IT Security Concepts
Security Measures
Type of Attacks
Best Practices
Who?
100

This is a digital attack where an unauthorized user gains access to systems to steal, alter, or destroy data.

What is a hacking?

100

This is a process to verify the identity of a user before granting access to a system.

What is authentication?

100

This type of attack involves overwhelming a network with traffic to make services unavailable.

What is a Distributed Denial of Service (DDoS) attack?

100

This practice involves ensuring that employees are aware of security policies and procedures.

What is security awareness training?   What we are doing today at our Lunch and Learn!


100

These people are responsible for identifying and reporting any unusual computer activity or situations that could compromise the City's IT Security 

Who is everyone?


200

 This term refers to a weakness in a system that can be exploited by threats.

What is a vulnerability?

200

This is the practice of using two or more different methods to verify a user's identity.

What is multi-factor authentication (MFA)?   Authy, Google Authenticator, SMS/Text Message


200

This is a type of attack where an attacker sends fraudulent emails to trick recipients into revealing sensitive information.

What is phishing?

200

A password that can be easily guessed. 

What is a weak password?

200

This is the group of people, other than Department Heads and Gary, whom you are authorized to give City password to.

Who is nobody?

300

This is the practice of protecting systems, networks, and programs from digital attacks.

What is cybersecurity?

300

This software scans for, detects, and removes malicious software.

What is antivirus software?

300

This is a type of software designed to secretly gather information about a person or organization.

What is spyware?

300

This is the correct response to a stranger contacting you for IT information.   (passwords, remote support help, etc)

What is hanging up the phone and reporting the inquiry to Jeannine?

300

This is the city's email provider.

What is GSuite, Google's corporate email system?

400

This is a form of malware that locks users out of their data and demands payment to restore access.

What is ransomware?

400

This is a secret code used to protect sensitive information by converting it into unreadable text.

What is encryption?

400

This type of malware replicates itself in order to spread to other computers.

What is a worm?

400

The correct response to finding a stray USB thumb drive in the parking lot,

What is throwing the device into the garbage immediately?

400

This is the city's desk phone system provider.

Who is Comcast?

500

This is the first line of defense in network security, blocking unauthorized access while permitting outward communication.

What is a firewall?  All the departments have firewalls in place to prevent outsiders from gaining access to city systems.


500

This is a common practice of regularly updating software to fix vulnerabilities and improve security.

What is patch management?    What is a mostly automated process, but not entirely.   The city has several system that require regular attention.  

500

This is a method of ensuring that data is available and can be restored in the event of loss or corruption.

What is data backup?

500

This is the best way to keep strangers from planting eavesdropping, spyware or malware devices on the city's network resources. 

What is keeping doors to facilities locked?  What is making sure outsiders to facilities are always escorted or left in locations with camera coverage or no technology access if left alone.  

500

This is the primary system used by the police department vehicles, with connections to the Will County 911 and State of Illinois LEADs database.  

What is Motorola P1?