Project #1: Incident Response Report

Your Task

You have been assigned to assist with After Action Reporting in support of the Sifers-Grayson Blue Team. Your immediate task is to assist in analyzing and reporting on a Red Team penetration test described later in this document. As part of that report, you will identify weaknesses and vulnerabilities exploited by the attackers (the Red Team), compile a set of lessons learned, and then make recommendations for actions the company should take to close the gaps in their cybersecurity posture (at a minimum, you must address the identified vulnerabilities and weaknesses that were exploited by the Red Team). The Blue Team has provided you with a set of enterprise architecture diagrams (see figures 1-4 in this file) to help with your analysis of the incident and preparation of the summary report. You should also use the readings from Weeks 1-4 to help you identify security gaps and incident response capabilities which the company needs to implement.