From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Cyber kill chain analysis
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Cyber kill chain analysis
- [Instructor] The last attack framework that we'll examine is Lockheed Martin's Cyber Kill Chain. The Cyber Kill Chain is an attempt to model the activity of an individual attacker. Thinking about this in the context of the other frameworks that we've discussed, the MITRE attack framework seeks to categorize individual attack techniques, while the Diamond model seeks to dissect the characteristics of an attack. The Cyber Kill Chain's focus is a little bit different. The Cyber Kill Chain seeks to model the phases of an attack. Cyber Kill Chain focuses on the activities of sophisticated attackers, known as advanced persistent threats or APTs. The kill chain describes the work that an APT does as a series of seven phases that can be very useful to analysts who are seeking to reconstruct an intrusion. Here we can take a look at the elements of the Cyber Kill Chain on the Lockheed Martin website. This graphic walks us through the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.