Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 112

A user received an email attachment named `Hr402-report3662-empl621.exe` but did not run it. Which category of the cyber kill chain should be assigned to this type of event?

Answer options

• A. delivery
• B. reconnaissance
• C. weaponization
• D. installation

Correct answer: A

Explanation

The correct answer is A, delivery, as this phase involves the transmission of malicious payloads to the target. The other options do not apply since reconnaissance refers to the information-gathering phase, weaponization involves creating the malware, and installation is the stage where malware is executed on the target system.