Risky Business
Picky Ports
Terminal Tactics
Bits and Bytes
Crypto Conundrums
100

These three fundamental properties of cybersecurity are often referred to as “the CIA-triangle”

What are Confidentiality, Integrity and Availability?

100

This TCP port is used for plain-text HTTP

What is port 80?

100

This keyboard shortcut in bash quickly moves your cursor to the beginning of the current command line, without using the left arrow key.

What is CTRL-A?

100

This is the biggest decimal number you can express with 10 bits (unsigned).

What is 1023?

100

SSL certificates using this older hashing algorithm were deprecated in 2016 due to collision vulnerabilities

What is SHA-1?

200

This institute that operates under the U.S. Department of Commerce inspires all branches of the cybersecurity industry as a worldwide authority.

What is NIST?

200

This TCP port is used for the plain-text version of the Simple Mail Transfer Protocol (SMTP).

What is port 25?

200

This kernel-level firewall command in Linux is used to configure IP packet filtering rules and network address translation

What is iptables?

200

In x86 processor architectures, this is the value for "No Operation", or "NOP”.

What is 0x90?

200

Released in 1977, this encryption algorithm with a 56-bit key length is now considered insecure.

What is DES?

300

This certification from ISC2 is globally regarded as the most broadly recognized certificate for GRC experts.

What is CISSP?

300

This port number is used by the monitoring tool “Big Brother” a.k.a. “BB”. 

Hint: The port number was aptly chosen to match the title of a famous book describing a dystopian world in which total surveillance has become a reality.

What is port 1984?

300

This three digit (octal) number represents a linux filesystem permission which grants read- and execute- (but not write-) permissions to group; read, write, and execute to the owner. Others can only read...

What is 754?    

300

Historically the term “Byte” was not fixed and could be anywhere between 1 and 48 bits. IEEE adopted 8 it as the new standard in 1993, due to this popular, global hardware and software company implementing it.

What is IBM?

300

n 2017, Belgian researcher Mathy Vanhoef published KRACK, exploiting vulnerabilities in this widely used WiFi security protocol.

What is WPA2?

400

This institute’s name is abbreviated as “NIST” (exact name!)

What is the “National Institute of Standards and Technology”

400

This port, registered to "tcpmux", holds the distinction of being the lowest possible TCP/UDP port number

What is port 1?

400

This specialized command allows you to interact with block devices and is commonly used to write ISO images to USB drives.

What is dd?

400

In a UTF-16 encoded file, this is the name for the first two bytes that tell parsers whether bytes are noted as “Little Endian” (UTF16-LE) or “Big Endian” (UTF-16BE)

What is the “Byte Order Mark” (or “BOM”)

400

In 2011, this Dutch CA leaked their private key and was responsible for a hacker signing rogue certificates for several Google services like GMail and Google Search.

What is DigiNotar?

500

This is the 5-digit code in the ISO 27000-family titled “Guidance on managing information security risks”. ("What is ISO 27xxx?")

What is ISO 27005 ?

500

In the Simple Network Management Protocol (SNMP) this specific UDP port is designated for SNMP *traps* rather than *queries*

What is port 162?

500

This command is used to monitor real-time system resource usage, including CPU and memory, and provides a dynamic, continuously updating view of processes.

What is top?

500

This is the body part depicted by Unicode characters U+130BE

𓂾 - Leg

500

These two major CPU vulnerabilities announced in 2018 could leak cryptographic keys through speculative execution, leading to emergency patches worldwide

What are Spectre and Meltdown?