Objective

Cybersecurity exercises require you to plan, adapt, and communicate effectively during a security incident. Read the following scenario, understand the details of this incident, and apply incident response concepts through a realistic tabletop exercise.

$1.$ Incident Scenario Development

$-$ Create an incident response scenario listed below.

$-$ Type of Incident: Distributed Denial of Service $($DDoS$)$

$-$ Affected System: Company website

$-$ Time of Occurrence: After$-$hours

$-$ Scenario Description: Provide a narrative that includes the type of incident, the scope of affected systems, and the time of occurrence. The scenario should be detailed enough to allow a structured incident response

$2.$ Midway Inject Event

$-$ Introduce an unexpected variable or event midway through the scenario. This inject should create a new challenge that requires you to adapt the response plan.

$-$ A new threat actor is detected within the network.

$-$ Description of Inject: Clearly define the inject and how it impacts the incident response.

$3.$ Incident Response Strategy

$-$ Outline an incident response plan that addresses the scenario and the midway inject. This plan should include:

$-$ Initial Response: Actions taken to identify and contain the incident.

$-$ Communication Plan: Who needs to be informed internally and externally? $(($e$.$g$.,$ IT team, management, legal, PR$)$

$-$ Mitigation Efforts: Steps to limit the damage and prevent further compromise.

$-$ Recovery Plan: Actions to restore affected systems and services.

$-$ Post$-$Incident Review: Steps to analyze what happened, what worked well, and what could be improved.

$-$ The response strategy should be detailed and logical

$4.$ Reflection and Lessons Learned

$-$ Provide a reflection on the tabletop exercise. This reflection should include:

$-$ What challenges were faced during the scenario and how they were addressed.

$-$ Lessons Learned: What improvements could be made to the response process?

$-$ Personal Takeaways: How this exercise helped improve their understanding of incident response.

$-$ Reflection should be thoughtful and insightful