Cybersecurity Attack Phases

According to EC-Council

EC-Council identify in the CEH course 5 hacking phases:

1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Clearing Tracks

According to ISACA

ISACA identify 8 phases in a cybersecurity generalized attack processs:

1. Perform reconnaissance
2. Create attack tools
3. Deliver malicious capabilities
4. Exploit and compromise
5. Conduct an attack
6. Achieve results
7. Maintain a presence or set of capabilites
8. Coordinate a campaign

External References

“CEH v10”, EC-Council
“CSX Cybersecurity Fundamentals Study Guide 2nd Edition”, ISACA, page 35