Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,900 --> 00:00:07,530 Cyber chain is one of the most important question which is asked in the interview. 2 00:00:08,160 --> 00:00:09,920 So let me discuss about that. 3 00:00:09,930 --> 00:00:13,260 What is the difference between Cyber Keychain and Miter TEC? 4 00:00:13,260 --> 00:00:19,110 But before that, let's see what actually the cyber kill chain and what are the phrases we have. 5 00:00:19,590 --> 00:00:24,270 So in cyber kill chain, we have about seven phases. 6 00:00:24,270 --> 00:00:25,050 Exactly. 7 00:00:25,770 --> 00:00:30,900 The number one, we have requirements, weaponization delivery, exploration, installation, command 8 00:00:30,900 --> 00:00:33,900 and control, and then action and objectives. 9 00:00:34,440 --> 00:00:36,210 And so these are the seven stages. 10 00:00:36,210 --> 00:00:38,670 So here are seven tactics, you can say. 11 00:00:38,820 --> 00:00:41,700 And in my attack, there was 14. 12 00:00:43,660 --> 00:00:44,110 Now. 13 00:00:44,650 --> 00:00:45,310 Okay. 14 00:00:45,400 --> 00:00:51,370 One question generally has by always by the interviewer that can you please elaborate your word incident 15 00:00:51,370 --> 00:00:53,440 case in the form of cyber keychain. 16 00:00:53,650 --> 00:01:01,750 So basically what what actually the interview is are asking to you that if you have done any any type 17 00:01:01,750 --> 00:01:10,780 of you know, investigation on malware or you have done any incident in your previous organization, 18 00:01:10,780 --> 00:01:19,780 then are you able to explore or are you able to tell those investigations in the form of cyber kill 19 00:01:19,780 --> 00:01:20,980 chain process? 20 00:01:21,430 --> 00:01:24,600 Let's say if let me take give you an example. 21 00:01:24,610 --> 00:01:29,170 Let's say I worked on Emotet malware, right? 22 00:01:29,170 --> 00:01:33,160 So what I will do is I recommends what attacker will do with Emotet. 23 00:01:33,160 --> 00:01:38,230 So as a recurrence, definitely we need one of the email ID of the user. 24 00:01:38,440 --> 00:01:38,920 Right. 25 00:01:39,040 --> 00:01:40,390 So of the organization. 26 00:01:40,390 --> 00:01:47,440 So that is what recommends weaponization is I am creating the mail delivery that I'm sending the mail 27 00:01:47,440 --> 00:01:49,420 to that user exploitation. 28 00:01:49,420 --> 00:01:52,600 The user is clicking on that attachment installation. 29 00:01:52,600 --> 00:01:58,930 Once it will click on that, it is going to install and it will after that it will communicate for the 30 00:01:58,930 --> 00:02:03,370 command and control and then action objectives means whatever I want. 31 00:02:03,370 --> 00:02:06,490 Why, if I want to steal the data, I can do so. 32 00:02:06,490 --> 00:02:07,930 This is how actually it works. 33 00:02:07,930 --> 00:02:09,940 So these two questions are very important. 34 00:02:09,940 --> 00:02:14,710 Apart from that, the difference between cyber kill chain and my attack. 35 00:02:15,310 --> 00:02:18,490 So now see here both both are similar. 36 00:02:18,490 --> 00:02:22,750 What what their aim is they have to get in, right. 37 00:02:22,750 --> 00:02:26,830 And they don't want to court and they want to get out. 38 00:02:28,270 --> 00:02:30,430 Definitely they want to steal the data. 39 00:02:30,460 --> 00:02:33,340 These three things, they have the similarity. 40 00:02:33,730 --> 00:02:41,710 But the difference is that cyber kill chain is the step by step process, whereas minor attack is not. 41 00:02:42,160 --> 00:02:47,910 If there is some initial access is happening after person, let's say privilege escalation after privilege 42 00:02:48,130 --> 00:02:48,730 escalation. 43 00:02:48,730 --> 00:02:52,090 It is not mandated that they will go for the persistence. 44 00:02:52,090 --> 00:02:54,550 They can go for the little moment. 45 00:02:54,550 --> 00:02:58,750 So the techniques, I mean that is not a sequence wise. 46 00:02:58,750 --> 00:03:02,440 And whereas a cyber kill is sequence sequence wise. 47 00:03:02,440 --> 00:03:07,630 So this is what the basic difference between cyber kill chain and miter attack. 4365