Which phase of the kill chain often involves performing social engineering?
- command-and-control
- installation
- reconnaissance
- exploitation
| Explanation & Hint:
The phase of the kill chain that often involves performing social engineering is the “Reconnaissance” phase. During the Reconnaissance phase, attackers gather information about the target. This can include identifying potential vulnerabilities in the target’s security, learning about the target’s systems and networks, and often involves gathering information about individuals who work at the target organization. Social engineering techniques are frequently used in this phase to manipulate individuals into divulging confidential information, which can be critical for planning the subsequent phases of the attack. Social engineering can also be a part of other phases like “Delivery” or “Exploitation,” especially in cases involving phishing attacks, but it is most characteristically a part of Reconnaissance, where information gathering and target identification are key activities. |