Passwords & Authentication
What is the recommended minimum length of a secure password?
What is 12 characters?
A fraudulent email designed to steal sensitive information is called?
What is phishing?
Always update this to fix known vulnerabilities.
What is software/operating system?
In 2013, this retailer was breached, exposing 40 million credit cards.
What is Target?
Before clicking a link in an email, you should always do this.
What is hover over the link to preview the URL?
What extra layer of protection requires a code from your phone or email to log in?
What is multi-factor authentication (MFA/2FA)?
An attacker who floods a server with traffic to make it unavailable is launching what?
What is a DDoS attack?
A private, encrypted network over the internet is called?
What is a VPN (Virtual Private Network)?
In 2017, this ransomware attack affected hospitals in the UK.
What is WannaCry?
Public Wi-Fi is risky because it often lacks this.
What is encryption?
What type of password attack uses a list of common words and phrases?
What is a dictionary attack?
Malware that locks files and demands payment is called this?
What is ransomware?
The principle of giving users the least amount of access needed is called?
What is the principle of least privilege?
This major credit bureau suffered a breach in 2017 affecting 147 million people.
What is Equifax?
This type of scam call tricks you into giving away personal info.
What is vishing (voice phishing)?
Reusing the same password across accounts increases what kind of risk?
What is a credential stuffing attack?
When hackers trick employees into giving access, it’s called this?
What is social engineering?
Before donating or discarding old hardware, organizations should do this to the device.
What is wipe/securely erase or physically destroy the data drive?
In 2014, this entertainment company was hacked, leaking movies and emails.
What is Sony Pictures?
A safe practice for USB drives is to always do this before using one.
What is scan for malware/viruses?
A password that looks random but uses a pattern like “P@ssw0rd123!” is vulnerable to what kind of attack?
What is a pattern-based cracking attack (or hybrid attack)?
A zero-day exploit targets this?
What is a previously unknown software vulnerability?
A security policy that assumes no user or device is trusted by default is known as this.
What is Zero Trust security?
In 2016, hackers leaked emails from this U.S. political organization.
What is the Democratic National Committee (DNC)?
This rule of cybersecurity states that “If you don’t need it, don’t keep it.”
What is data minimization?