# INJECT PLAYBOOK
## CCDC Business Task Guide

---

## THE INJECT TRUTH

```
INJECTS = 50% OF YOUR SCORE

You CANNOT win on technical defense alone.
Business tasks are NOT optional extras.
They are HALF of what determines the winner.
```

---

## INJECT MANAGEMENT FLOW

### When Inject Arrives
1. **READ** completely (30 seconds)
2. **IDENTIFY** requirements and deadline
3. **ASSIGN** to appropriate person
4. **SET TIMER** visible to team
5. **CHECK IN** at 50% time remaining
6. **SUBMIT** 2-3 minutes early

### Priority by Deadline
| Deadline | Priority | Action |
|----------|----------|--------|
| 15 min | CRITICAL | Drop everything, all hands if needed |
| 30 min | HIGH | Start immediately, dedicated person |
| 60 min | MEDIUM | Queue but assign now |
| 60+ min | NORMAL | Schedule, but don't forget |

---

## COMMON INJECT TYPES

### 1. Policy Documents
- Security Policy
- Acceptable Use Policy
- Incident Response Policy
- Password Policy
- Data Classification Policy

### 2. Technical Reports
- Network Diagram
- Asset Inventory
- Vulnerability Assessment
- Security Audit Report
- Configuration Documentation

### 3. Executive Communications
- Security Briefing
- Incident Summary
- Risk Assessment
- Status Report
- Board Presentation

### 4. Administrative Tasks
- Create User Account
- Set Up New Service
- Generate Report
- Export Logs
- Update Documentation

---

## POLICY TEMPLATE (Quick Fill)

```
═══════════════════════════════════════════════════════════════
               [COMPANY NAME]
        [POLICY TYPE] POLICY
═══════════════════════════════════════════════════════════════

Document Information
────────────────────────────────────────────────────────────────
Version:        1.0
Effective Date: [DATE]
Last Reviewed:  [DATE]
Owner:          IT Security Department
Classification: Internal Use

────────────────────────────────────────────────────────────────
1. PURPOSE
────────────────────────────────────────────────────────────────
This policy establishes [brief statement of what this policy
covers and why it exists].

────────────────────────────────────────────────────────────────
2. SCOPE
────────────────────────────────────────────────────────────────
This policy applies to:
• All employees, contractors, and third parties
• All company information systems and data
• All company facilities and remote work locations

────────────────────────────────────────────────────────────────
3. POLICY STATEMENTS
────────────────────────────────────────────────────────────────
3.1 [First Major Requirement]
    - [Specific requirement]
    - [Specific requirement]

3.2 [Second Major Requirement]
    - [Specific requirement]
    - [Specific requirement]

3.3 [Third Major Requirement]
    - [Specific requirement]
    - [Specific requirement]

────────────────────────────────────────────────────────────────
4. ROLES AND RESPONSIBILITIES
────────────────────────────────────────────────────────────────
IT Security Team:
• [Responsibility]
• [Responsibility]

All Employees:
• [Responsibility]
• [Responsibility]

Management:
• [Responsibility]
• [Responsibility]

────────────────────────────────────────────────────────────────
5. ENFORCEMENT
────────────────────────────────────────────────────────────────
Violations of this policy may result in disciplinary action,
up to and including termination of employment. Violations may
also result in civil or criminal penalties.

────────────────────────────────────────────────────────────────
6. REVIEW AND UPDATES
────────────────────────────────────────────────────────────────
This policy will be reviewed annually or when significant
changes occur in the organization's technology or business
operations.

════════════════════════════════════════════════════════════════
APPROVAL

_______________________    _______________________
IT Security Director       Date

_______________________    _______________________
Chief Information Officer  Date
════════════════════════════════════════════════════════════════
```

---

## EXECUTIVE BRIEFING TEMPLATE

```
═══════════════════════════════════════════════════════════════
          SECURITY BRIEFING
          [DATE]
═══════════════════════════════════════════════════════════════

SITUATION SUMMARY
────────────────────────────────────────────────────────────────
[2-3 sentences summarizing current security status]

CURRENT STATUS
────────────────────────────────────────────────────────────────
                    STATUS      NOTES
Services:           [GREEN/YELLOW/RED]  ________________
Security Posture:   [GREEN/YELLOW/RED]  ________________
Active Threats:     [YES/NO]            ________________
Open Incidents:     [#]                 ________________

KEY CONCERNS
────────────────────────────────────────────────────────────────
1. [Issue and business impact]
2. [Issue and business impact]
3. [Issue and business impact]

ACTIONS TAKEN
────────────────────────────────────────────────────────────────
• [Action completed]
• [Action completed]
• [Action in progress]

RECOMMENDATIONS
────────────────────────────────────────────────────────────────
1. [Recommendation with brief justification]
2. [Recommendation with brief justification]

NEXT UPDATE: [Date/Time]
═══════════════════════════════════════════════════════════════
```

---

## NETWORK DIAGRAM TEMPLATE

```
┌─────────────────────────────────────────────────────────────┐
│                    COMPANY NETWORK TOPOLOGY                  │
│                    Date: _______________                     │
└─────────────────────────────────────────────────────────────┘

                        INTERNET
                            │
                     ┌──────┴──────┐
                     │  FIREWALL   │
                     │  10.0.0.1   │
                     └──────┬──────┘
                            │
         ┌──────────────────┼──────────────────┐
         │                  │                  │
    ┌────┴────┐       ┌─────┴─────┐      ┌────┴────┐
    │   DMZ   │       │ INTERNAL  │      │  MGMT   │
    │10.0.1.0 │       │ 10.0.2.0  │      │10.0.3.0 │
    └────┬────┘       └─────┬─────┘      └────┬────┘
         │                  │                  │
    ┌────┴────┐       ┌─────┴─────┐      ┌────┴────┐
    │ WEB01   │       │   DC01    │      │ ADMIN01 │
    │ .10     │       │   .10     │      │   .10   │
    │HTTP/443 │       │  AD/DNS   │      │  RDP    │
    └─────────┘       └─────┬─────┘      └─────────┘
                            │
                      ┌─────┴─────┐
                      │   DB01    │
                      │   .20     │
                      │  MySQL    │
                      └───────────┘

LEGEND:
──────
□ Server    ○ Workstation    ═ Network Device

IP ASSIGNMENTS:
───────────────
DMZ:      10.0.1.0/24
Internal: 10.0.2.0/24
Mgmt:     10.0.3.0/24
```

---

## INCIDENT SUMMARY (For Business)

```
═══════════════════════════════════════════════════════════════
          SECURITY INCIDENT SUMMARY
          For Executive Review
═══════════════════════════════════════════════════════════════

INCIDENT OVERVIEW
────────────────────────────────────────────────────────────────
Date/Time:     _______________
Severity:      [HIGH/MEDIUM/LOW]
Status:        [CONTAINED/RESOLVED/ONGOING]

WHAT HAPPENED
────────────────────────────────────────────────────────────────
[Plain English description - no jargon]
[Focus on business impact, not technical details]

BUSINESS IMPACT
────────────────────────────────────────────────────────────────
Services Affected: _______________
Duration:          _______________
Data Impact:       [NONE/MINIMAL/SIGNIFICANT]
Customer Impact:   [YES/NO - if yes, describe]

RESPONSE ACTIONS
────────────────────────────────────────────────────────────────
• [Action taken - business terms]
• [Action taken - business terms]
• [Action taken - business terms]

CURRENT STATUS
────────────────────────────────────────────────────────────────
[Status of affected services]
[Any ongoing monitoring or follow-up]

LESSONS LEARNED
────────────────────────────────────────────────────────────────
[What we're doing to prevent recurrence - business terms]

QUESTIONS?
────────────────────────────────────────────────────────────────
Contact: IT Security Team
Email:   security@company.com
═══════════════════════════════════════════════════════════════
```

---

## QUICK RESPONSE TEMPLATES

### New User Account Request
```
Subject: RE: New User Account Request

The following account has been created as requested:

Username:       [username]
Department:     [department]
Access Level:   [standard/admin]
Systems Access: [list systems]
Created:        [date/time]

Initial password has been sent via [method].
User will be required to change password on first login.

Please confirm with the new employee.

IT Security Team
```

### Service Status Update
```
Subject: RE: Service Status Request

Current Service Status as of [time]:

SERVICE         STATUS      NOTES
────────────────────────────────────
Web Server      ONLINE      100% uptime
Email           ONLINE      100% uptime
DNS             ONLINE      100% uptime
Database        ONLINE      100% uptime
File Server     ONLINE      100% uptime

No issues to report. All services operating normally.

IT Security Team
```

---

## INJECT QUALITY CHECKLIST

Before submitting ANY inject:

```
□ Read the inject again - did you answer everything asked?
□ Professional formatting (headers, sections, clean layout)
□ No spelling or grammar errors
□ Includes all required elements
□ Would YOU be satisfied receiving this?
□ Submit 2-3 minutes BEFORE deadline
```

---

## INJECT MANTRA

> "READ carefully.
> ANSWER completely.
> FORMAT professionally.
> SUBMIT early."

---

*CCDC.x1000.ai - Championship Training*