Document exercise objectives and outcomes

[cudeso]

Document the exercise objectives and outcomes. Something similar as as Table 2 and Table 3 from https://www.mitre.org/sites/default/files/publications/pr_14-3929-cyber-exercise-playbook.pdf

(not exactly sure about the 'how', just including the idea )

ID Objective
01 Determine the effectiveness of the cyber education provided to the training
audience prior to the start of the exercise
02 Assess effectiveness of the organization’s/exercise’s incident reporting and analysis
guides for remedying deficiencies
03 Assess ability of the training audience to detect and properly react to hostile
activity during the exercise
04 Assess the organization’s capability to determine operational impacts of cyber
attacks and implement proper recovery procedures for the exercise
05 Determine the success of scenario planning and execution between the ECG, RT,
and training audience
06 Understand the implications of losing trust in IT systems and capture the workarounds for such losses
07 Expose and correct weaknesses in cyber security systems
08 Expose and correct weaknesses in cyber operations policies and procedures
09 Determine what enhancements or capabilities are needed to protect an information
system and provide for operations in a hostile environment
10 Determine if the injects meet the objectives of the training
11 Enhance cyber awareness, readiness, and coordination
12 Develop contingency plans for surviving the loss of some or all IT systems