The Equifax Breach Jeopardy Template

The Case

Breaches

Chapter 8

Incident Response

100

Equifax is classified as this type of corporation

Credit Reporting Agency

100

When a breach occurs and public trust is lost, the company's _____ is damaged

Reputation

100

Preparation is _____.

Key

100

The step of a response plan when a company surveys the damage, identifies possible attackers, and discovers vulnerabilities

Survey or Identification

200

The Equifax breach occurred in what year?

2017

200

A flaw within a system that can exploited

Vulnerability

200

Unauthorized access to systems or data

Security Breach

200

The step of a response plan when a company reviews what happened during the incident and how they can improve

Lessons learned

300

The medium containing a vulnerability used by the attackers

Web Application

300

A set of well-defined, specific rules created by management

Policy

300

Likelihood of a threat x impact of the damage

Risk

300

The step of a response plan when a company isolates their systems to mitigate further damage

Limit or Containment

400

The specific web application framework exploited in the breach

Apache Struts

400

An assessment typically used by a business to mitigate incidents or minimize their effects

Risk assessment

400

Ability to recover quickly

Resilience

400

The step of a response plan when a company ensures they are ready for potential attacks by implementing policies, training, and controls

Preparation

500

The number of Americans affected by the breach

145 million

500

Different kinds of entry points of a breach

Weak passwords, unpatched systems, and phishing/social engineering

500

Good governance starts with _____ and ______.

Strong policies and accountability

500

The step of a response plan when a company removes any and all threats within their systems

Eradication