Unit 4 Worksheet - Operating Running Systems

Instructions

Fill out the worksheet as you progress through the lab and discussions. Hold your worksheets until the end to turn them in as a final submission packet.

Resources / Important Links

Downloads

The worksheet has been provided below. The document(s) can be transposed to the desired format so long as the content is preserved. For example, the .txt could be transposed to a .md file.

Unit 4 Recording

Discussion Post #1

Read this article: https://cio-wiki.org/wiki/Operations_Bridge

  1. What terms and concepts are new to you?

  2. Which pro seems the most important to you? Why?

  3. Which con seems the most costly, or difficult to overcome to you? Why?

Discussion Post #2

Scenario:

Your team has no documentation around how to check out a server during an incident. Write out a procedure of what you think an operations person should be doing on the system they suspect is not working properly.

This may help, to get you started https://zeltser.com/media/docs/security-incident-survey-cheat-sheet.pdf?msc=Cheat+Sheet+Blog You may use AI for this, but let us know if you do.

Submit your input by following the link below.

The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.

Definitions

Detection:

Response:

Mitigation:

Reporting:

Recovery:

Remediation:

Lessons Learned:

After action review:

Operations Bridge:

Digging Deeper

  1. Read about battle drills here https://en.wikipedia.org/wiki/Battle_drill

  2. Why might it be important to practice incident handling before an incident occurs?

  3. Why might it be important to understand your tools before an incident occurs?

Reflection Questions

  1. What questions do you still have about this week?

  2. How much better has your note taken gotten since you started? What do you still need to work on? Have you started using a different tool? Have you taken more notes?