Teamviewer / VNC No DR Plan No SPF record Windows 7 cracked admin password Telnet Default admin credentials Whitelisted domains in email filter No DMZ Computers not joined to Domain Guest SSID but no isolation Individual permissions in shares Windows XP Passwords never expire "We update when there are problems" >50% passwords cracked "We're as secure as we can be." Adobe Flash No Security Awareness Training No IR Plan Unpatched Exchange Unidentified PCI requirements Users are local admins Manual Backups Unlicensed hardware or software Inapproprite Firewall rules (not RDP) "We just use Windows Defender" No EDR No DKIM / DMARC Minimal Group Policy Stale Objects older than 1year Windows Server 2003/2008 DNS logging not enabled Wireless PSK older than 2 years No true network segmentation closet spaghetti Default SNMP Write value No drive encryption Shares with "Everyone, Full Control" password spreadsheet No MFA External RDP "We've never had an incident." Plain text password discovered in share No offsite backups Teamviewer / VNC No DR Plan No SPF record Windows 7 cracked admin password Telnet Default admin credentials Whitelisted domains in email filter No DMZ Computers not joined to Domain Guest SSID but no isolation Individual permissions in shares Windows XP Passwords never expire "We update when there are problems" >50% passwords cracked "We're as secure as we can be." Adobe Flash No Security Awareness Training No IR Plan Unpatched Exchange Unidentified PCI requirements Users are local admins Manual Backups Unlicensed hardware or software Inapproprite Firewall rules (not RDP) "We just use Windows Defender" No EDR No DKIM / DMARC Minimal Group Policy Stale Objects older than 1year Windows Server 2003/2008 DNS logging not enabled Wireless PSK older than 2 years No true network segmentation closet spaghetti Default SNMP Write value No drive encryption Shares with "Everyone, Full Control" password spreadsheet No MFA External RDP "We've never had an incident." Plain text password discovered in share No offsite backups
(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.
Teamviewer / VNC
No DR Plan
No SPF record
Windows 7
cracked admin password
Telnet
Default admin credentials
Whitelisted domains in email filter
No DMZ
Computers not joined to Domain
Guest SSID but no isolation
Individual permissions in shares
Windows XP
Passwords never expire
"We update when there are problems"
>50% passwords cracked
"We're as secure as we can be."
Adobe Flash
No Security Awareness Training
No IR Plan
Unpatched Exchange
Unidentified PCI requirements
Users are local admins
Manual Backups
Unlicensed hardware or software
Inapproprite Firewall rules (not RDP)
"We just use Windows Defender"
No EDR
No DKIM / DMARC
Minimal Group Policy
Stale Objects older than 1year
Windows Server 2003/2008
DNS logging not enabled
Wireless PSK older than 2 years
No true network segmentation
closet spaghetti
Default SNMP Write value
No drive encryption
Shares with "Everyone, Full Control"
password spreadsheet
No MFA
External RDP
"We've never had an incident."
Plain text password discovered in share
No offsite backups