Last Updated on March 19, 2021 by Admin
Which approach can help block potential malware delivery methods, as described in the Cyber Kill Chain model, on an Internet-faced web server?
- Audit the web server to forensically determine the origin of exploit.
- Collect malware files and metadata for future analysis.
- Build detections for the behavior of known malware.
- Analyze the infrastructure storage path used for files.
Answers Explanation & Hints:
A threat actor may send the weapon through web interfaces to the target server, either in file uploads or coded web requests. By analyzing the infrastructure storage path used for files, security measures can be implemented to monitor and detect malware deliveries through these methods.