Which technique is NOT used to break the command-and-control phase of the Cyber-Attack Lifecycle?

The technique identified as the one not used to break the command-and-control phase of the Cyber-Attack Lifecycle is vulnerability and patch management. This phase of a cyber-attack primarily involves the adversary establishing communication with compromised systems to control them remotely.

Blocking outbound traffic to known malicious sites offers a proactive measure to prevent infected systems from reaching out to command-and-control servers, effectively disrupting the attacker’s ability to send commands or retrieve data. Similarly, DNS sinkholing and poisoning are techniques that manipulate domain name system inquiries to redirect or prevent communication with malicious servers.

In contrast, vulnerability and patch management focus on identifying and addressing security weaknesses in systems and applications. While these practices are essential for overall cybersecurity hygiene and can prevent initial compromises, they are not directly aimed at disrupting ongoing command-and-control communication that has already been established. Therefore, they do not specifically target the command-and-control phase of a cyber attack.