CTRL + ALT + SEC

Tag: Preparation

  • TryHackMe Walkthrough – Incident Response – Preparation

    Preparation is the first room in the Incident Response learning path within the TryHackMe learning platform.

    The learning path consist of the following rooms:

    • Preparation
    • Identification & Scoping
    • Threat Intel & Containment
    • Eradication & Remediation
    • Lessons Learned
    • Tardigrade

    In this post I will walkthrough the Preparation room.

    Task 1: Introduction

    Question 1: No answer needed

    Task 2: Incident Response Capability

    Question 1: What is an observed occurrence within a system?

    The answer is in the reading. Look at the first bullets in this task.

    Answer: Event

    Question 2: What is described as a violation of security policies and practices?

    This answer is also in the reading, in the same place as question 1.

    Answer: Incident

    (more…)