Which step in the cyber kill chain refers to the methods used to communicate with an exploited system to further the attack?

The step in the cyber kill chain that pertains to the methods used to communicate with an exploited system in order to further the attack is Command and Control (C2). In this phase, attackers establish a presence on the compromised system and utilize various communication techniques to send commands, control the compromised system, and extract data. The communication can be conducted through different protocols or channels, allowing adversaries to maintain control and facilitate further actions, such as deploying malware or exfiltrating sensitive data.

The Command and Control phase is critical for attackers because it allows them to pivot from initial exploitation to executing their objectives, leveraging the compromised system for further activities while avoiding detection. By establishing robust command and control mechanisms, attackers can carry out their operations remotely, making this stage a central aspect of many cyber attack scenarios.