanced persistent threat (APT) attack advances through the following five phases:
• Reconnaissance: The intruder begins by conducting reconnaissance on the network to gain useful information about the target (security software installed, computing resources connected to the network, number of users, etc.)
• Incursion: The attacker next gains incursion to the network at a low level to avoid setting off any alarms or suspicion. Some form of spear-fishing may be employed in this phase. Once incursion to the target has been gained, the attacker establishes a back door, or a means of accessing a computer program that bypasses security mechanisms.
• Discovery: The intruder now begins a discovery process to gather valid user credentials (especially administrative ones) and move laterally across the network, installing more back doors. These back doors enable the attacker to install bogus utilities for distributing malware that remains hidden in plain sight.
• Capture: The attacker is now ready to access unprotected or compromised systems and capture information over a long period of time.
• Export: Captured data is then exported back to the attacker’s home base for analysis and/or used to commit fraud and other crimes
You might also like to view...
When you ____, you work together on a document with others.
A. collaborate B. acerbate C. cooperate D. negotiate
Which of the following may be created by transforming an XML document?
A) a Web page B) a portable document format (PDF) file C) output for a handheld device D) All of the above.
What is displayed by the program defined below?
```
#include
An instant message conversation consists of text exchanges called a(n) ____________________.
Fill in the blank(s) with the appropriate word(s).