Which of the following are common indicators of a cyber event affecting AVN C3 RC, and how should responders prioritize actions?

Unusual traffic, authentication failures, and system slowdowns are classic signs that a cyber event is affecting the AVN C3 RC. These indicators point to possible unauthorized access, malware activity, or attempted control of systems, so the immediate goal is to prevent further damage and spread. The best responders should first isolate the affected network segment to stop lateral movement and protect the rest of the environment. Next, preserve evidence by capturing logs, disk images, and other forensic artifacts, while maintaining a solid chain of custody, so investigators can understand what happened and who was involved. Finally, recover by restoring services from clean backups, cleansing or rebuilding compromised systems, and validating operations before bringing everything back online. This sequence—contain, preserve evidence, recover—minimizes impact and supports a credible incident response. The other options don’t fit because hardware-only failures without network impact don’t signal a cyber event, improved performance would be inconsistent with compromise, and taking no action would leave the incident unchecked.