Small updates

rhpds · Sep 30, 2024 · 802fc96 · 802fc96
1 parent 58d8bfe
commit 802fc96
Show file tree

Hide file tree

Showing 8 changed files with 213 additions and 71 deletions.
diff --git a/content/modules/ROOT/assets/images/02-platform-00.png b/content/modules/ROOT/assets/images/02-platform-00.png
diff --git a/content/modules/ROOT/assets/images/02-platform-01.png b/content/modules/ROOT/assets/images/02-platform-01.png
diff --git a/content/modules/ROOT/nav.adoc b/content/modules/ROOT/nav.adoc
@@ -10,8 +10,13 @@
 * xref:09-network-security.adoc[9. Network Security]
 * xref:10-installation.adoc[10. Installation]
 
-* xref:misc-log-4-shell-lab.adoc[Black Hat - log4shell Example]
+//Day 2 modules
+
+
+
+//Extra modules
 * xref:misc-hacking-linux.adoc[Black Hat - CTF - hack a web application]
+* xref:misc-log-4-shell-lab.adoc[Black Hat - log4shell example]
 * xref:partner-paladin.adoc[Partner - Paladin Cloud & RHACS Integration]
 
 

diff --git a/content/modules/ROOT/pages/00-setup-install-navigation.adoc b/content/modules/ROOT/pages/00-setup-install-navigation.adoc
@@ -1,5 +1,5 @@
 = Lab setup and introduction
-:toclevels: 1
+// :toclevels: 1
 
 == Module goals
 
@@ -110,7 +110,7 @@ oc get nodes -A
 oc get nodes -A
 Error from server (NotFound): the server could not find the requested resource (get users.user.openshift.io ~)
 NAME                                            STATUS   ROLES    AGE    VERSION
-ip-<IP_ADDRESS>.us-east-2.compute.internal    Ready    <none>   163m   v1.28.8-eks-ae9a62a
+ip-<IP_ADDRESS>.us-east-2.compute.internal   Ready    <none>   163m   v1.28.8-eks-ae9a62a
 ip-<IP_ADDRESS>.us-east-2.compute.internal   Ready    <none>   163m   v1.28.8-eks-ae9a62a
 ip-<IP_ADDRESS>.us-east-2.compute.internal   Ready    <none>   163m   v1.28.8-eks-ae9a62a
 ----
@@ -157,9 +157,9 @@ NAME                                        STATUS   ROLES                  AGE
 <OCP_IP>0.us-east-2.compute.internal   Ready    worker                 4h1m   v1.27.11+749fe1d
 <OCP_IP>.us-east-2.compute.internal    Ready    control-plane,master   4h7m   v1.27.11+749fe1d
 <OCP_IP>.us-east-2.compute.internal    Ready    control-plane,master   4h7m   v1.27.11+749fe1d
-<OCP_IP>.us-east-2.compute.internal     Ready    worker                 4h2m   v1.27.11+749fe1d
-<OCP_IP>.us-east-2.compute.internal   Ready    control-plane,master   4h7m   v1.27.11+749fe1d
-<OCP_IP>.us-east-2.compute.internal     Ready    worker                 4h2m   v1.27.11+749fe1d
+<OCP_IP>.us-east-2.compute.internal    Ready    worker                 4h2m   v1.27.11+749fe1d
+<OCP_IP>.us-east-2.compute.internal    Ready    control-plane,master   4h7m   v1.27.11+749fe1d
+<OCP_IP>.us-east-2.compute.internal    Ready    worker                 4h2m   v1.27.11+749fe1d
 ----
 
 You will now see the OCP role using the *oc* command, as we are currently working on the OpenShift cluster
@@ -240,6 +240,11 @@ Let's export a few variables to make things easier. These variables will stay in
 
 TIP: With the variables saved in the ~/.bashrc file you will not have to declare them again in the future. 
 
+*Procedure*
+
+[start=1]
+. Run the following command.
+
 [source,sh,subs="attributes",role=execute]
 ----
 echo export QUAY_USER={quay_admin_username} >> ~/.bashrc
@@ -382,7 +387,11 @@ image::01-quay-dashboard.png[quay console]
 So far in the setup module we downloaded built and pushed an insecure java application called *ctf-web-to-system*. Now it's time to deploy it to the OpenShift Cluster. To do this we will need to make the registry that we created public. 
 
 *Procedure*
-. First, Let's take a look at our application in the registry.
+
+Let's take a look at our application in the registry.
+
+[start=1]
+. First, ensure that the *ctf-web-to-system* repository is available. If there are no repositories available please redo the *Build a container image* section to ensure that the image was correctly pushed to the repository. 
 
 image::quay-login.png[link=self, window=blank, width=100%]
 
@@ -431,7 +440,7 @@ This tab displays the usage over time along with details about who/how the image
 
 image::quay-usage-logs.png[link=self, window=blank, width=100%]
 
-NOTE: You can see that you (The "quayadmin") pushed an image tagged 1.0 to the repository today. 
+NOTE: You can see that you, the "quayadmin", pushed an image tagged 1.0 to the repository today. 
 
 [start=5]
 . Lastly click on the *Settings* icon. 
@@ -452,6 +461,10 @@ IMPORTANT: Make sure to make the repository public. Otherwise we will not be abl
 
 image::quay-make-public-ok.png[link=self, window=blank, width=100%]
 
+====
+You should be able to see the repository icon lose its red lock symbol now that it is public. This will allow you to deploy the image directly from the local Quay repository.
+====
+
 [[vulnerability-scanning-with-quay]]
 
 === Vulnerability Scanning with Quay
@@ -495,6 +508,10 @@ In the final part of this module, you'll deploy several insecure applications to
 
 IMPORTANT: Make sure the variables are set before running the following commands. If not, go back to the Quay section to redo the previous commands.
 
+====
+Run the following in the terminal and ensure you get the corrrect outputs.
+====
+
 [source,sh,subs="attributes",role=execute]
 ----
 echo $QUAY_USER

diff --git a/content/modules/ROOT/pages/01-visibility-and-navigation.adoc b/content/modules/ROOT/pages/01-visibility-and-navigation.adoc
@@ -2,9 +2,10 @@
 
 == Module goals
 
-* Understand the various modules in RHACS
-* Comfortably navigate the UI
-* Set the basis for the rest of the modules that we will explore in the roadshow
+* Understand the various modules in RHACS.
+* Comfortably navigate the UI.
+* Set the foundation for exploring the rest of the modules in the roadshow.
+* Help you come up with questions for the RHACS team.
 
 == RHACS basics
 
@@ -78,21 +79,23 @@ A search query consists of two parts:
 - An attribute that identifies the resource type you want to search for.
 - A search term that finds the matching resource.
 
-For example, to find all violations in the *ctf-web-to-system* deployment, the search query is *Deployment* THEN *ctf-web-to-system*.
+====
+For example, to find all violations in the *ctf-web-to-system* deployment, the search query is Deployment *THEN* ctf-web-to-system.
+====
 
 In this search query, Deployment is the attribute, and ctf-web-to-system is the search term.
 
-TIP: The search field in RHACS requires each attribute to be entered fully as a search term. Enter your first attribute, and hit the <tab> key to move along to the following attribute you would like to enter.
+TIP: The search field in RHACS requires each attribute to be entered fully as a search term. Enter your first attribute, and hit the <tab> key to move along to the following attribute you would like to enter. Watch the video below for a demonstration.
 
 ---
 
 video::01-acs-search.mp4[width=640,opts=autoplay, class="center" ]
 
 ---
 
-NOTE: RHACS maintains a library of searchable assets to help you search faster, they will appear in a drop-down list, and you can click on them to enter them as well. If a specific CVE or deployment cannot be found, please confirm the spelling of the asset name or that it is correctly deployed in the cluster. 
+NOTE: RHACS maintains a library of searchable assets to help you search faster. They will appear in a drop-down list, and you can click on them to enter them as well. If a specific CVE or deployment cannot be found, please confirm the spelling of the asset name or that it is correctly deployed in the cluster. 
 
-You can also search using REGEX like capabilities. Add an *r/* before the search term to find all possibilities. For example if you search for *Namespace:r/st.*x*, the results include matches from namespace stackrox and stix.
+You can also search using *REGEX like capabilities*. Add an *r/* before the search term to find all possibilities. For example if you search for *Namespace:r/st.*x*, the results include matches from namespace stackrox and stix.
 
 ---
 
@@ -111,7 +114,7 @@ Here are some common search queries you can try in the RHACS search bar if you
 |Exposure Level:<level>|Exposure Level:External|Finding deployments that have external network exposure
 |============
 
-IMPORTANT: RHACS, like Kubernetes works on a *key:value system* primarily due to their flexibility and power in organizing, selecting, and managing resources but also because of the ability to set selectors and match objects based on a set of values (e.g., "in", "not in", "exists", "does not exist").
+IMPORTANT: RHACS, like Kubernetes, works on a *key:value* system primarily due to its flexibility and power in organizing, selecting, and managing resources, but also because of the ability to set selectors and match objects based on a set of values (e.g., 'in', 'not in', 'exists', 'does not exist')."
 
 image::acs-search-cve.png[link=self, window=blank, width=100%, Search Syntax]
 
@@ -129,7 +132,9 @@ video::01-acs-local.mp4[width=640,opts=autoplay, class="center" ]
 
 ---
 
+====
 As you can see, the content is only relevant to the violations tab, but the search capabilities, including the use of *r/*, remain the same.
+====
 
 === 2. Navigation menu
 
@@ -241,7 +246,7 @@ image::01-violations-1.png[link=self, window=blank, width=100%]
 
 Don't worry, you'll go through this policy violation workflow in later modules.
 
-=== Compliance (Next-Gen Dashboard)
+=== Compliance
 
 Red Hat Advanced Cluster Security for Kubernetes supports OpenShift Container Platform configuration compliance standards through an integration with the OpenShift Container Platform Compliance Operator. In addition, it allows you to measure and report on configuration security best practices for OpenShift and supported Kubernetes platforms.
 
@@ -253,38 +258,40 @@ The Compliance dropdown has three tabs to choose from.
 - Schedules
 - Dashboard
 
-----
-Coverage
-----
+*Coverage*
 
 The *Coverage* tab will contain all of your scanned clusters and workloads after the *Compliance Operator* is setup. You will go through this in the Compliance section later in the roadshow.
 
 image::00-compliance-1.png[link=self, window=blank, width=100%]
 
-----
-Schedules
-----
 
-The schedules tab contains all of the created scan schedules that report on the various CIS, PCI-DSS and DISA-STIG compliance standards you wish to evaluate.
+*Schedules*
+
+As you can see, the content is only relevant to the violations tab, but the search capabilities, including the use of r/, remain the same.reated scan schedules that report on the various CIS, PCI-DSS and DISA-STIG compliance standards you wish to evaluate.
 
 image::00-compliance-2.png[link=self, window=blank, width=100%]
 
 
-==== Compliance Dashboard (Previously Compliance 1.0)
+*Compliance Dashboard* (Previously Compliance 1.0)
 
+The Compliance dashboard will be empty when you're here for the first time. This is because you have not completed a scan yet. Let's go ahead and schedule our first scan.
 
-The Compliance dashboard should be empty when you're in here for the first time. It's because you have not completed a scan.
+image::00-compliance-3.png[link=self, window=blank, width=100%]
 
-.Procedure
 
-image::00-compliance-3.png[link=self, window=blank, width=100%]
+.Procedure
 
+[start=1]
 . Hit the *Scan environment* button in the top right of the page to kick off your first scan. 
 
 . Ensure you see the bar graphs fill up with data before moving. We we will review these compliance results in a later module.
 
 image::01-compliance-4.png[link=self, window=blank, width=100%]
 
+====
+We will dive deeper into this tab in later sections but feel free to explore and 
+====
+
 === Vulnerability Management
 
 Next, we have the *Vulnerability Management* tab, which has been overhauled for greater visibility and efficient filtering.