Data breach quiz: What have we learned?

Data breaches from Target to Sony to Anthem have been getting a lot of attention as millions of personal records are violated, and there’s lessons to be learned about data security from all these events.

020414 network quiz 1
Lessons to be learned

Data breaches from Target to Sony to Anthem have been getting a lot of attention as millions of personal records are violated, and there’s lessons to be learned about data security from all these events. Here’s a short quiz about some of these and cyber security in general that will gauge how well you are prepared to deal with these threats. Keep score as you go and find out how well you did at the end.

RELATED: 5 Steps to Take When a Data Breach Hits

020414 network quiz 2
Credit: Wikimedia
How did hackers get into Target’s network?

a)      Attaching an infected USB to a PC on its network

b)      Stealing network credentials from a business partner

c)       Exploiting a software bug in point-of-sales machines

d)      Breaking a server that didn’t use two-factor authentication

020414 network quiz 3
How did hackers get into Target’s network?

b)      Stealing network credentials from a business partner

020414 network quiz 4
Credit: Wikimedia
How did hackers get into Home Depot’s network?

a)      Attaching an infected USB to a PC on its network

b)      Stealing network credentials from a business partner

c)       Exploiting a software bug in point-of-sales machines

d)      Breaking a server that didn’t use two-factor authentication

020414 network quiz 5
How did hackers get into Home Depot’s network?

b)      Stealing network credentials from a business partner

That’s right, same as Target. There’s a lesson to be learned here.

020414 network quiz 6 b
How did attackers get into JPMorgan’s network?

a)      Attaching an infected USB to a PC on its network

b)      Stealing network credentials from a business partner

c)       Exploiting a software bug in point-of-sales machines

d)      Breaking a server that didn’t use two-factor authentication

020414 network quiz 7 b
How did attackers get into JPMorgan’s network?

d)      Breaking a server that didn’t use two-factor authentication

Source: New York Times

020414 network quiz 8 b
What country is suspected of being behind the Anthem and Premera breaches?

a)      China

b)      Israel

c)       North Korea

d)      Russia

020414 network quiz 9 b
What country is suspected of being behind the Anthem and Premera breaches?

a)      China

Common certificates, tools, tactics and timing link them.

020414 network quiz 10
Credit: Pixabay
How many untrained users fall for phishing emails?

a)      20%

b)      25%

c)       30%

d)      40%

020414 network quiz 11
How many untrained users fall for phishing emails?

a)      20%

Source: Georgia Tech “Emerging Cyber Threats Report 2015”

020414 network quiz 12
Credit: Kenneth Lu
Once trained, how many users fall for phishing emails?

a)      0%

b)      1-9%

c)       10-14%

d)      15-19%

020414 network quiz 13
Once trained, how many users fall for phishing emails?

b)      1-9%

Source: Georgia Tech “Emerging Cyber Threats Report 2015”

020414 network quiz 14
Credit: wikimedia
How long does the average breach remain undetected?

a)      205 days

b)      250 days

c)       275 days

d)      15 months

020414 network quiz 15
How long does the average breach remain undetected?

a)      205 days

Source: Mandiant

020414 network quiz 16
Credit: Shutterstock
How many organizations discover breaches themselves?

a)      11%

b)      21%

c)       31%

d)      41%

020414 network quiz 17
How many organizations discover breaches themselves?

c)       31%

Source: Mandiant

020414 network quiz 18
Credit: Wikimedia
What industry was at highest risk for Web malware in 2014?

a)      Healthcare

b)      Government

c)       Finance

d)      Pharmaceuticals/Chemicals

020414 network quiz 19
What industry was at highest risk for Web malware in 2014?

d)      Pharmaceuticals/Chemicals

That counts malicious attempts, not successful breaches. Source: Cisco

020414 network quiz 20
Credit: Wikimedia
The top five types of data compromised in breaches are names, addresses, Social Security numbers, financial information and what else?

a)      Birth dates

b)      Email address

c)       Medical records

d)      Phone numbers

020414 network quiz 21
The top five types of data compromised in breaches are names, addresses, Social Security numbers, financial information and what else?

a)      Birth dates

Source: Symantec

020414 network quiz 22
Credit: Shutterstock
How’d you do?

0-2 – Straw hut

3-5 – Wooden house

6-8 – Brick house

9-10 – Fort Knox