Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.
Select and Place:

The targeted environment is taken advantage of triggering the threat actor's code. An outbound connection is established to an Internet-based controller server. Backdoor is placed on the victim system allowing the threat actor to maintain the persistence. The threat actor takes actions to violate data integrity and availability.

Exploitation The targeted environment is taken advantage of triggering the threat actor's code. Installation An outbound connection is established to an Internet-based controller server. Command and Control Backdoor is placed on the victim system allowing the threat actor to maintain the persistence. Actions and Objectives The threat actor takes actions to violate data integrity and availability.