Attack Methods
Actions
Organizational Safety
Vocab
Facts
100

This type of attack tries to steal your credentials to access you account.

What is credential harvesting?

100

A person wanting information off your computer might do this without you noticing.

What is shoulder surfing?

100

You receive an email from your supervisor's supervisor asking you to go buy gift cards to send to them. You should...

What is confirm the request by calling them?

100

2FA

What is two factor authentication?

100

____ is the most common vector for malware.

What is email?

200

This type of attack targets multiple people at random, or within one organization.

What is phishing?

200

A person wanting to gathering information from an employee directly might call them and employ these tactics.

What is social engineering?

200

This type of threat actor can be very hard to discover, and is usually a disgruntled employee.

What is an insider threat?

200

MFA

What is multi-factor authentication?

200

___ of organization have reported email security incidents.

What is 94%?

300

This type of attack targets important figures within a company, such as managers, team leads, or developers.

What is spear phishing?

300

A person might call an employee and pretend to be a recorded or automated message, and record them saying specific phrases in this type of attack.

What is vishing?

300

You notice files you've worked on are disappearing from the file share. You should...

What is report the files to IT immediately?

300

DRP

What is Disaster Recovery Plan?

300

There were ____ cyberattacks in 2023 (according to Forbes).

What is 2365?

400

This type of attack targets the highest level of personnel in a company.

What is whaling?

400

A person might send an employee a normal-looking file, such as a PDF or Word document, but it actually contains this type of program.

What is a trojan?

400

Every day, there seems to be more and more spam coming into your inbox. You should...

What is report the email as spam, and inform IT?

400

BCP

What is Business Continuity Plan?

400

A data breach costs ___ on average.

What is $4.45 million?

500

This piece of digital information contains your email address, password, and even 2FA token, and is what any hacker wants to get.

What is session cookie?

500

A hacker will always try to leave this exploit behind, even if they get kicked off your network.

What is a back door?

500

You have to reset your password again, and know there is a company password policy. You should

What is choose a strong password that's hard to guess and doesn't contain any company information?

500

PSSAT

What is phishing simulation and security awareness training?

500

Business email compromise accounted for ________ in losses in 2022.

What is $2.7 billion?

M
e
n
u