The scope of emergency response includes the hardware, software, or data of a computer or network device system in a network or system that is damaged, altered, or leaked due to security reasons such as illegal attacks or virus intrusion, and security hazards that have been discovered that may cause the above phenomena, including but not limited to the following situations:

• Unauthorized access, entering an unauthorized network through intrusion, causing data information to be leaked;
• Information disclosure, where data is leaked during transmission due to data interception, tampering, analysis, etc.;
• Denial of service, normal users cannot properly access related services provided by the server;
• Illegal logins were found in the system log;
• A large-scale outbreak of computer virus infection was discovered on the network;
• It was discovered that people were constantly trying to forcibly log in to the system;
• An unknown new user account appears in the system;
• The administrator received a warning letter from a system administrator at another site indicating that the system may be threatened;
• File access rights have been modified;
• System issues due to security breaches;
• Other acts of aggression.