Scenario: Network Monitoring Alert
Your organization's network monitoring system has detected unusual activity. As a cybersecurity analyst,
you need to identify which indicators suggest a potential security breach (Indicators of Compromise - IoC).
Proficiency Threshold: 4 of 6
You must correctly identify at least 4 of the 6 Indicators of Compromise to demonstrate proficiency
Instructions: Select ALL indicators that suggest a security breach. To pass, you must identify at least 4 of the 6 correct IoCs.
A. Unusual outbound network traffic to foreign IP addresses at 3 AM
B. Employee accessing files within their authorization level during business hours
C. Multiple failed login attempts followed by successful login from same IP
D. Presence of unknown executables in system32 directory
E. CPU usage increases when running intensive applications
F. Registry keys modified in HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
G. User receives expected automated email from HR system
H. Port scanning activity originating from internal workstation
I. Encrypted files with unusual extensions (.locked, .crypted) appearing suddenly
J. Scheduled system updates causing temporary network slowdown
Performance Levels
🌟
MASTERY
6/6 Correct (100%)
✅
PROFICIENT
4-5/6 Correct (67-83%)
⚠️
DEVELOPING
2-3/6 Correct (33-50%)
📚
NOVICE
0-1/6 Correct (0-17%)
Correct IoCs: A, C, D, F, H, I (6 total)
Minimum for Proficiency: 4 correct identifications