100

Classify Identity and Cloud Intrusion Patterns

Which pattern is best described as vishing, spearphishing, or impersonation aimed at help desk staff to reset passwords or transfer MFA tokens?
Difficulty: Easy
Which pattern is most directly mapped to MITRE ATT&CK T1021.007 Remote Services: Cloud Services?
Difficulty: Medium
Which indicator most strongly suggests session-token abuse rather than password-based login?
Difficulty: Medium
What is the best analyst classification for an exposed terminal server or missing VPN requirement, when no exploit telemetry confirms compromise?
Difficulty: Hard
Which activity best fits cloud infrastructure discovery?
Difficulty: Medium