Recital 21 Range of TTPs throughout kill chain

During the active red team means the testers, internal or external, contracted for, or assigned to, a TLPT; testing phase, the testers should deploy a range of tactics, techniques, and procedures (TTPs) to adequately test the live production systems of the financial entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations;. The TTPs should contain, as appropriate, reconnaissance (i.e. collecting as much information as possible on a target), weaponization (i.e. analysing information on the infrastructure, facilities, and employees and preparing for the operations specific to the target), delivery (i.e. the active launch of the full operation on the target), exploitation (i.e. where the testers’ goal is to compromise the servers, networks of the financial entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; and exploit its staff through social engineering), control and movement (i.e. attempts to move from the compromised systems to further vulnerable or high value ones), and actions on target (i.e. gaining further access to compromised systems and acquiring access to the previously agreed target information and data, as previously agreed in the red team means the testers, internal or external, contracted for, or assigned to, a TLPT; test plan).