From f30a8af73f815ff2df1b9d3887660a3921e1e351 Mon Sep 17 00:00:00 2001
From: James Blair <mail@jamesblair.net>
Date: Wed, 23 Oct 2024 15:57:30 +1300
Subject: [PATCH] Progress on exercise 5.

---
 data/workshop/exercise5.mdx | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/data/workshop/exercise5.mdx b/data/workshop/exercise5.mdx
index 64a40de..0a406d7 100644
--- a/data/workshop/exercise5.mdx
+++ b/data/workshop/exercise5.mdx
@@ -42,3 +42,24 @@ Create a new scan schedule named `prd-acme-hub-nist-daily` targeting the appropr
 | *Viewing a compliance report in Red Hat Advanced Cluster Security*            |
 </Zoom>
 
+Documentation you may find helpful is:
+
+- https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/operating/managing-compliance#scheduling-compliance-scans-and-assessing-profile-compliance
+
+
+## 5.3 Remediating a compliance issue
+
+Scan finished you begin stepping through Melissa the individual results.
+
+## 5.4 - Check your work
+
+If you've successfully run the compliance scan and remediated the compliance issue please post an issue in `#event-anz-ocp-security-hackathon` with the message:
+
+> Please review [team name] solution for exercise 5, our payments processor application is now unhackable.
+
+**WARNING: The hackathon team will perform a brief penetration test of the application. If your application is not actually secured and remains exploitable by the log4shell vulnerability one of your OpenShift cluster nodes will be deleted for the lulz. No pressure!**
+
+This exercise is worth `25` points. The event team will reply in slack to confirm your updated team total score 🎉 
+
+![safe](/static/images/security/hack-prevented.png)
+