From the Introduction: "This report analyzes a sample attack path that a cyber threat actor could take to compromise an organization with weaknesses that are representative of those CISA [Cybersecurity and Infrastructure Security Agency] observed in the FY20 RVAs [Risk and Vulnerability Assessments]. The path comprises six successive tactics, or 'steps': 'Initial Access', 'Command and Control', 'Lateral Movement', 'Privilege Escalation', 'Collection', and 'Exfiltration'. In addition to this analysis, the report includes the following observations:  Most of the successful attacks proved to be methods commonly used by threat actors, e.g., phishing, use of default credentials. The list of tools and techniques used to conduct these common attacks is ever changing.  Many of the organizations exhibited the same weaknesses."
U.S. Cybersecurity and Infrastructure Security Agency: https://www.cisa.gov/