Threat Identification and Classification Questions

Identify and classify security threats and suspicious activity by determining the attack vector, likely threat actor motivation, and the nature of the vulnerability or risk. Distinguish between vulnerability, threat, and risk; differentiate external versus insider threats and targeted versus opportunistic attacks; assess potential impact based on systems and data involved; and prioritize incidents by severity. Include logical approaches to evidence evaluation, indicators of compromise, attribution caveats, and recommended next steps for containment, investigation, and mitigation.