Electronic Banking Security Jeopardy Template

CBO Circular

Threats & Vulnerabilities

Controls

eBanking Services

Banking Basics

100

The Electronic Banking System CBO circular

What is BM1136?

100

What is usually referred to as the 'weakest link' in information security

What are humans / people?

100

In order to proceed with an online transaction, you are prompted to enter this as a form of second factor authentication

What is an OTP?

100

The year internet banking arrived in Oman

What is 2002?

100

An international bank transfer

What is SWIFT?

200

The publishing date of the CBO Electronic Banking Systems circular

What is June 2015?

200

An attack that affects the availability of a system

What is a DDoS attack?

200

Communication channels use this control to ensure transaction data remains secured

What is encryption

200

This allows customers to withdraw cash

What are ATMs?

200

Banking over the phone

What is IVR?

300

CBO's Electronic Banking Circular refers to which international principles?

What is Basel Committee's Risk Management Principles for Electronic Banking?

300

Requesting money for retrieving encrypted data

What is ransomware?

300

Customers receive this when a transaction is made using their account

What is an SMS?

300

This allows customers to deposit cash and cheques

What are CDMs?

300

Customers require this to login to their mobile banking application

What is a password?

400

CBO's circular guides banks to have this to detect and monitor suspicious transactions

What is an automated fraud monitoring mechanism?

400

When hackers exploit this vulnerability before developers can fix it

What is a 0 day attack?

400

System configurations are set based on this

What are minimum security baselines (MSBs)?

400

The full term of POS is

What is point of sale?

400

A card that you load money into

What is pre-paid?

500

CBO advises VAPT take place this many times

What is quarterly by internal security teams and yearly by external experts?

500

When adversaries deceive / manipulate people into divulging confidential / personal information

What is social engineering?

500

To warn customers against phishing attacks, banks usually promote this

What are security awareness campaigns?

500

Cards that allow you to tap against POS machines instead of entering a pin means that they support

What is contactless?

500

eBanking is convenient to most customers as it is available...

What is 24x7?