Ethical Hacking Essentials Practice Test

Which of the following best defines 'Command and Control' in a cyber kill chain?

• A. Piloting the attack's final objectives
• B. Sending commands to compromised systems
• C. Collecting intelligence on target systems
• D. Gaining initial access to the target

The correct answer is: Sending commands to compromised systems

'Command and Control' refers to the methods used by attackers to communicate with compromised systems within a target environment to maintain control over those systems. This stage typically involves sending commands to execute further actions, such as data exfiltration or deploying additional malware. In this context, B captures the essence of Command and Control perfectly by emphasizing the act of sending directives to the already compromised systems, allowing attackers to orchestrate their operations effectively. This maintains the attacker's presence and operational capabilities within the targeted network, which is crucial for achieving their broader objectives. The other options, while related to different stages or aspects of a cyber attack, do not encapsulate the specific purpose of Command and Control. For instance, piloting the attack's final objectives relates more to the overarching strategy rather than the ongoing management of the compromised systems. Collecting intelligence on target systems can occur earlier in the kill chain and doesn't specifically address the interaction with compromised assets. Gaining initial access pertains to the entry point of an attack, which precedes the command and control phase. Thus, while they are all integral to the overall attack lifecycle, only sending commands to compromised systems accurately describes the Command and Control function within a cyber kill chain.