Explanation:
Table Description automatically generated

* The event where a breached workstation is trying to connect to a known malicious domain suggests that the attacker is moving towards their end goals, which typically involves actions on objectives.
* In the Cyber Kill Chain framework, "Action on objectives" refers to the steps taken by an attacker to achieve their intended outcomes, such as data exfiltration, destruction, or ransom demands.
* This phase involves the attacker executing their final mission within the target environment, leveraging access gained in earlier stages of the attack.
References
* Lockheed Martin Cyber Kill Chain
* Understanding the Stages of Cyber Attacks
* Incident Response and the Cyber Kill Chain

A host-based firewall is a utility that can block unauthorized access to a computer system, including port scans. It monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules.

* The weaponization step in the Cyber Kill Chain Model involves the creation or use of a specific weapon (malware, exploit) designed to leverage a vulnerability.
* This phase follows the reconnaissance phase where the attacker gathers information and precedes the delivery phase where the weapon is delivered to the target.
* Developing specific malware to exploit a vulnerable server is a precise example of weaponization.
References
* Lockheed Martin Cyber Kill Chain Model
* Understanding the Weaponization Phase in Cyber Attacks
* Steps in the Cyber Kill Chain

CDFS stands for Compact Disc File System, which is a file system used by Mac OS to store data on CDs.
CDFS is also known as ISO 9660, which is a standard format for data interchange on optical discs. CDFS allows files to be accessed by different operating systems, such as Windows, Linux, and Mac OS. Therefore, an ISO file that is stored in CDFS format is data from a CD copied using Mac-based system. References := Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) v1.0, Module 4: Network Intrusion Analysis, Lesson 4.4: File Type Analysis, Topic 4.4.1: File Systems, page 4-40.