Incident-Response CyclePreparationIdentificationContainmentEradicationRecoveryLessons LearnedKill ChainTargetingReconnaissanceWeaponizationDeliveryExploitationInstallationCommand and ControlActions on ObjectiveExample Kill ChainDiamond ModelBasic ModelExtending the ModelActive DefenseDenyDisruptDegradeDeceiveDestroyF3EADFindFixFinishExploitAnalyzeDisseminateUsing F3EADPicking the Right ModelScenario: GLASS WIZARDConclusion