Incident Response
This is the first action you should take when you receive a suspicious email at work.
What is report it to IT/security?
This attack method involves an attacker trying thousands or millions of combinations until the correct password is found.
What is a brute force attack?
Failing to update your phone, using public Wi-Fi, or installing apps from unofficial sources can make your device vulnerable to this.
What are computer viruses/ malicious code?
This is the most common form of social engineering delivered through email.
What is SPAM?
These systems control industrial processes like power plants and water treatment.
Plugging in your personal mobile phone into your government computer is classified as what type of incident.
What is unauthorized USB?
This technology replaces passwords with a code sent to your phone or email.
What is multi-factor authentication (MFA)?
200 – Connecting to public Wi-Fi without a VPN can expose you to this type of cyber attack
What is data interception / man-in-the-middle attack?
This occurs when someone follows an authorized person into a secure area without scanning their badge.
What is tailgating or piggybacking?
SCADA systems are vulnerable if they are connected to this.
What is the internet or an unsecured network?
This official document provides step-by-step guidance for handling cybersecurity incidents.
What is an Incident Response Plan (IRP)?
This tool can be used to securely store and retain complex passwords.
What is a password manager?
This feature allows you to erase all data remotely if your phone is compromised.
What is remote wipe?
This technique involves an attacker creating a false scenario to trick someone into giving up information.
What is Spoofing?
These specialized devices in ICS/SCADA collect data from sensors in the field.
What are remote terminal units (RTUs) or programmable logic controllers (PLCs)?
This type of exercise simulates a cyber event to test how well a team would respond.
What is a tabletop exercise?
This access control method limits user permissions based on job responsibilities.
What is Role-Based Access Control (RBAC)?
Software that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge, a type of malicious code.
What is spyware?
This type of attack involves a criminal posing as a senior leader or vendor to trick employees into sending money or data.
What is a Whaling?
The process of identifying critical Mission control systems is known as what?
What is Mission Decomposition?