During an audit as a third party security consultant you are told that the organization being audited conducts an exercise annually during which prominent IT staff and the security team gather in a meeting room and discuss how they would handle various security incidents and disaster scenarios. This exercise is then used to update any policies and playbooks. What type of exercise are they describing?
In a tabletop exercise the key staff of an organization gather and discuss their actions during an incident (security incident, disaster, etc.). The staff is sometimes organized into blue and red teams (attackers and defenders). The exercise is used to train staff, promote collaboration and identify any weak spots in existing procedures and plans.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a tabletop exercise?
Open an interactive chat with Bash
What are blue and red teams?
Open an interactive chat with Bash
Why are tabletop exercises important for organizations?