Lockheed Martin's
Cyber Kill Chain: 1.Reconnaissance → 2.Weaponization → 3.Delivery → 4.Exploitation → 5.Installation → 6.C2 → 7.Actions on Objectives.
Breaking any stage stops the attack. Defenders should aim to detect as early as possible (recon/delivery). MITRE ATT&CK is more granular and modern, but Kill Chain is still exam-relevant.