The Red Team Ops Exam is a practical CTF-style event driven by Snap Labs. It's an assumed breach scenario by which the student must emulate an adversary using the provided threat profile as a guide. This profile is available from the Snap Labs Event as soon as the exam booking is made - providing ample opportunity to familiarise oneself with the TTPs expected. If you do not already have a Snap Labs account, one will be created and a temporary password emailed to you.
Each machine has a flag that must be submitted on the scoreboard as proof of progress. Students must submit at least 6 of 8 flags (75%) to pass.
Students have a maximum allowance of 48 hours of runtime, usable within a 4-day window. The exam VMs can be stopped at any time to preserve runtime, should an extended break be required. If enough flags have been collected by the end of the 4-day exam period, the Red Team Operator badge will be awarded via email.
You may reschedule or cancel bookings up to an hour before the exam starts. Access to the environment is only provided via a Guacamole interface - no VPN or Internet access is available.