Csia 310 final project incident response exercise & report

Why do we need OPSEC for the Test Range?

Must post first.

Why does Sifers-Grayson need OPSEC -- especially at the test range?

This question is expected to be asked at the morning meeting with the Sifers-Grayson executives. As a Nofsinger consultant, it's your job to have an answer ready. You should focus on identifying critical information & potential sources of threats, e.g. a hacker getting into the RF transmission streams and taking over a test vehicle. (See attached diagram of the test range & communications between it and the Engineering R&D Center.)

Using the Week 5 readings and additional sources found on your own, prepare a 3 to 5 paragraph "talking points" paper that your team leader can use to respond. Post your paper in this forum for discussion with your team mates.

Use at least 3 authoritative sources in your response and document those sources using a reference list at the end of your posting.

Week 7: Blue Team's War Room (Analysis for Incident Response Exercise)

Must post first.

This thread hosts the "War Room" for the Incident Response Exercise that is part of your final project for this course. This week your focus should be on figuring out what the Red Team did and how they did it. (See the "Overview of the Incident" section in CSIA 310 Final Project - Incident Response Exercise.docx -- the detailed assignment description for the course final project).

As you discover / uncover information, post it here just as you would share information with the other members of the Incident Response "Blue Team."

Remember that you are earning points towards your final grade for your contributions to this week's Blue Team War Room. You must post a contribution before you can join in on the discussions and benefit from the joint incident analysis.

You can and should use information from the messages posted here as part of the incident response report which you will submit as your final project for this course.

…………………………………………………………………………………………………………………………………………………………………………………………………………

Week 8: The Blue Team's War Room (Lessons Learned for Incident Response Exercise)

Must post first.

This thread hosts the "War Room" for the Incident Response Exercise that is part of your final project for this course.

Last week, we discussed how the Red Team penetrated the Sifers-Grayson enterprise (the "incident"). This week, we will collect "lessons learned" from your analysis of the Red Team's successes in exploiting vulnerabilities at Sifers-Grayson.

Your main posting to the war room this week should include at least 5 specific "lessons learned." For each item, provide a short title followed by a one paragraph description of (a) what happened, (b) the vulnerability that the Red Team exploited, and (c) the main "lesson learned" from this vulnerability or exploit. In your critiques and follow-up postings, provide additional information about the steps or measures that Sifers-Grayson could take to remediate or remove the listed vulnerabilities.

Remember that you are earning points towards your final grade for your contributions to this week's Blue Team War Room. You must post a contribution before you can join in on the discussions and benefit from the joint incident analysis and list of lessons learned.

You can and should use information from the messages posted here as part of the incident response report which you will submit as your final project for this course.