Windows XP No offsite backups External RDP Individual permissions in shares Whitelisted domains in email filter "We've never had an incident." Telnet No DMZ "We just use Windows Defender" cracked admin password Guest SSID but no isolation Unidentified PCI requirements Users are local admins Windows Server 2003/2008 Windows 7 No DR Plan No EDR Inapproprite Firewall rules (not RDP) No drive encryption Manual Backups Teamviewer / VNC No Security Awareness Training password spreadsheet Minimal Group Policy >50% passwords cracked Wireless PSK older than 2 years Unlicensed hardware or software "We're as secure as we can be." Plain text password discovered in share No DKIM / DMARC No true network segmentation closet spaghetti "We update when there are problems" No SPF record Default SNMP Write value Passwords never expire No IR Plan Adobe Flash Computers not joined to Domain No MFA Default admin credentials Shares with "Everyone, Full Control" DNS logging not enabled Unpatched Exchange Stale Objects older than 1year Windows XP No offsite backups External RDP Individual permissions in shares Whitelisted domains in email filter "We've never had an incident." Telnet No DMZ "We just use Windows Defender" cracked admin password Guest SSID but no isolation Unidentified PCI requirements Users are local admins Windows Server 2003/2008 Windows 7 No DR Plan No EDR Inapproprite Firewall rules (not RDP) No drive encryption Manual Backups Teamviewer / VNC No Security Awareness Training password spreadsheet Minimal Group Policy >50% passwords cracked Wireless PSK older than 2 years Unlicensed hardware or software "We're as secure as we can be." Plain text password discovered in share No DKIM / DMARC No true network segmentation closet spaghetti "We update when there are problems" No SPF record Default SNMP Write value Passwords never expire No IR Plan Adobe Flash Computers not joined to Domain No MFA Default admin credentials Shares with "Everyone, Full Control" DNS logging not enabled Unpatched Exchange Stale Objects older than 1year
(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.
Windows XP
No offsite backups
External RDP
Individual permissions in shares
Whitelisted domains in email filter
"We've never had an incident."
Telnet
No DMZ
"We just use Windows Defender"
cracked admin password
Guest SSID but no isolation
Unidentified PCI requirements
Users are local admins
Windows Server 2003/2008
Windows 7
No DR Plan
No EDR
Inapproprite Firewall rules (not RDP)
No drive encryption
Manual Backups
Teamviewer / VNC
No Security Awareness Training
password spreadsheet
Minimal Group Policy
>50% passwords cracked
Wireless PSK older than 2 years
Unlicensed hardware or software
"We're as secure as we can be."
Plain text password discovered in share
No DKIM / DMARC
No true network segmentation
closet spaghetti
"We update when there are problems"
No SPF record
Default SNMP Write value
Passwords never expire
No IR Plan
Adobe Flash
Computers not joined to Domain
No MFA
Default admin credentials
Shares with "Everyone, Full Control"
DNS logging not enabled
Unpatched Exchange
Stale Objects older than 1year