Playbooks, sometimes known as Standard Operating Procedures (SOPs) or runbooks, are used for troubleshooting common issues. They are often created by a team of employees who are trained to manage security issues. Playbooks often include bulleted lists, step-by-step instructions, or diagrams, all of which make it easy to follow troubleshooting instructions.
Throughout the next 4 weeks, you will develop a playbook for a fictional company that hired you to write their playbooks and manage the team. The first portion of the playbook is a response to malware found at the company. Each week you will create another section to the playbook and submit it as a separate section to the book. Do not combine each week into one large book, but rather submit the key topic of the week as a separate submission.
What's a playbook? It is a step-by-step guide to help walk you through a security incident, similar to a recipe. The reason that we do this is because when there is a security incident, people begin to jump around and forget to perform certain steps, which can lead to bigger issues. Throughout the next 4 weeks, you will develop a playbook for a fictional company that hired you to write their playbook and manage the team. The first portion of the playbook is a response to malware found at the company.
Outline a 2- to 3-page playbook to address a malware attack of your choice.
Complete the following in your playbook:
Provide details of the malware.
Identify the exploited vulnerability and its attack vector.
Analyze the vulnerability to determine 2 risks of this malware.
Outline step-by-step instructions on how to resolve the malware attack.