When dealing with security threats and using the Cyber Kill Chain model, which two approaches can an organization use to block a potential back door creation? (Choose two.)
- Conduct damage assessment.
- Establish an incident response playbook.
- Consolidate the number of Internet points of presence.
- Audit endpoints to discover abnormal file creations.
- Use HIPS to alert or place a block on common installation paths.
| Answers Explanation & Hints:
In the command and control phase of the Cyber Kill Chain, the threat actor establishes command and control (CnC) with the target system. With the two-way communication channel, the threat actor is able to issue commands to the malware software installed on the target. |