Which of the following is an example of an indicator of intrusion that an employee might encounter when working on their company's network?

An indicator of intrusion refers to any sign or evidence that suggests a breach of security has occurred within a network or system. Each of the provided scenarios illustrates a potential sign that an employee's account or device has been compromised.

When a user's computer is sending an abnormal amount of data to other countries, it could indicate that sensitive information is being exfiltrated by an unauthorized party, which is a common tactic during a network intrusion. This unusual data transmission raises a red flag and suggests malicious activity is taking place.

Similarly, if a user's web searches are being automatically redirected to other websites, it may signal that malware has taken control of the browser or that the system has been compromised in some way. This manipulation is a common technique employed by attackers to direct users to fraudulent or malicious sites.

Additionally, if a user’s contacts are receiving strange email messages from their account, it suggests that the user’s email account may have been hacked. Such behavior can be a sign of a phishing attack, where the attacker uses the compromised account to further propagate the intrusion, often leading to more victims being affected.

Since all these examples showcase different ways in which a network can be compromised and the various signs that can indicate such unauthorized access or manipulation, it is accurate to