Cyber alert intake
Triage a suspicious login alert with partial context. The submitted work creates a review brief that keeps observations tied to source material.
What the candidate submits
Security handoff, indicator check, response priority, log evidence, open questions, revision note.
- communication artifact
- quality check
- priority rationale
- source/evidence review
- assumptions or open questions
- revision note
How this maps to the six evidence dimensions
Good for inspecting evidence discipline under urgency. Reviewers can inspect the submitted sources before using any observation.
Quality Rigor is supported by the quality-check portion of the artifacts: Security handoff, indicator check, response priority, log evidence, open questions, revision note.
Ambiguity Handling is supported by assumptions, open questions, unknowns, gaps, or caveats in the submitted work.
Learning Agility is supported by the revision note and the explanation of what changed after review.
Communication Clarity is supported by the submitted update, memo, reply, handoff, guide, or summary.
Prioritization Judgment is supported by the priority rationale, sequencing choice, or next-step rationale.
Evidence Discipline is supported by source references, cited notes, logs, chart details, policy excerpts, or evidence gaps.
Questions this task can support
Which source detail would most change the next step?
Where is the evidence thin enough to ask for clarification?