Explanation & Hint:
In the context of the Delivery phase in the Cyber Kill Chain model, the two true statements among the ones provided are:
- “Delivery is the transmission of the payload to the target via a communication vector.” – This statement correctly describes the Delivery phase. During this phase, the attacker transmits a weaponized payload to the victim using various methods. The payload could be in the form of a virus, worm, or other malicious software, and the delivery can occur via email, malicious websites, USB drives, etc.
- “Methods for accomplishing delivery can include email attachments, phishing emails, directing individuals to websites, and USB devices.” – This statement is also true. These methods are common ways for attackers to deliver malicious payloads to their targets. Email attachments and phishing emails can deceive users into executing harmful software, while compromised websites and physical devices like USB drives can serve as a medium for transferring the payload.
The other statements are not accurate:
- “Transmission cannot take multiple forms, and most delivery techniques cannot be uniquely tailored to the targeted individual or system.” – This is false. In reality, the transmission of a payload in a cyberattack can indeed take multiple forms, and attackers often tailor their delivery techniques to their specific target for greater effectiveness.
- “Obfuscating the payload’s code is not a valid technique for minimizing the chance of detection during the delivery process.” – This statement is incorrect. Obfuscating the code of a payload is actually a common and valid technique used by attackers to evade detection by security systems. It helps in disguising the malicious nature of the code, making it harder for security tools to identify it as a threat.
|