Final answer:
The term for an event or change that causes an administrator to suspect there is malware installed on a system is indicators of compromise (IOCs). It is important for administrators to regularly monitor for IOCs and promptly investigate any suspicious activity, as early detection can help prevent further compromise and mitigate potential damages.
Step-by-step explanation:
The term for an event or change that causes an administrator to suspect there is malware installed on a system is indicators of compromise (IOCs). IOCs are specific artifacts or evidence that suggest the presence of malware or an ongoing security incident. These could include abnormal network traffic, unexpected system behavior, or the presence of suspicious files or processes.
For example, if an administrator notices a dramatic increase in outgoing network traffic from a system or experiences frequent crashes and slow performance, these could be indicators of malware. Additionally, the discovery of unrecognized files or processes that cannot be accounted for is another cause for suspicion.
It is important for administrators to regularly monitor for IOCs and promptly investigate any suspicious activity, as early detection can help prevent further compromise and mitigate potential damages.