PBQ 5: Threat Indicator Matching
Match the threat indicator with the correct threat type.
1. New admin account created without approval
-- Choose a threat type --
Cross-Site Scripting (XSS)
Phishing
Brute Force Attack
Data Exfiltration
Privilege Escalation
Command and Control (C2)
DoS Attack
DNS Tunneling
2. Executable file downloaded via email link
-- Choose a threat type --
Phishing
Cross-Site Scripting (XSS)
Command and Control (C2)
DNS Tunneling
Data Exfiltration
DoS Attack
Brute Force Attack
Privilege Escalation
3. Unusual outbound traffic to foreign IP addresses
-- Choose a threat type --
DNS Tunneling
Brute Force Attack
Command and Control (C2)
Phishing
Data Exfiltration
DoS Attack
Privilege Escalation
Cross-Site Scripting (XSS)
4. JavaScript injected in comment sections
-- Choose a threat type --
Data Exfiltration
Phishing
Cross-Site Scripting (XSS)
Privilege Escalation
Command and Control (C2)
Brute Force Attack
DNS Tunneling
DoS Attack
5. Multiple login failures followed by a successful login
-- Choose a threat type --
Phishing
DoS Attack
Cross-Site Scripting (XSS)
Brute Force Attack
Data Exfiltration
DNS Tunneling
Privilege Escalation
Command and Control (C2)
Submit
Retry