Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 213

A cyberattacker notices a security flaw in a software that a company is using. They decide to tailor a specific worm to exploit this flaw and extract saved passwords from the software. To which category of the Cyber Kill Chain model does this event belong?

Answer options

• A. weaponization
• B. reconnaissance
• C. delivery
• D. exploitation

Correct answer: A

Explanation

The correct answer is A, weaponization, because the attacker is creating a specific worm to exploit a vulnerability, which involves crafting a weapon. The other phases, like reconnaissance (B), involve gathering information and do not include the creation of an exploit. Delivery (C) refers to transmitting the weapon, and exploitation (D) is the act of executing the attack, neither of which applies to the creation phase.