First Incident Responder Cyber Range Exercise

As technology advances, cyber security attacks are happening more frequently and on a larger scale. Having a first line of defence is as crucial as prevention. The faster you detect and the more effectively you respond to the security breach will help mitigate any financial, reputational and legal impact on your organisation.

This exercise allows participants to put their knowledge and skills in incident response to practice. Through various simulated attacks, participants will learn how to assist hands-on in different scenarios.

• Part 1: Workshop on range of attacks & vectors used in the scenarios

• Part 2: How to detect/respond adversary tactics, techniques and procedures (TTP) from the MITRE ATT&CK framework
  • Reconnaissance
  • Initial entry
  • Web application attack e.g. SQL Injection
  • Phishing attack
  • Persistence e.g. web shell
  • Command & Control
  • Credential attacks e.g. password spraying
  • Lateral movement
  • Exfiltration via covert channels

• Part 3: Wrap up and debrief
  

System/network/database administrators and other IT team members who might be called to assist in incident response.