InfoSec Jeopardy

Malware

Attacks

Networks

Access Control

Application Security

100

Demands money for 'unlocking' data

What is ransomware?

100

An attack on the availability of data

What is DOS/DDOS

100

Monitors packets coming into and out of a network

What is a firewall?

100

Requires at least two forms of authentication

What is multi-factor authentication?

100

Publishes year's top 10 web app vulnerabilities

What is OWASP?

200

A type of malware that self-propagates

What is a worm?

200

Installed by malware, it allows unauthenticated access to a system

What is a backdoor?

200

Ensures packets get delivered to the correct address on the Internet or on a LAN

What is a router?

200

Access that is based on a user's function(s) in the organization

What is role based access control (RBAC)?

200

A central storage point for developers to place all their source code

What is a code repository?

300

Malware that does not initiate until a specified trigger occurs

What is a logic bomb?

300

Focus on exploiting one or more specific targets using advanced attack skills

What are APTs?

300

A connectionless “best-effort” communications protocol

What is UDP?

300

the user name or account that by default has access to all commands and files on a Linux or other Unix-like OS

What is [root/root user]?

300

Name for code that does not contain good notes

What is 'spaghetti code'?

400

Computers are typically joined to this after being infected with malware

What is a botnet?

400

Type of attack that captures packets with intent of analyzing them

What is a sniffing attack?

400

OSI layer that transfers data between adjacent network nodes in a WAN or between nodes on the same LAN segment

What is OSI Layer 2, the data link layer?

400

A small room with two doors, each requiring a form of authentication to enter

What is a mantrap?

400

Allows applications to run in an isolated virtual environment for purposes such as testing

What is sandboxing?

500

The first worm ever to be released in the wild

What is the Morris worm

500

Acts as a countermeasure to replay attacks

What is a [timestamp/sequence number]?

500

A standard for radio communications between devices in closer proximity than RFID technology

What is near-field communication (NFC)?

500

A second piece to the credential set, with user name being the first piece

What is an authenticator?

500

The best prevention for buffer overflow attacks

What is input/parameter checking?