Internal IoT segment compromised — outbound DDoS to external target, ISP abuse complaints
A hard Cyber × Network Fusion scenario on IoT Botnet DDoS.
Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.
Launches this exact scenario. One of 4 templates in this Track + Difficulty pool.
catalog id · fusion-iot-botnet-ddos
What this scenario practices, mapped to recognized frameworks.
Educational mapping only. Not a compliance attestation.
- IoT botnet DDoS triage
- Availability-first containment discipline
- Network Denial of Service · ImpactT1498 · TA0040MappedHigh confidence
Trains triage of availability-impacting traffic floods.
- Application Layer Protocol · Command and ControlT1071 · TA0011PartialMedium confidence
Trains scoping of remote-access channels on IoT segments.
- Network Traffic FilteringD3-NTFMappedHigh confidence
Trains the traffic-filtering response under DDoS pressure.
- Network Traffic AnalysisD3-NTAMappedHigh confidence
Trains the traffic-analysis posture for source attribution.
- Anomalies and Events · DetectDE.AE · DEMappedHigh confidence
Trains anomaly-detection reasoning under volumetric pressure.
- Recovery Planning · RecoverRC.RP · RCMappedHigh confidence
Trains availability-recovery decision making.
- IR lifecycle phaseDetection & AnalysisMappedHigh confidence
Trains structured triage of volumetric anomalies.
- IR lifecycle phaseContainment, Eradication & RecoveryMappedHigh confidence
Trains scrubbing, isolation, and recovery workflow.
- Asset Inventory1.AMappedHigh confidence
Trains IoT asset-inventory reasoning.
- Changing Default Passwords2.AMappedHigh confidence
Trains the default-password baseline for IoT gear.
- Inventory and Control of Enterprise AssetsControl 1MappedHigh confidence
Trains the asset-inventory control.
- Network Monitoring and DefenseControl 13MappedHigh confidence
Trains the network-monitoring control.