What phase of an attack implies a hacker is actively attacking a system and applications using vulnerabilities discovered in the other phases?

Gaining Access Phase

Explanation:

Before the hacker gets to the maintaining access phase, two phases are already passed, these phases are:

1. Reconnaissance - Gathering all necessary information for the attack.

2. Scanning - using tools such as vulnerability scanners, network mappers, dialers among others to analyze the network using information gotten from the Reconnaissance phase.

Once the vulnerabilities of the system are discovered in the first two phases, the hacker is actively attacking the system in the third phase.

3. Gaining Access - At this phase, the hacker carries out the attack from the information retrieved from Phase 1 and 2. The system vulnerabilities already discovered are exploited efficiently to own the system. This can be carried out offline, through the internet, by having access to the host computer or through wired or wireless LAN.

Two phases come after the "gaining access" phase. They are:

4. Maintaining access - At this phase, the hacker secures his access to the system from security personnel or other hackers. They ensure that backdoors are established to gain quick and easy access to the system for further attacks.

5. Covering Tracks - log files are removed or modified by hackers to ensure that their actions are completely invisible to any suspecting person.