During an incident response, an analyst applied rules to all inbound traffic on the border firewall and
implemented ACLs on each critical server. Following an investigation, the company realizes it is still vulnerable
because outbound traffic is not restricted, and the adversary is able to maintain a presence in the network. In
which of the following stages of the Cyber Kill Chain is the adversary currently operating?
A. Reconnaissance
B. Command and control
C. Actions on objective
D. Exploitation
implemented ACLs on each critical server. Following an investigation, the company realizes it is still vulnerable
because outbound traffic is not restricted, and the adversary is able to maintain a presence in the network. In
which of the following stages of the Cyber Kill Chain is the adversary currently operating?
A. Reconnaissance
B. Command and control
C. Actions on objective
D. Exploitation