With a flaw identified and a plan created, the attacker attempts to get their army ready. This will involve moving them to the right place and stretching the weakness to see if they can indeed get through the castle walls.
In this section, we will explain the distinguishing features of an intrusion in the Delivery and Exploitation stages and how to defend against an attack at this point. These two stages are specifically referenced as topic 5.1c and d in the topic list for the 210-255 exam.
Implementing Cisco Cybersecurity Operations (210-255) topic list:
5.1 Classify intrusion events into these categories as defined by the Cyber Kill Chain model
5.1.c Delivery
5.1.d Exploitation
5.1 Classify intrusion events into these categories as defined by the Cyber Kill Chain model
5.1.c Delivery
5.1.d Exploitation
Again, we will look at the two stages separately. We will also use some examples to help differentiate between the two categories.