2 Understanding the Attack Life Cycle

In this chapter, we will take a look at the typical phases of a targeted cyber attack against Windows systems. We’ll cover the various stages involved in such an attack, such as initial access, network propagation, foothold establishment, data exfiltration, and impact. We’ll also discuss different tactics and techniques that are used by threat actors at each stage of the attack, including automated and human-operated activities. This chapter focuses on the attack life cycle from the threat actor’s perspective to facilitate the best defense approach when responding to sophisticated intrusions.

Upon having a deep understanding of the threat actor’s capabilities, motives, and objectives, cybersecurity teams ...

Get Incident Response for Windows now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response for Windows by Anatoly Tykushin, Svetlana Ostrovskaya

2

Understanding the Attack Life Cycle

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly