cpasswordAdobeFlash>20%phishclick rateSegmentationwithout ACLsNoredundantISPWindows7complianceviolationDNSloggingnotenabled"DomainUsers" groupas localadministratorUsersare localadminsUnlicensedhardwareor softwareGuestSSID butno guestisolationNo DMZ(whereappropriate)WirelessPSK olderthan 2yearsinsecurezonetransfersTelnetNobackupfailurealertsWinlogoncachedefaultvalueLLMNRenabledDefaultadmincredentialsTeamviewer/ VNCBypassusersin DUOunauthenticatedmail relayUnpatchedExchangeNoGeo-IPblockingVMwithoutautostartComputersnotjoined toAD (or AAD)passwordcomplexitynotenforcedStaleusersolder than1yearNobotnetfilterNoDKIM /DMARCPCIviolationinappropriateunconstraineddelegation inActiveDirectoryWhitelisteddomains inemail filterGPO withinsecuresettingsLMHash onadminpasswordspreadsheetEnd userPasswordsthat neverexpireEDRMissingonendpointminpasswordlength < 12charactersuntrainedclickersNo driveencryptionSMBsigningnotenabledWindowsXPIndividualuserpermissionsin sharesInappropriteFirewallrules (notRDP)VPN withweakencryptionPlain textpassworddiscoveredin shareApplicationwith > 1000vulnerabilitiesunencryptedbackupsWindowsServer2003/2008No MFAon365AdminroguedeviceDefaultSNMPWritevalueNIPSdisabled/unconfiguredlegacyconfigurationnot removedInsecureshare withPII/PHINoSPFrecordcriticallyout-of-datefirmwareunencryptedwebmanagementinterfacecpasswordAdobeFlash>20%phishclick rateSegmentationwithout ACLsNoredundantISPWindows7complianceviolationDNSloggingnotenabled"DomainUsers" groupas localadministratorUsersare localadminsUnlicensedhardwareor softwareGuestSSID butno guestisolationNo DMZ(whereappropriate)WirelessPSK olderthan 2yearsinsecurezonetransfersTelnetNobackupfailurealertsWinlogoncachedefaultvalueLLMNRenabledDefaultadmincredentialsTeamviewer/ VNCBypassusersin DUOunauthenticatedmail relayUnpatchedExchangeNoGeo-IPblockingVMwithoutautostartComputersnotjoined toAD (or AAD)passwordcomplexitynotenforcedStaleusersolder than1yearNobotnetfilterNoDKIM /DMARCPCIviolationinappropriateunconstraineddelegation inActiveDirectoryWhitelisteddomains inemail filterGPO withinsecuresettingsLMHash onadminpasswordspreadsheetEnd userPasswordsthat neverexpireEDRMissingonendpointminpasswordlength < 12charactersuntrainedclickersNo driveencryptionSMBsigningnotenabledWindowsXPIndividualuserpermissionsin sharesInappropriteFirewallrules (notRDP)VPN withweakencryptionPlain textpassworddiscoveredin shareApplicationwith > 1000vulnerabilitiesunencryptedbackupsWindowsServer2003/2008No MFAon365AdminroguedeviceDefaultSNMPWritevalueNIPSdisabled/unconfiguredlegacyconfigurationnot removedInsecureshare withPII/PHINoSPFrecordcriticallyout-of-datefirmwareunencryptedwebmanagementinterface

Risk Assessment BINGO - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
  1. cpassword
  2. Adobe Flash
  3. >20% phish click rate
  4. Segmentation without ACLs
  5. No redundant ISP
  6. Windows 7
  7. compliance violation
  8. DNS logging not enabled
  9. "Domain Users" group as local administrator
  10. Users are local admins
  11. Unlicensed hardware or software
  12. Guest SSID but no guest isolation
  13. No DMZ (where appropriate)
  14. Wireless PSK older than 2 years
  15. insecure zone transfers
  16. Telnet
  17. No backup failure alerts
  18. Winlogon cache default value
  19. LLMNR enabled
  20. Default admin credentials
  21. Teamviewer / VNC
  22. Bypass users in DUO
  23. unauthenticated mail relay
  24. Unpatched Exchange
  25. No Geo-IP blocking
  26. VM without autostart
  27. Computers not joined to AD (or AAD)
  28. password complexity not enforced
  29. Stale users older than 1year
  30. No botnet filter
  31. No DKIM / DMARC
  32. PCI violation
  33. inappropriate unconstrained delegation in Active Directory
  34. Whitelisted domains in email filter
  35. GPO with insecure settings
  36. LM Hash on admin
  37. password spreadsheet
  38. End user Passwords that never expire
  39. EDR Missing on endpoint
  40. min password length < 12 characters
  41. untrained clickers
  42. No drive encryption
  43. SMB signing not enabled
  44. Windows XP
  45. Individual user permissions in shares
  46. Inapproprite Firewall rules (not RDP)
  47. VPN with weak encryption
  48. Plain text password discovered in share
  49. Application with > 1000 vulnerabilities
  50. unencrypted backups
  51. Windows Server 2003/2008
  52. No MFA on 365 Admin
  53. rogue device
  54. Default SNMP Write value
  55. NIPS disabled /unconfigured
  56. legacy configuration not removed
  57. Insecure share with PII/PHI
  58. No SPF record
  59. critically out-of-date firmware
  60. unencrypted web management interface