Helpdesk tech approved MFA push at 02:14 UTC after a flood of prompts — Singapore sign-in now active
A easy Cybersecurity scenario on MFA Fatigue / Push Bombing.
Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.
Launches this exact scenario. One of 5 templates in this Track + Difficulty pool.
catalog id · mfa-fatigue-helpdesk-approval
What this scenario practices, mapped to recognized frameworks.
Educational mapping only. Not a compliance attestation.
- MFA-fatigue recognition
- Helpdesk approval discipline under pressure
- Multi-Factor Authentication Request Generation · Credential AccessT1621 · TA0006MappedHigh confidence
Trains triage of repeated MFA prompts targeting one user.
- User Behavior AnalysisD3-UBAMappedHigh confidence
Trains the behavior-analysis posture that flags push-prompt anomalies.
- Multi-factor AuthenticationD3-MFAMappedMedium confidence
Trains the MFA-method maturity reasoning behind resilient enrollment.
- Access Control · ProtectPR.AC · PRMappedHigh confidence
Trains access-control reasoning under social-engineering pressure.
- IR lifecycle phaseDetection & AnalysisMappedHigh confidence
Trains MFA-fatigue pattern triage.
- IR lifecycle phaseContainment, Eradication & RecoveryMappedHigh confidence
Trains session-revocation and method-rotation workflow.
- Phishing-Resistant MFA2.EMappedHigh confidence
Trains the resilient-MFA baseline the scenario depends on.
- Basic Cybersecurity Training2.FMappedMedium confidence
Trains the helpdesk-awareness baseline.
- Access Control ManagementControl 6MappedHigh confidence
Trains the access-management control the scenario exercises.
- Security Awareness and Skills TrainingControl 14MappedMedium confidence
Trains the user/helpdesk awareness layer.