Which Kill Chain stage describes the attacker controlling the victim's system from a remote location and potentially using it as a launching point for other attacks?

Establishing and maintaining a remote command and control channel lets an attacker control the victim’s system from afar, issue instructions, and use that machine as a foothold to reach other targets. This ongoing back-and-forth with the compromised host is the essence of Command and Control, enabling persistent access, data exfiltration, and lateral movement as part of broader attack operations. The attacker typically uses a C2 channel to beacon home to a server, receive commands, and orchestrate actions across the network, which is exactly how a compromised host becomes a launching point for further attacks. In contrast, delivery is about getting the malware onto the target, reconnaissance is about gathering information, and exploitation is about gaining initial access; none of those describe the remote management and control that a C2 channel provides.