CompTIA CySA+ Practice Test

In the context of a cyber attack, the phase where an adversary typically utilizes exploits against public-facing servers is indeed the delivery phase. During this phase, the adversary has already prepared their attack vector and chooses to deploy it against the target. This often involves exploiting vulnerabilities in systems, particularly those that are exposed to the internet, such as public-facing servers. At this stage, the adversary takes the weaponized payload—created from the prior weaponization phase—and delivers it to the target system. This could be through various methods, including exploiting software vulnerabilities, sending phishing emails with malicious links, or directly engaging with public-facing servers that may have unpatched software. Understanding this phase is critical, as it represents the actual attempt to execute an attack, distinguishing it from earlier phases like reconnaissance, where the adversary gathers information, and installation, which involves establishing persistence on the target system after successful exploitation.