DISC 2023

In this exercise, participants will engage in a tabletop simulation of a cyberattack on a notional target network. The participants will be divided into two teams: the Red Team and the Blue Team. The Red Team's goal is to launch simulated cyber attacks against the target network and exploit any vulnerabilities they can find. The Red Team will be provided with a set of tools and techniques commonly used by attackers and will work together to find and exploit weaknesses in the target network's defenses. The Blue Team's goal is to defend the target network from the Red Team's attacks. The Blue Team will be responsible for monitoring the network and responding to alerts, identifying and mitigating vulnerabilities, and implementing defensive measures to prevent further attacks. The notional target network will be designed to simulate a typical network for a Catholic Diocese, including an Active Directory domain, email server, file server, web server, workstations, firewall, and VPN. The target network will be preconfigured with a set of vulnerabilities that the Red Team can exploit. At the end of the exercise, the teams will debrief and discuss what they learned from the simulation, including strengths and weaknesses of the network's defenses, and strategies for improving security. This exercise will provide participants with an opportunity to develop their skills in cybersecurity defense and offense, as well as to collaborate with their peers in a simulated, but realistic, scenario.