ID&AM
Validate the identity of the user
What is authentication?
What are the three common controls to protect the availability of data?
Redundancy, backups and access controls.
The use of personality, knowledge of human nature and social skills to steal passwords, keys tokens or other credentials to gain access to systems.
What is Social Engineering?
Who is ultimately responsible for accepting information security risks?
Who is the CEO?
What city did I move from?
What is Greenville, SC?
An electronic version of Noah's boat.
What is Cyberark?
Both are programs that self-replicate (can download automatically), but only this one requires you to do something, such as click on an email link, to actually activate it.
What is a virus?
Someone watching what you do on your computer by looking at a reflection of or the actual screen of your computer or mobile device.
What is shoulder surfing?
Management has a default responsibility to protect valuable information assets under their care.
What is Due Diligence?
What hospital did I work at previously?
What is Mission Health?
An open standard for user authentication by third parties e.g. Google, Microsoft, and Yahoo.
What is OpenID?
What is the missing incident response step
1. PREPARATION 2. DETECTION AND REPORTING 3. 4. CONTAINMENT AND NEUTRALIZATION 5. POST-INCIDENT ACTIVITY
TRIAGE AND ANALYSIS
30-50% of all data loss due to the people already within the organization
What is insider threat?
Three types of information security threats.
What is external threats, environmental or physical threats, and internal threats?
What city do I live in?
What is Westfield, Indiana?
Systems used for identity and access management include single sign-on systems, multi-factor authentication and
Privileged access management (PAM)
What are the 5 pillars of the NIST Cyber Security Framework?
Identify, Protect, Detect, Respond & Recover.
What are the two major means phishing is done through?
What is email and domain phishing?
Given the following: a.) The impact of a single laptop being lost or stolen is estimated at $50,000. b.) Because of inadequate security controls, it is estimated that three laptops will be lost or stolen per year. What is the annual loss expectancy from lost or stolen laptops?
What is $150,000
How many children do I have?
What is 4?
Random value used to periodically authenticate the receiving system
What is a nonce?
Information provided by the United States Computer Readiness Team regarding cyber security breaches around the country.
What is a cyber security bulletin?
If you receive any suspicious email in Outlook, where should you report it to?
What is the PhishMe button?
Fact Analysis of Information Risk
What is the FAIR process
How many branches of the military did I serve in?
Daily Double, what are they?
Two. What is the Army and Navy?