Across
- 5. The government is watching our certification through compliance
- 7. Mcdonald's _____ browns or the secure format to store passwords in a database
- 9. Not the loch ness monster but a dynamic scanning tool
- 11. Process for scanning federal VPCs before releases because the government says so
- 12. Following someone through physical security without using your own badge
- 14. Acronym for the three pillars of security, or an unrelated government agency
- 17. Example: 12 characters, 1 uppercase, 1 lowercase, 1 symbol, 1 blood of unicorn, 1 rabbit foot
- 18. Conference affectionately known as "hacker summer camp" held in Las Vegas every year
- 21. Tool used for vendor reviews
- 22. Representation of a system used to assess risk boundaries
- 24. Using (vulnerability #) to conduct an attack
Down
- 1. Something you have, something you know, something you are.. just a password is not enough
- 2. Public or private? Symmetric or asymmetric? Also unlocks doors
- 3. Use 1.2 or higher, formerly called SSL
- 4. Example: Entering in name as "1=1; drop table USER;"
- 6. Example: AJ sends you an urgent text message requesting youtube gift cards
- 8. A weakness in our code or configuration (example: log4j)
- 10. Process for evaluating security and privacy of medium/high risk features
- 13. Secure physical space to store user data
- 15. Example: <script>alert(1);</script>
- 16. Our endpoint protection product
- 19. How you sign in to get access to company resources
- 20. Internal password management tool
- 23. This organization publishes top ten vulnerabilities