Add to collection(s) Add to saved
  1. No category
Uploaded by Josefina Aguilera

ncsam-2019-cybersecurity-awareness-trivia final 508

advertisement 
Trivia Game
National Cybersecurity Awareness Month
Trivia Game
#BeCyberSmart:
Online Safety
Device Security
Types of
Cyber Attacks
Cyber History
Cyber Stats
100
100
100
100
100
200
200
200
200
200
300
300
300
300
300
400
400
400
400
400
500
500
500
500
500
Final Round
2
#BeCyberSmart: Online Safety - 100
You post a picture of you and your best friend to your favorite social
media platform. She doesn’t feel comfortable with the image, so you
agree to take it down. Will this ensure that no one else sees the picture?
Answer: No. Once an image (or any information) is posted on the internet, it
is virtually impossible to remove it from circulation. Taking it off of your social
media page will help, but there is no guarantee that others have not already
seen it and/or downloaded it to their own machines.
After each answer appears, please return to Game Board.
Back to game board
3
#BeCyberSmart: Online Safety - 200
You receive an email from an online shopping site claiming that you were
incorrectly charged for your last purchase and are due a refund. The email
asks you to click a link where you will submit the necessary information.
What should you do?
Answer: Do NOT click the link! Check the sender’s address and search the
document for spelling/grammar mistakes. If you notice anything suspicious, the
email is likely a scam. Even if it seems legitimate, navigate to the site yourself rather
than clicking any links.
After each answer appears, please return to Game Board.
Back to game board
4
#BeCyberSmart: Online Safety - 300
You’ve just settled into your new hotel room when you realize you need to
transfer some funds from your savings account to your checking account.
In order to do this, you will need to connect your laptop to the hotel’s
public Wi-Fi and log in to your online bank. Should you risk it?
Answer: It depends. In general, it is never safe to transmit PII (Personally Identifiable Information),
especially financial information, over a public network. If you find yourself in a situation where
you may need to do so, first consider all your options, including using your mobile data or a VPN
(Virtual Private Network) to help protect your browsing.
After each answer appears, please return to Game Board.
Back to game board
5
#BeCyberSmart: Online Safety - 400
You have a long commute. Thankfully, your train just installed public Wi-Fi. Now you can
listen to your favorite music or podcast. However, when you check for social media
updates around lunch, you find that your account has been hacked. What steps could you
take to prevent your mobile device or laptop data from being compromised in the future?
Answer(s):
• Turn off Wi-Fi and Bluetooth when not using them. These technologies leave you open to remote attacks.
• Make sure the network is legitimate. Hackers love to create fake networks that mimic real ones, enticing
unsuspecting users to log on.
• Don’t connect. Though perhaps drastic, one near-certain way to circumvent the dangers of public Wi-Fi is
simply to avoid using it whenever possible.
After each answer appears, please return to Game Board.
Back to game board
6
#BeCyberSmart: Online Safety - 500
Passwords often have complex requirements, and most online citizens will
need to remember numerous different passwords to access their internet
services. What is a way to help you keep track of all these different passwords?
Answer(s):
• Use a password manager. These are apps, devices, or cloud services that store your
passwords in an encrypted vault that can only be unlocked with a single master
password.
• Use a “password pattern.” This is simply a pattern (recognizable only to you) that you
can use to help remember your passwords.
After each answer appears, please return to Game Board.
Back to game board
7
Device Security - 100
Which of the following are strong password practices? (Choose all that apply.)
1. Passwords should contain a mixture of upper and lower case letters, numbers, and special characters.
2. Passwords should have personal meaning to you (e.g. a relative’s birthday) so that you can remember
them more easily.
3. You should immediately change your password in the case of a known data breach.
4. You should store your passwords on paper or in a text document, giving you a backup in the event that
you forget them.
Answer: 1 & 3. While it is helpful for passwords to have some level of personal relevance, anything
concrete or publicly-available (high schools, birthdates, pets’ names, etc.) can be easily researched and
guessed by an attacker. Storing your passwords physically or in a text-document is also ill-advised, as
someone could gain access to the copy.
After each answer appears, please return to Game Board.
Back to game board
8
Device Security - 200
True or false: Automatically updating your machine poses a significant
security concern, as it could install unwanted programs/features that
disrupt your network or harm your computer.
Answer: False. Although updates can occasionally cause problems, they also contain
vital patches to help protect your machine against attackers. Keep your machine upto-date and install new patches as soon as possible. Don’t click, “Remind me later,”
twelve times.
After each answer appears, please return to Game Board.
Back to game board
9
Device Security - 300
True or false: Although they operate similarly to computers, most
mobile devices (cell phones, tablets, etc.) are not full computers
and do not require software, such as anti-virus, to be secure.
Answer: False. Almost all consumer devices, especially cell phones and tablets,
are simply miniature computers. They contain important data (contacts,
financial information, calendars) and require protection like any other device.
After each answer appears, please return to Game Board.
Back to game board
10
Device Security - 400
Which of the following devices could potentially be exploited by an attacker?
•
•
•
•
•
•
•
Desktop computer
Laptop computer
Cell phone
Television
Refrigerator
Digital assistant
Remote-controlled keys
•
•
•
•
•
•
•
Tablet
Security camera
Pacemaker
Baby monitor
GPS
Toaster
Thermostat
Answer: All of them. Yes, even the toaster – possibly.
After each answer appears, please return to Game Board.
Back to game board
11
Device Security - 500
What is the method of access control by which users must
present multiple, separate pieces of identification, such as a
password and keycard, in order to access a system?
Answer: Multi-Factor Authentication (MFA). MFA greatly increases the
security of access control. Even if a password is learned or an ID is stolen, it
will not be enough to compromise a system. Many online services allow MFA
options, such as requiring a one-time login code as well as a password.
After each answer appears, please return to Game Board.
Back to game board
12
Types of Cyber Attacks - 100
A scammer creates a fake email and sends it to thousands of
people, hoping some of them will click on a link and give up
their personal information. What is this type of attack called?
Answer: Phishing – a type of social engineering that often
manipulates human impulses, such as greed, fear, or the
desire to help others.
After each answer appears, please return to Game Board.
Back to game board
13
Types of Cyber Attacks - 200
What is the term for harmful software that seeks
to damage or exploit the machines that run it?
Answer: Malware. This stands for “malicious software,”
and refers to a large variety of software-based attacks.
After each answer appears, please return to Game Board.
Back to game board
14
Types of Cyber Attacks - 300
An attacker goes to a local coffee shop and creates a wireless network
using the shop’s name, hoping unsuspecting customers will log on.
What is this type of attack called?
Answer: Spoofing. This kind of attack can come in many forms (email, GPS, caller
ID), but is most commonly known with regards to fake and malicious wireless
networks. Before logging onto a public network, be sure it is the correct one.
After each answer appears, please return to Game Board.
Back to game board
15
Types of Cyber Attacks - 400
You bring your laptop to a local restaurant. Without your knowledge,
the customer at the table behind you watches you log in to your
email, thereby learning your username and password. What is this
type of attack called?
Answer: Shoulder surfing. It is important to remember that not all cyber attacks
require the direct manipulation of technology. Attackers can often obtain
important information by simply observing people, asking questions, or piecing
together dissociated facts to learn or guess something private.
After each answer appears, please return to Game Board.
Back to game board
16
Types of Cyber Attacks - 500
After clicking an advertisement on an unsecure website, your computer
freezes. A message appears, demanding you pay a certain amount of
money to unlock your computer. What is this type of attack called?
Answer: Ransomware. This type of attack has grown more common in recent
years, especially against institutions that need to recover their data as soon as
possible, such as medical facilities.
After each answer appears, please return to Game Board.
Back to game board
17
Cyber History - 100
This entrepreneur is widely-known for his contributions to
the personal computer industry. He founded the Microsoft
Corporation in 1975, with his business partner Paul Allen.
Answer: Bill Gates.
After each answer appears, please return to Game Board.
Back to game board
18
Cyber History - 200
Which United States federal agency has been tasked with
improving national cybersecurity and protecting the nation’s
critical infrastructure?
Answer: The Department of Homeland Security. Specifically, the Cybersecurity
and Infrastructure Security Agency (CISA), which is responsible for protecting
the Nation’s critical infrastructure from physical and cyber threats.
After each answer appears, please return to Game Board.
Back to game board
19
Cyber History - 300
This English cryptanalyst is famous for deciphering encoded messages during
World War II and creating standards for artificial intelligence. He is considered by
many to be the father of theoretical computing. (Hint: There was a 2014 movie
based on his biography.)
Answer: Alan Turing. Turing helped the Allies by cracking intercepted messages
from the German forces, gleaning information that was crucial to an Allied victory.
He also created the “Turing test,” which examines a machine’s ability to display
human behavior à la artificial intelligence.
After each answer appears, please return to Game Board.
Back to game board
20
Cyber History - 400
This English writer and mathematician is known for her work
on the Analytical Engine and is considered to be one of the
first computer programmers.
Answer(s): Ada Lovelace worked alongside Charles Babbage in
the 1840s to publish the first computer-based algorithm.
After each answer appears, please return to Game Board.
Back to game board
21
Cyber History - 500
In May 2017, this worldwide cyber attack used ransomware to exploit
approximately 400,000 unpatched machines, resulting in damages
totaling to over $4,000,000,000 (4 billion USD).
Answer: WannaCry. This ransomware attack propagated through an exploit called
EternalBlue, which took advantage of older Windows systems. Targeted machines
had their data involuntarily encrypted, with a demand of Bitcoin payment for the
release thereof.
After each answer appears, please return to Game Board.
Back to game board
22
Cyber Stats- 100
Approximately how many attempted cyber attacks are
reported to the Pentagon every day? (Closest answer wins.)
Answer: Over 10 million.
After each answer appears, please return to Game Board.
Back to game board
23
Cyber Stats- 200
How many unfilled cybersecurity jobs are there in the United States
alone? (Closest answer wins.)
Answer: 310,000.
After each answer appears, please return to Game Board.
Back to game board
24
Cyber Stats- 300
Globally, how many unfilled cybersecurity positions are
there estimated to be by 2022? (Closest answer wins.)
Answer: 1.8 Million.
After each answer appears, please return to Game Board.
Back to game board
25
Cyber Stats- 400
What is the estimated cost of a successful phishing attack on a
single small or medium-sized business? (Closest answer wins.)
Answer: $1.6 Million USD.
After each answer appears, please return to Game Board.
Back to game board
26
Cyber Stats- 500
What is the estimated global cost of cybercrime by the
end of 2019? (Closest answer wins).
Answer: $2 Trillion USD.
After each answer appears, please return to Game Board.
Back to game board
27
Bonus Trivia
Solve this cryptogram:
Answer: Connect with confidence!
(This is called a Caesar cipher; since the key is 13, each letter
is replaced with the letter 13 places down the alphabet.)
Back to game board
28
Thanks for playing!
Visit https://niccs.us-cert.gov/national-cybersecurity-awarenessmonth-2019 to download the NCSAM 2019 toolkit
Related documents
rtf
rtf
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
Computer Networks 2 – Assignment
Computer Networks 2 – Assignment
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
LOYOLA COLLEGE (AUTONOMOUS), CHENNAI – 600 034
Download
advertisement