Activity) Report Writing Exercise Flashcards
Report Writing Exercise
This activity is designed to test and improve your ability to write phishing reports which are a crucial part of phishing analysis when working for organizations. A good report is the difference between a good security analyst and a great security analyst. You need to be able to clearly and concisely get across information from the observed attack, how you analyzed the email and artifacts, and the actions you have taken or want to take in order to protect the organization.
Challenge Brief
A fellow security analyst began investigating a phishing email but has had to stop and join an incident response team with a potential system compromise, so they have passed over their rough notes to you. Whilst the investigating analyst had almost completed their assessment, they didn’t have time to write up their report and select appropriate defensive measures. Using the analyst’s notes you need to take over their investigation and write a full report detailing the actions that they took in a neat and presentable format, and suggest defensive measures that would best protect the company. The initial analyst has mentioned that you should just keep the case for yourself, and talk as if you have completed the actions instead of referring to him throughout the report. Below you can download the analyst’s rough notes. Use the skills you’ve learned throughout this section of the course to write a report. We have included a basic report template to help you format your report.
