A cyberattacker notices a security flaw in a software that a company is using. They decide to tailor a specific worm to exploit this flaw and extract saved passwords from the software. To which category of the Cyber Kill Chain model does this event belong?
The event described involves creating a specific worm to exploit a security flaw and extract saved passwords. This process of creating malicious code specifically designed to exploit a vulnerability falls under the 'weaponization' category of the Cyber Kill Chain model. Weaponization involves developing the necessary tools to carry out an attack by leveraging identified vulnerabilities.
The attacker is tailoring a specific worm to exploit a security flaw and extract saved passwords from the software. I think it should be Weaponization
Should be A, my bad for previous comment
A- Weaponization
It's A - this is the important bit "to tailor a specific worm to exploit this flaw and extract saved passwords"
answer A
A --> Weaponization
I go with A
Agree sb D