Page 1 of 3 123 LastLast
Results 1 to 15 of 31

Thread: Security Quiz

  1. #1
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Security Quiz

    Have a go at Agnitum's security quiz and see how much you know:

    http://www.agnitum.com/vote/stquiz/start.php

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  2. #2
    Joined
    Jul 2003
    Location
    Australia
    Posts
    14,221

    Re: Security Quiz

    I got 27. Botched Q13 'cos I know nothing about HIPS.

    Interesting quiz. Mostly commonsense, although a few of the questions could have been better thought out. Just some examples:

    Question 2:

    Question 9:
    Spoiler!

    Question 14:
    Spoiler!

  3. #3
    Joined
    Mar 2004
    Location
    mtl,canada
    Age
    36
    Posts
    37,301

    Re: Security Quiz

    i got bored half way and clicked randomly lol but got 20/30 anyway

    add a couple 120mm fans overhead to drop temps by 10+ celsiusD.S.C-12(2)-disclaimer : whatever u do with your hardware/software is your
    responsibility, which i dont hold if u break anything

    GRAB here OcBible v1.55 and Guidemania v1.21
    scary pooch?pooch#1taking ball from dogpooch pulln on ropeme on board after 2 years
    of no board
    http://gonny.se/ <-cool lady http://www.mediafire.com/?8dmg21ms1vx
    IN MEMORY OF HOW BM WAS TREATED HERE...

  4. #4
    Joined
    Jun 2004
    Location
    Hamilton, New Zealand.
    Age
    40
    Posts
    925

    Re: Security Quiz

    hehe, 28
    Can we use the status code in here ?
    Last edited by -=SparX=-; 09-19-2007 at 11:40 PM. Reason: doh !
    <--- Game & Surf
    <--- Htpc
    <--- Server
    <--- Lappy

  5. #5
    Joined
    Aug 2001
    Posts
    74,684

    Re: Security Quiz

    What an excellent notion.

    This sort of thing could be an ongoing feature here....

  6. #6
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Security Quiz

    Quote Originally Posted by jimzinsocal View Post
    What an excellent notion.

    This sort of thing could be an ongoing feature here....
    Yep, nice little tool for educating users

    OK, here's another one... I won't post it here because we all know it's a security quiz question, but instead I'll ask it in Off Topic and see what responses we get

    http://forums.pcper.com/showthread.php?t=445844

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  7. #7
    Joined
    Aug 2001
    Posts
    74,684

    Re: Security Quiz

    You know...as much talent as we have around here in the "security" deal?
    What a great and instructive idea. We could add a "spoiler" for the correct response and include some teaching.

    "Security Question Of The Day"
    Last edited by jimzinsocal; 09-20-2007 at 01:21 PM.

  8. #8
    Joined
    Jul 2003
    Location
    Australia
    Posts
    14,221

    Re: Security Quiz

    Not sure what you're driving at with the thumbdrive deal as far as security is concerned. Private information or malware? I wouldn't consider either as much of an issue if I decided to keep the thumbdrive.

  9. #9
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Security Quiz

    Quote Originally Posted by Mjölnir View Post
    Not sure what you're driving at with the thumbdrive deal as far as security is concerned. Private information or malware? I wouldn't consider either as much of an issue if I decided to keep the thumbdrive.
    In a recent security audit, a private security company hired by a large corporate to perform penetration testing wasn't having much luck breaking into the company by conventional means - the usual tricks, phoning up employees pretending to be the new guy in IT and asking them for their passwords, sending them emails with attachments etc. The company's staff had been extremely well trained not to respond to such threats. So they bought 100 USB pendrives and loaded each with a backdoor virus set to autorun when the drive was inserted. They "planted" them around the building and car park, and of those that were found, over 80% were plugged straight into a company PC - bingo, they were in and had full access in no time and no one had a clue they had just been totally compromised.

    My point is we are all very well conditioned to certain threats - like opening an email attachment, but when we see a shiny new USB drive laying around we pick it up and think great, I wonder if it works, and plug it straight into a PC to find out. It's just human nature, very easy to predict and very easy to exploit. If that is some bad guy looking to commit company espionage, he's just found a very cheap and easy way in and IT aren't going to have the first clue how their security was penetrated.

    Many large companies have IT policies banning the use of such removable media for just such reasons, but employees generally regard them as restrictive or an issue of lack of trust (to prevent the stealing or removal of company information), but they don't generally see it as a security risk. This is because often we don't see something as a risk until we've been burned by it ourselves - again, human nature and how we learn. The security audit company knew it was a risk that could be exploited because they'd seen it in action before

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  10. #10
    Joined
    Aug 2001
    Posts
    74,684

    Re: Security Quiz

    Excellent. See what I was getting at Ned? "A question of the day" and a really good explanation with it....

  11. #11
    Joined
    Mar 2002
    Location
    Tampa, FL
    Age
    49
    Posts
    2,456

    Unhappy Re: Security Quiz

    17, WTF! I thought I was doing well. I thought with all that I've learned from you guys that I would do better. Would be interesting to get their answers to these questions; although, I'm not e-mailing to get them.
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-280 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

  12. #12
    Joined
    Jul 2003
    Location
    Australia
    Posts
    14,221

    Re: Security Quiz

    Quote Originally Posted by Ned Slider View Post
    In a recent security audit, a private security company hired by a large corporate to perform penetration testing wasn't having much luck breaking into the company by conventional means - the usual tricks, phoning up employees pretending to be the new guy in IT and asking them for their passwords, sending them emails with attachments etc. The company's staff had been extremely well trained not to respond to such threats. So they bought 100 USB pendrives and loaded each with a backdoor virus set to autorun when the drive was inserted. They "planted" them around the building and car park, and of those that were found, over 80% were plugged straight into a company PC - bingo, they were in and had full access in no time and no one had a clue they had just been totally compromised.

    My point is we are all very well conditioned to certain threats - like opening an email attachment, but when we see a shiny new USB drive laying around we pick it up and think great, I wonder if it works, and plug it straight into a PC to find out. It's just human nature, very easy to predict and very easy to exploit. If that is some bad guy looking to commit company espionage, he's just found a very cheap and easy way in and IT aren't going to have the first clue how their security was penetrated.

    Many large companies have IT policies banning the use of such removable media for just such reasons, but employees generally regard them as restrictive or an issue of lack of trust (to prevent the stealing or removal of company information), but they don't generally see it as a security risk. This is because often we don't see something as a risk until we've been burned by it ourselves - again, human nature and how we learn. The security audit company knew it was a risk that could be exploited because they'd seen it in action before
    Interesting. The reason I said I wouldn't consider it much of an issue is that the chances of finding a thumbdrive set up in this manner are extremely slim. I think it's fair enough to expect that people would do this.

  13. #13
    Joined
    Jul 2001
    Location
    UK
    Age
    46
    Posts
    20,230

    Re: Security Quiz

    Quote Originally Posted by Mjölnir View Post
    Interesting. The reason I said I wouldn't consider it much of an issue is that the chances of finding a thumbdrive set up in this manner are extremely slim. I think it's fair enough to expect that people would do this.
    Indeed. It came up at a recent infosec conference during a penetration testing seminar. This is the type of things large corporations are up against when they have industrial secrets their competitors would pay good money for. Hackers will target a company, see what info they can steal and then see who they can potentially sell it to.

    ~ Want to try Linux - check out the PC Perspective Linux FAQ ~
    ~ Please take some time to read the Forum Rules ~
    ~ Feed the spamb0tz, don't mail me here: B7Trz4568254@nirvana.admins.ws ~


  14. #14
    Joined
    Oct 2001
    Location
    Indian-uhhh
    Age
    33
    Posts
    5,765

    Re: Security Quiz

    24. I didn't know what to expect, but learning something new doesn't hurt.

  15. #15
    Joined
    Oct 2003
    Location
    Midwest
    Age
    56
    Posts
    1,207

    Re: Security Quiz

    26 and I know what I answered wrong, dummy...
    ......
    ................. Heat .....................

    24/7 speeds
    w/c - * GA-EP45-UD3P - Q9650 - 3737 - 9x415 * ...cpu-z... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2925 - 9x325 * ... cpu-z ... w/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 170 - 2826 - 9x314 * ... cpu-z ... a/c - GTX260
    w/c - * A8N32-SLI-Dlx - Opty 165 - 2250 - 9x250 * ... cpu-z ... a/c - GTS250

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •