ISG's Security Summit Crossword Puzzle

Edit Answers
1234567891011121314151617181920
Across
  1. 4. This acronym allows associates to use one's personally owned device, rather than being required to use an officially provided device.
  2. 8. The acronym for information about individuals that can be used to trace a person’s identity, such as full name, birth date, biometric data, social security number, etc.
  3. 9. _________ _________ and Disaster Recovery would allow Lowe’s to reduce the risk of data loss, reputational harm, and improve operations when dealing with the effects of significant unexpected events.
  4. 15. An access control model that restricts system access to authorized users based on job function(s).
  5. 16. This type of security describes measures that are designed to deny unauthorized access to facilities, equipment, and resources and to protect personnel and property from damage or harm.
  6. 17. This type of social engineering, also known as piggybacking, is a physical security breach where an unauthorized person follows an authorized individual into a typically secured area.
  7. 18. A form of malware that encrypts a victim’s files in exchange for money. Usually, the victim receives instructions of what and how to pay to gain their access back.
  8. 19. Technology policies, ___________ , and procedures define the parameters that associates must understand, acknowledge, and abide by to reduce risk to Lowe’s.
  9. 20. Lowe’s _______ _____ policy defines accepted practices, responsibilities and procedures for Lowe’s associates, non-associates and third parties using Lowe’s owned devices and who are authorized to work at home or a designated alternative work site.
Down
  1. 1. Unique physical characteristics, such as fingerprints, facial recognition, etc. that can be used for automated identification.
  2. 2. ______ ______ ___________ software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.
  3. 3. A classification level for documents designed to only be distributed within Lowe’s and is also used in the Azure Information Protection labels.
  4. 5. Scammer prey on innocent ________ ____________, especially around holiday time, while making Internet purchases using a web browser or a mobile app to try to gain access to their credit cards and sensitive personal information.
  5. 6. Cybercriminals use this type of social engineering attack to impersonate high profile executives in an organization (e.g. CEO, CFO, etc.) hoping to leverage their authority to gain access to sensitive data or money.
  6. 7. A weakness which can be exploited by a threat actor, such as an attacker, to cross privilege boundaries within a computer system.
  7. 10. Identity and _________ __________is a framework of policies and technologies for ensuring that the right users have the appropriate access to technology resources.
  8. 11. Lowe’s Security Operations Center (SOC) is now referred to as the Information Security ________ ________.
  9. 12. ______ ________ refers to the means of interactions among people in which they create, share, and/or exchange information and ideas in virtual communities and networks (e.g. Yammer).
  10. 13. _________________@lowes.com and the Report Phish button in Outlook are the correct places for Lowe’s associates to report suspicious emails.
  11. 14. An acronym for volatile memory within a computer that holds active processes, data, and applications.