passwordspreadsheetBypassusersin DUOUnlicensedhardwareor softwareNoSPFrecorduntrainedclickersIndividualuserpermissionsin sharesWirelessPSK olderthan 2yearsunencryptedbackupsComputersnotjoined toAD (or AAD)Staleusersolder than1yearTelnetcomplianceviolationDefaultadmincredentialsSegmentationwithout ACLsLLMNRenabledWinlogoncachedefaultvalueInsecureshare withPII/PHIminpasswordlength < 12charactersPCIviolationEnd userPasswordsthat neverexpireWhitelisteddomains inemail filterPlain textpassworddiscoveredin shareEDRMissingonendpointpasswordcomplexitynotenforcedWindowsXP>20%phishclick rateNo MFAon365Admin"DomainUsers" groupas localadministratorNIPSdisabled/unconfiguredcpasswordAdobeFlashApplicationwith > 1000vulnerabilitiesunauthenticatedmail relayDefaultSNMPWritevalueSMBsigningnotenabledNoGeo-IPblockinglegacyconfigurationnot removedWindowsServer2003/2008VMwithoutautostartNo DMZ(whereappropriate)VPN withweakencryptionNobotnetfilterDNSloggingnotenabledInappropriteFirewallrules (notRDP)roguedeviceWindows7inappropriateunconstraineddelegation inActiveDirectorycriticallyout-of-datefirmwareGPO withinsecuresettingsUsersare localadminsLMHash onadminNobackupfailurealertsNoDKIM /DMARCGuestSSID butno guestisolationTeamviewer/ VNCinsecurezonetransfersNo driveencryptionUnpatchedExchangeunencryptedwebmanagementinterfaceNoredundantISPpasswordspreadsheetBypassusersin DUOUnlicensedhardwareor softwareNoSPFrecorduntrainedclickersIndividualuserpermissionsin sharesWirelessPSK olderthan 2yearsunencryptedbackupsComputersnotjoined toAD (or AAD)Staleusersolder than1yearTelnetcomplianceviolationDefaultadmincredentialsSegmentationwithout ACLsLLMNRenabledWinlogoncachedefaultvalueInsecureshare withPII/PHIminpasswordlength < 12charactersPCIviolationEnd userPasswordsthat neverexpireWhitelisteddomains inemail filterPlain textpassworddiscoveredin shareEDRMissingonendpointpasswordcomplexitynotenforcedWindowsXP>20%phishclick rateNo MFAon365Admin"DomainUsers" groupas localadministratorNIPSdisabled/unconfiguredcpasswordAdobeFlashApplicationwith > 1000vulnerabilitiesunauthenticatedmail relayDefaultSNMPWritevalueSMBsigningnotenabledNoGeo-IPblockinglegacyconfigurationnot removedWindowsServer2003/2008VMwithoutautostartNo DMZ(whereappropriate)VPN withweakencryptionNobotnetfilterDNSloggingnotenabledInappropriteFirewallrules (notRDP)roguedeviceWindows7inappropriateunconstraineddelegation inActiveDirectorycriticallyout-of-datefirmwareGPO withinsecuresettingsUsersare localadminsLMHash onadminNobackupfailurealertsNoDKIM /DMARCGuestSSID butno guestisolationTeamviewer/ VNCinsecurezonetransfersNo driveencryptionUnpatchedExchangeunencryptedwebmanagementinterfaceNoredundantISP

Risk Assessment BINGO - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
  1. password spreadsheet
  2. Bypass users in DUO
  3. Unlicensed hardware or software
  4. No SPF record
  5. untrained clickers
  6. Individual user permissions in shares
  7. Wireless PSK older than 2 years
  8. unencrypted backups
  9. Computers not joined to AD (or AAD)
  10. Stale users older than 1year
  11. Telnet
  12. compliance violation
  13. Default admin credentials
  14. Segmentation without ACLs
  15. LLMNR enabled
  16. Winlogon cache default value
  17. Insecure share with PII/PHI
  18. min password length < 12 characters
  19. PCI violation
  20. End user Passwords that never expire
  21. Whitelisted domains in email filter
  22. Plain text password discovered in share
  23. EDR Missing on endpoint
  24. password complexity not enforced
  25. Windows XP
  26. >20% phish click rate
  27. No MFA on 365 Admin
  28. "Domain Users" group as local administrator
  29. NIPS disabled /unconfigured
  30. cpassword
  31. Adobe Flash
  32. Application with > 1000 vulnerabilities
  33. unauthenticated mail relay
  34. Default SNMP Write value
  35. SMB signing not enabled
  36. No Geo-IP blocking
  37. legacy configuration not removed
  38. Windows Server 2003/2008
  39. VM without autostart
  40. No DMZ (where appropriate)
  41. VPN with weak encryption
  42. No botnet filter
  43. DNS logging not enabled
  44. Inapproprite Firewall rules (not RDP)
  45. rogue device
  46. Windows 7
  47. inappropriate unconstrained delegation in Active Directory
  48. critically out-of-date firmware
  49. GPO with insecure settings
  50. Users are local admins
  51. LM Hash on admin
  52. No backup failure alerts
  53. No DKIM / DMARC
  54. Guest SSID but no guest isolation
  55. Teamviewer / VNC
  56. insecure zone transfers
  57. No drive encryption
  58. Unpatched Exchange
  59. unencrypted web management interface
  60. No redundant ISP