Add answer key for KC7 Cyber Defender workshop

[beagandica]

Summary

Complete teacher reference for the KC7 Kusto/KQL cybersecurity workshop, covering all answerable activities with KQL query solutions.

Changes

New file: \content/english/Kusto-KC7/answer-key.md\

Activity 2 (Whodunit): 3 attribution quiz answers

• Q1: C (Nation Sponsored), Q2: B (Cyber Criminal), Q3: C (Nation Sponsored)
• Verified against HTML form source code

Activity 3 (KQL 101): 9 KQL query solutions

• Covers all operators taught: \ ake, \count, \where, ==, \has, \contains, \distinct, \let, \in\
• Progressive scaffolding (simple queries → compound queries → \let\ statements)
• Each question includes the query, concept explanation, and teacher tips

Activity 4 (Catch the Hacker): 7 investigation methodology guides

• KQL query patterns for investigating immune[.]tech phishing campaign
• 6-step investigation methodology summary table
• References video walkthrough on Activity 4.5

Additional resources

• Quick reference table for 10 KQL operators
• Teacher tips on \let\ statement naming, pivoting, and investigation process
• Bonus activities (5, 6, 7) correctly deferred to Scoreboard and independent work

Languages affected

• English (primary)
• Brazilian Portuguese translation exists (KQL code is language-agnostic; no separate answer key needed)

Note

Exact numeric results depend on the live SecurityLogs database and may vary between sessions. Video walkthroughs on Activities 3.5 and 4.5 complement this written reference.

Testing

• Hugo build passes
• All language versions checked (EN primary; PT-BR uses same KQL)
• 10-model QA passed (3 clean convergence passes)
• Follows answer key format (hidden: true, weight: 15)
• KQL syntax verified for accuracy (has vs contains semantics, startswith for IP filtering)