Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 212

A user received a malicious email attachment named "DS045-report1122345.exe" and executed it. In which step of the Cyber Kill Chain is this event?

Answer options

• A. reconnaissance
• B. delivery
• C. weaponization
• D. installation

Correct answer: D

Explanation

The correct answer is D, installation, as executing the malicious attachment signifies that the malware has been installed on the user's system. The other options do not apply here; reconnaissance pertains to information gathering, delivery is the act of sending the malicious payload, and weaponization involves creating the malware, none of which involve execution.