Physical Security
Net-Wrecks & Wire Traps
VirtuHacks & HyperTraps
Contain If You Can
Crypt-Oops & Protocol Pitfalls
100

This outermost layer of physical security includes fences, gates, and vehicle barriers.

What is a perimeter?

100

This networking device can be overwhelmed by an attack that floods it with fake MAC addresses.

What is a switch?

100

Malicious code in one virtual machine can exploit the hypervisor to break out and attack the host or other VMs.

What is an escape?

100

Running a container as this user increases the risk of a container escape.

What is root?

100

This attack forces a downgrade to SSLv3 in order to exploit its weak padding.

What is POODLE?

200

This access control method scans a fingerprint, face, or iris to confirm identity.

What is biometrics?

200

This attack tricks devices into sending their traffic to the attacker instead of the real destination.

What is spoofing?

200

This kind of hypervisor runs on top of a host operating system, inheriting its flaws.

What is Type 2?

200

Unlike VMs, containers share this part of the operating system with the host.

What is the kernel?

200

Stealing this small piece of stored data lets an attacker hijack a logged-in session.

What is a cookie?

300

This system detects unauthorized entry and alerts security staff in real time.

What is IDS?

300

This type of flood attack exploits the TCP handshake by never completing the connection.

What is SYN?

300

This saved state of a VM may unintentionally store unencrypted sensitive data.

What is a snapshot?

300

Exposing the Kubernetes API without this access control system invites unauthorized control.

What is RBAC?

300

Symmetric encryption becomes insecure if an attacker intercepts this shared secret during transmission.

What is the key?

400

Modern surveillance cameras that send video over a network instead of coaxial cable use this connection type.

What is IP?

400

Poorly shielded versions of this type of cabling can leak signals that attackers intercept.

What is copper?

400

Outdated virtualization software is vulnerable to these publicly known security flaws.

What is a CVE?

400

These Kubernetes configuration files can accidentally expose passwords in plain text.

What is YAML?

400

Exposing this type of low-level remote server management interface to the internet invites brute-force attacks.

What is IPMI?

500

Lenel and Genetec access control panels commonly use this brand of control board.

What is Mercury?

500

Without monitoring, an attacker could secretly install one of these to intercept data center traffic.

What is a tap?

500

This virtualization technique gives the guest OS direct communication with the hypervisor for better performance.

What is paravirtualization?

500

This Kubernetes policy restricts what privileges a container is allowed to have.

What is a PodSecurityPolicy?

500

This protocol replaced SSL to secure modern web traffic.

What is TLS?

M
e
n
u