Show:
Look at this footlocker
Automagic
Trogdor the Burninator
Regulate this
No thanks, I'm just looking
100

Enable this to prevent easy unauthorized access to a mobile device, the most secure methods include Biometrics while there are less secure methods that can be followed from physical evidence on the device

What is a screen lock?

100

This policy involves employees using devices they own to complete work tasks, this is often cheaper and more flexible, but makes it harder if not impossible to enforce policy on employee devices

What is BYOD Bring your own Device?

100

This method of data destruction can be accomplished with a power tool currently on Mike's desk (be reasonable, I don't have a flamethrower, I could have bought this at Home Depot)

What is Drilling?

100

These regulations cover interactions between you and your healthcare provider, concerns your privacy

What is HIPAA?

100

You will install one of these to add functionality to your browser, installing from an untrusted source will often lead to malware being delivered to your system (two possible answers, just need one)

What are extensions and/or plugins?

200

Used to protect data at rest and data in transit, you should enable this to protect all data on the device from being stolen if the device is lost or stolen.

What is encryption?

200

This device policy model involves the business providing devices but allowing employees to conduct personal activities on the device as long as they meet other corporate policy guidelines

What is COPE Corporate Owned Personally Enabled?

200

This method of data destruction usually involves a third party certifying destruction as most companies do not own the machinery to do this to a drive; ensures nearly irreversible data destruction

What is Shredding?

200

These regulations are used by merchants and businesses when they wish to use forms of payment that must be sent over a network

What is PCI-DSS?

200

You have been warned not to use these in class by one of your instructors due to an exploitable vulnerability leading to all their passwords being leaked and subsequently used in an attempted attack

What is a browser password manager?

300

You should enable this to remove data in the event that a device is reported lost or stolen

What is remote wipe?

300

Policy where the company own the device and no personal activity is allowed through the device

What is Corporate Owned Business Only COBO?

300

This method of data destruction involves extremely strong magnets which scramble the saved data and anything else within the device that is affected by magnets (bearing assemblies don't like it much either)

What is Degaussing?

300

These regulations affect EU citizens' data no matter where in the world it is generated from, includes legal backing for privacy and data protection rules for online interactions including simple browsing tracking

What is GDPR?

300

You are verifying this when opening the padlock icon in most browsers

What is the secure certification status or certificate status?
400

The most common method of deploying remote wipe and other centrally managed policy for mobile devices

What is MDM Mobile Device Management?

400

You will use this to verify that a file or any data chosen has remained intact and unaltered in transit to it's destination

What is Hashing?

400

This data destruction method leaves the device fully reusable once completed but does not guarantee total data destruction before reuse

What is formatting or low-level formatting?

400

This regulation is about the financial records of a company, states that the person signing a tax return within a company is the then the person responsible for that tax return

What is SOX Sarbanes-Oaxley Act?

400

You are restoring backups Friday morning after a system failure early Thursday evening and go to your tapes and pull Mon,Tues,Wed tapes as well as the full system backup from Sunday and use all the backups pulled to restore the data because you are using this type of backup scheme

What is an Incremental Backup?

500

You notice someone attempting to login to their work account at 3 in the morning furiously until the normal time the day starts and then goes inactive, you SOC determines an attack took place and applies mitigations for the attack, the next day the same attack begins but is stopped after a very short period of time due to a policy being, this attack occurred and this policy change was made to mitigate that attack?

What is a brute force attack and account lockout for failed log-ins

500

You will use this to hide/protect data from unauthorized viewers during storage or transit

What is Encryption?

500

This method of data destruction absolutely guarantees the destruction of data across the drive by changing the chemical and magnetic makeup of the storage medium

What is fire or inceneration or TROGDOR THE BURNINATOR 

500

This should be included with any device or product, most commonly seen alongside harzardous materials but also seen on common cleaning products in the workplace, there should be a manual in your workplace covering this for all common potentially hazardous materials used as well

What is MSDS Material Safety Data Sheet or SDS Safety Data Sheet?

500

You are restoring backups Friday morning after a system failure early Thursday evening, you are taking full backups on Friday nights with a schedule of Sun-Tue-Thu Differential backups and pull these two backups while doing the restoration of data to restore as much data as possible with what is present

What is Friday and Tuesday backups?