Cybersecurity Attack Phases

According to EC-Council

EC-Council identify in the CEH course 5 hacking phases:

  1. Reconnaissance
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Clearing Tracks

According to ISACA

ISACA identify 8 phases in a cybersecurity generalized attack processs:

  1. Perform reconnaissance
  2. Create attack tools
  3. Deliver malicious capabilities
  4. Exploit and compromise
  5. Conduct an attack
  6. Achieve results
  7. Maintain a presence or set of capabilites
  8. Coordinate a campaign

External References

“CEH v10”, EC-Council
“CSX Cybersecurity Fundamentals Study Guide 2nd Edition”, ISACA, page 35

Leave a Reply

Your email address will not be published. Required fields are marked *