Preparation is the first room in the Incident Response learning path within the TryHackMe learning platform.
The learning path consist of the following rooms:
- Preparation
- Identification & Scoping
- Threat Intel & Containment
- Eradication & Remediation
- Lessons Learned
- Tardigrade
In this post I will walkthrough the Preparation room.
Task 1: Introduction
Question 1: No answer needed
Task 2: Incident Response Capability
Question 1: What is an observed occurrence within a system?
The answer is in the reading. Look at the first bullets in this task.
Answer: Event
Question 2: What is described as a violation of security policies and practices?
This answer is also in the reading, in the same place as question 1.
Answer: Incident
Continue reading TryHackMe Walkthrough – Incident Response – Preparation