Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 152
The security team has detected an ongoing spam campaign targeting the organization. The team's approach is to push back the cyber kill chain and mitigate ongoing incidents. At which phase of the cyber kill chain should the security team mitigate this type of attack?
Answer options
- A. installation
- B. reconnaissance
- C. actions
- D. delivery
Correct answer: D
Explanation
The correct phase to mitigate a spam attack is 'delivery', as this is when the malicious content is transmitted to the target. Addressing this phase can effectively prevent the spam from reaching its destination. The other phases, such as installation and actions, occur after the delivery has been successful, making them less relevant for mitigation at this stage.