How to Run an Effective Simulation|Information Systems
Cmgt 334Week 2 Team
Many cyber security departments in the private and public sectors have adopted a practice called “Red Team – Blue Team Exercises” to test their own cyber defense. During the exercises, the Red Team attacks something and the opposing Blue Team defends it.
Review the article “Red Team Versus Blue Team: How to Run an Effective Simulation” for additional information about this exercise.
In this Learning Team paper, this exercise will be done in a “tabletop” manner. Each week, the Red Team will plan the attack, while the Blue Team will design the defense without knowing what kind of attack is planned. In the following week, the Red Team will evaluate Blue Team design and plan new attacks, while the Blue Team will evaluate if additional design is needed based on the attack planned by the Red Team in the previous week and any new attacks that may be forthcoming.
In the final week, the Learning Team will consolidate its attack or defense plan and conclude with lessons learned.
By the end of Week One, confirm your Learning Team with your facilitator.
Include the following in your confirmation:
The color of your team (i.e., Red or Blue)
Your team’s counterpart (e.g., Team A, Team B, or Team C, etc.)
The industry of the imaginary company (e.g., healthcare, financial, retail, etc.)
Basic company profile:
Number of customers
Number of employees
Places where the company is doing business
Some critical information assets of the company
In case there are an odd number of teams in the class, the facilitator will match one red team with two blue teams.
Your Learning Team will complete the following deliverables and submit them at the end of each week:
Due Week Two:
Review the initial project description in Week One.
The Red Team completes the following:
Select three attacks that the team will launch.
Describe these attacks.
Justify the attacks based on the latest threats and/or the vulnerability known for the company’s industry.
Locate and document at least two references used in your justification.
The Blue Team completes the following:
Select three defenses that the team will implement.
Discuss these defenses.
Justify the defenses planned based on the latest threats and/or the vulnerability known for the company’s industry.
Locate and document at least two references used in your justification.
Based on the instructions for your team, complete a 5-slide PowerPoint® presentation, including detailed speaker’s notes.
