Module 3 practical

Retrieval and Tool Review VM

Review a support assistant with RAG and action tools the way a blue-team analyst would before release: classify document trust, preserve tenant scope, narrow tool permissions, add approval gates, and replay the workflow safely.

Review the evidence about the knowledge base, tenant scope, and exposed tools
Document document trust and access-scope findings
Harden ingestion, retrieval, tool, and approval controls
Deploy the defended configuration and run replay

Live browser workstation inside the recap room.

Security Workbench

Editor

README.md

/home/analyst/README.md read only clean

Analyst Terminal

Console

Analyst terminal

Mission Control

Apps to use

Case Files Read the corpus, scope rules, and tool inventory.

Workbench Write trust, scope, and runtime controls.

Terminal Validate, deploy, and replay.

Next step

Progress

Review the evidence
Document source trust
Complete the access scope review
Harden runtime controls
Deploy the defended config
Pass replay

Status

Working copy
Active config
Replay

Replay results