Usersare localadminsSMBsigningnotenabledNoSPFrecordStaleusersolder than1yearWirelessPSK olderthan 2yearsuntrainedclickersEDRMissingonendpointroguedeviceInappropriteFirewallrules (notRDP)NobotnetfilterLLMNRenabledminpasswordlength < 12characterspasswordspreadsheetNo MFAon365Admincpassword>20%phishclick rateComputersnotjoined toAD (or AAD)Individualuserpermissionsin sharesDefaultadmincredentialsinappropriateunconstraineddelegation inActiveDirectorylegacyconfigurationnot removedVPN withweakencryptionUnpatchedExchangepasswordcomplexitynotenforcedWindows7NoGeo-IPblockingDefaultSNMPWritevalueUnlicensedhardwareor softwareWindowsServer2003/2008WindowsXPNo DMZ(whereappropriate)criticallyout-of-datefirmwareDNSloggingnotenabledcomplianceviolationPCIviolationTelnetLMHash onadminPlain textpassworddiscoveredin shareNoDKIM /DMARCNIPSdisabled/unconfiguredWhitelisteddomains inemail filterTeamviewer/ VNCSegmentationwithout ACLsNo driveencryptionAdobeFlashunencryptedbackupsEnd userPasswordsthat neverexpireinsecurezonetransfersVMwithoutautostartunauthenticatedmail relay"DomainUsers" groupas localadministratorNobackupfailurealertsGPO withinsecuresettingsBypassusersin DUOWinlogoncachedefaultvalueunencryptedwebmanagementinterfaceGuestSSID butno guestisolationNoredundantISPApplicationwith > 1000vulnerabilitiesInsecureshare withPII/PHIUsersare localadminsSMBsigningnotenabledNoSPFrecordStaleusersolder than1yearWirelessPSK olderthan 2yearsuntrainedclickersEDRMissingonendpointroguedeviceInappropriteFirewallrules (notRDP)NobotnetfilterLLMNRenabledminpasswordlength < 12characterspasswordspreadsheetNo MFAon365Admincpassword>20%phishclick rateComputersnotjoined toAD (or AAD)Individualuserpermissionsin sharesDefaultadmincredentialsinappropriateunconstraineddelegation inActiveDirectorylegacyconfigurationnot removedVPN withweakencryptionUnpatchedExchangepasswordcomplexitynotenforcedWindows7NoGeo-IPblockingDefaultSNMPWritevalueUnlicensedhardwareor softwareWindowsServer2003/2008WindowsXPNo DMZ(whereappropriate)criticallyout-of-datefirmwareDNSloggingnotenabledcomplianceviolationPCIviolationTelnetLMHash onadminPlain textpassworddiscoveredin shareNoDKIM /DMARCNIPSdisabled/unconfiguredWhitelisteddomains inemail filterTeamviewer/ VNCSegmentationwithout ACLsNo driveencryptionAdobeFlashunencryptedbackupsEnd userPasswordsthat neverexpireinsecurezonetransfersVMwithoutautostartunauthenticatedmail relay"DomainUsers" groupas localadministratorNobackupfailurealertsGPO withinsecuresettingsBypassusersin DUOWinlogoncachedefaultvalueunencryptedwebmanagementinterfaceGuestSSID butno guestisolationNoredundantISPApplicationwith > 1000vulnerabilitiesInsecureshare withPII/PHI

Risk Assessment BINGO - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
  1. Users are local admins
  2. SMB signing not enabled
  3. No SPF record
  4. Stale users older than 1year
  5. Wireless PSK older than 2 years
  6. untrained clickers
  7. EDR Missing on endpoint
  8. rogue device
  9. Inapproprite Firewall rules (not RDP)
  10. No botnet filter
  11. LLMNR enabled
  12. min password length < 12 characters
  13. password spreadsheet
  14. No MFA on 365 Admin
  15. cpassword
  16. >20% phish click rate
  17. Computers not joined to AD (or AAD)
  18. Individual user permissions in shares
  19. Default admin credentials
  20. inappropriate unconstrained delegation in Active Directory
  21. legacy configuration not removed
  22. VPN with weak encryption
  23. Unpatched Exchange
  24. password complexity not enforced
  25. Windows 7
  26. No Geo-IP blocking
  27. Default SNMP Write value
  28. Unlicensed hardware or software
  29. Windows Server 2003/2008
  30. Windows XP
  31. No DMZ (where appropriate)
  32. critically out-of-date firmware
  33. DNS logging not enabled
  34. compliance violation
  35. PCI violation
  36. Telnet
  37. LM Hash on admin
  38. Plain text password discovered in share
  39. No DKIM / DMARC
  40. NIPS disabled /unconfigured
  41. Whitelisted domains in email filter
  42. Teamviewer / VNC
  43. Segmentation without ACLs
  44. No drive encryption
  45. Adobe Flash
  46. unencrypted backups
  47. End user Passwords that never expire
  48. insecure zone transfers
  49. VM without autostart
  50. unauthenticated mail relay
  51. "Domain Users" group as local administrator
  52. No backup failure alerts
  53. GPO with insecure settings
  54. Bypass users in DUO
  55. Winlogon cache default value
  56. unencrypted web management interface
  57. Guest SSID but no guest isolation
  58. No redundant ISP
  59. Application with > 1000 vulnerabilities
  60. Insecure share with PII/PHI