Type
Crossword
Description

Attempt to damage, disrupt, or gain unauthorized access to a computer system or electronic communications network. cyberattack
Broad term applying to sensitive information. confidential
Type of sensitive information protected by law or regulation. protected
Malicious software which can infect computers, smartphones, tablets, and network servers until a sum of money is paid. ransomware
Transfer file by email. attachment
Computing resources delivered as a service over a network. cloud
Type of network typically used to connect family and friends. social
Type of password balances easy to remember yet hard to guess. smart
A sequence of words or other text used to control access to a computer system, program or data. passphrase
Information embedded in an electronic document. metadata
A U.S. law designed to provide privacy standards & security requirements for health information (acronym). HIPAA
Act that established penalties for Business Associates that violate HIPAA requirements (acronym). HITECH
The practice of sending spoofed email messages with the intention of collecting information for malicious purposes. Phishing
Type of security restricting printing or copying of documents, locking doors, and erasing whiteboards. Physical
A type of behavior intended to trick people into disclosing confidential information. Social Engineering

HIPAA COMPLIANCE TRAINING Crossword

Type
Crossword
Description

I can not take _______________ inside the Hospital. Selfies
What do the initials ePHI stand for electronically Protected Health _________ ? Information
Abbreviation for the Health Insurance Portability and Accountability Act of 1996? HIPAA
Every patient has the right to ___________ with their medical treatment and conditions. Privacy
By law hospitals must train annually on HIPAA ____________. Compliance
Hospitals have ___________ and procedures to meet Federal HIPAA rules and regulations. policies
If you suspect someone is violating the facility's privacy policy , you should? report
HIPAA security and privacy applies to everyone ______ in the facility. working
HIPAA is governed by _____ and Human Services? Health
HIPAA was created with _____ standards for all patients. Security
Accessible __________ Health Information (PHI) is limited to only that information needed for performance of services. Protected
Personally identifiable health information is protected by HIPAA includes photographic, electronic, spoken word and ______? Paper
I may not post any identifiable information on______? Social media
All information regarding patients must stay confidential. I can not even tell my friends or ____. Family
I may not share my computer log-in _____ with anyone. Password

INFO Security Crossword

Type
Crossword
Description

a software update designed to fix a particular problem or vulnerability <5 char> patch
the 's' in ______ stands for 'secure' and indicates that communication with a webpage is encrypted <5 char> HTTPS
The activity of copying files or databases so that they will be preserved in case of equipment failure or other catastrophe <6 char> backup
any data classified as personal, private or sensitive information <4 char> PPSI
function of one way encryption that is normally used to check integrity of data <4 char> hash
hardware or software mechanisms to prevent unauthorized users from accessing a computer network <8 char> firewall
malicious software that is inserted into a system, usually covertly, with the intent of compromising the victim's data <7 char> malware
a piece of digital information generated by a web server and saved in your computer after visiting a website <6 char> cookie
a weakness of a system or facility holding information which can be exploited to gain access or violate system integrity <13 char> vulnerability
an internet scam that targets unsuspecting users through email <8 char> phishing
a type of malware designed to block access to a computer system or data until a sum of money is paid <10 char> ransomware
this horse can stampede your security defenses for the bad guys and make you look sheepish too <6 char> trojan
your password is like a ____, use it regularly, change it often and do not share it with anyone else <10 char> toothbrush
a ________ is a program and/or device that monitors data travelling over a network. These programs/devices can be used both for legitimate network management and for stealing information off a network <6 char> snifer
____ is the scrambling of data into a secret code that can be read only by software set to decode that information <10 char> encryption
spoofing, tampering etc are examples of a security _____ <6 char> threat
a way of injecting malicious scripts into web pages <18 char> crosssitescripting
a ransomware crypto worm that attacked running microsoft windows operating systems, in May 2017 <8 char> wannacry
this malware targets microsoft windows based system and prevents it from booting <5 char> petya
group of experts that handle computer security incidents CERT

Cyber Security Crossword

Type
Crossword
Description

any software program in which advertising banners are displayed while the program is running. Adware
designed to detect and destroy computer viruses. Antivirus
an attempt by hackers to damage or destroy a computer network or system. Attack
a method, often secret, of bypassing normal authentication in a product back door
refers to the process of making copies of data or data files to use in the event the original data or data files are lost or destroyed. backup
refers to the process of making copies of data or data files to use in the event the original data or data files are lost or destroyed. Blended threat
are similar to worms and Trojans, but earn their unique name by performing a wide variety of automated tasks on behalf of their master (the cybercriminals) who are often safely located somewhere far across the Internet. bots
are small files that Web sites put on your computer hard disk drive when you first visit cookie
body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access cyber security
made possible by using algorithms to create complex codes out of simple data, effectively making it more difficult for cyberthieves to gain access to the information encryption
a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules. firewall
someone who seeks and exploits weaknesses in a computer system or computer network. hacker
global system of interconnected computer networks that use the Internet protocol suite internet
a local or restricted communications network, especially a private network created using World Wide Web software. intranet
used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. malicious code
the activity of defrauding an online account holder of financial information by posing as a legitimate company. phishing
software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive. spyware
any malicious computer program which is used to hack into a computer by misleading users of its true intent trojan horse
a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data virus
a standalone malware computer program that replicates itself in order to spread to other computers. worm

Technology Crossword Puzzle

Type
Crossword
Description

A client software program that runs against a Web server or other Internet server and enables a user to navigate the World Wide Web (WWW) to access and display data. Browser
A part of a computer system or network that is designed to block unauthorized access while permitting outward communication. Firewall
The combination of typeface and other qualities, such as size, pitch, and spacing. Font
A word or group of words that act as a way to cross reference to other documents or files on the computer. Link
A device that feeds data into a computer, such as a keyboard or mouse. Input
Any computer-generated information displayed on screen, printed on paper or in machine readable form, such as disk and tape. Output
Usually comprises the display device, circuitry, casing, and power supply. Monitor
Sending an email, posting photos on a social media site and using your webcam. Upload
An error, flaw, failure, or fault in a computer program or system that causes it to produce an incorrect or unexpected result or to behave in unintended ways. Bug
Usually consists of eight bits. Byte
The exclusive right, as recognized separately in each country, to publish and sell literary, artistic, or musical materials. Copyright
copy (data) from one computer system to another, typically over the Internet. Download
The collection of physical parts of a computer system. Hardware
A software system that links topics on the screen to related information and graphics, which are typically accessed by a point-and-click method. Hypertext
A measure of the amount of computational work that a computer system performs. Load

Quartz Security: Crossword puzzle for National Cyber Security Awareness Month 2017

Type
Crossword
Description

a list of entities that are blocked or denied access/privilege BLACKLIST
the unauthorized access and disclosure of sensitive information released outside of an unauthorized organization DATA BREACH
specialized techniques for gathering, retaining and analyzing data as evidence for investigations FORENSICS
an act of pretending to be from a reputable organization to deceive individuals into providing sensitive information PHISHING
a list of organizations that are considered trustworthy or allowed access/privilege WHITELIST
ensuring information with sensitive data remain hidden, inaccessible to unauthorized users. DATA PRIVACY
a type of malware that requires some type of payment to either remove the malware by the hacker, or retrieve files that have been encrypted by the hacker. RANSOMWARE
a type of digital currency Bitcoin
The practice and process designed to help protect one or an organizations networks, computers, programs and data from unauthorized access. cybersecurity
Medical history information, laboratory results, insurance information and other healthcare data an entity collects to identify an individual Personal health Information
The name of the leader who you would report security incidents to Charlie Pierce
The name of the leader who you would report privacy incidents to Kelly Skifton
The name of our Chief Information Officer who oversees the IT Infrastructures at Quartz Marybeth Bay
Duo-Security is considered what type of authentication when logging in remotely? Multifactor
Name of the form used to submit requests for: Hardware/Software, Security, Telecom or Facilities (Badging only) IT Request Form
To report a compliance incident, who do you contact? compliancehotline
Quartz policy and procedure S014 outlines what type of policy? ACCEPTABLE USE
The process of taking an unencrypted message or data and applying a mathematical function to it, to produce an encrypted message ENCRYPTION
What process do you need to go through for approval before files can be exchanged externally? externaldatareview
You are required to wear this item at all times while on Company premises badge
When a person tags along with another person who is authorized to gain entry pass a certain checkpoint piggyback

OPSEC is not Puzzling Crossword

Type
Crossword
Description

What you should do to your anti-virus software on a regular basis UPDATE
What you should do to all papers with PII or other sensitive information SHRED
Where you should keep your badge when off-site Outofsite
An adversary is considered a _________ THREAT
"Computer1234" would be a bad example of this PASSWORD
Actions that mitigate a threat COUNTERMEASURES
An option to protect your credit FREEZE
What potential harm from poor OPSEC is called RISK
What you must do to emails containing Critical Information ENCRYPT
What a weakness in our practices or defenses is called VULNERABILITY
The type of information that OPSEC protects CRITICALINFORMATION
The number of steps in the OPSEC process FIVE
The Freedom of Information Act is for what type of information FOUO
It is very important to use privacy settings on _______________ SOCIAL MEDIA
What you should remove each time you walk away from your NMCI computer CAC
What you cannot take with your smartphone or camera anywhere onsite PICTURES
What you should practice whenever you discuss your work with anyone NEED TO KNOW
OPSEC is a _______ effort TEAM
What is the abbreviation of the list that shows the commands Critical Information CIL
The kind of email account you can't use to conduct Government business PERSONAL

Cyber Security Crossword

Type
Crossword
Description

process of confirming the correctness of the claimed identity authentication
approval, permission, or empowerment for someone or something to do something authorization
cryptanalysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one brute force
encrypted form of the message being sent ciphertext
stripping one llayer's headers and passing the rest of the packet up to next higher layer decapsulation
TCP/IP protocol specifying the transfer of text or binary files across the network File Transfer Protocol
pseudo IP address that always refer back to the local host and never sent out to a network (127.0.0.1) loopback address
software appearing to perform a useful function but actually tricks a user into executing malicious logic (e.g. Trojan horse) malicious code
prove that a user sent a message and the message has not been altered non repudiation
sequence of eight bits octet
e-mails that appear to originate from a trusted source to trick a user into entering valid credentials on a fake website phishing
gaining unauthorized logical access to sensitive data by circumventing a system's protections penetration
type of input validation attack where SQL code is inserted into application queries to manipulate the database SQL injection
basic communication language or "protocol" of the Internet TCP/IP
hidden, self-replicating section of computer software that inserts itself and becomes part of the another program virus

CyberSecurity Awareness 2019 Crossword

Type
Crossword
Description

what is the part of the Internet that is not visible to regular users and is a vast network of websites & portals that are not categorized by search engines. DARK WEB
This happens when artificially created bogus clicks are used to manipulate Pay-Per-Click (PPC) advertising. The idea behind this practice is to increase the number of payable clicks, in order to generate revenue to advertisers. Cybercrooks use Botnet to create these types of scams. CLICKFRAUD
The act of falsifying the identity of the source of a communication or interaction. It is possible to spoof IP address, MAC address and email address. SPOOFING
A form of unwanted or unsolicited messages or communications typically received via e-mail but also occurring through text messaging, social networks or VoIP. SPAM
A means of isolating applications, code or entire operating systems in order to perform testing or evaluation. The sandbox limits the actions and resources available to the constrained item. SANDBOXING
Any means by which the keystrokes of a victim are recorded as they are typed into the physical keyboard. It can be a software solution or a hardware device used to capture anything that is typed on a keyboard KEYLOGGER
A trap or decoy used to distract attackers in order to prevent them from attacking actual production systems. It is a false system that is configured to look and function as a production system. HONEYPOT
The efforts to design, implement, and maintain security for an organization's network, which is connected to the Internet. It is a combination of logical/technical-, physical- and personnel-focused countermeasures, safeguards and security controls. CYBERSECURITY
Any attempt to violate the security perimeter of a logical environment it can focus on gathering information, damaging business processes, exploiting flaws, monitoring targets, interrupting business tasks, extracting value, causing damage to logical or physical assets or using system resources to support attacks against other targets. CYBERATTACK
A malicious technique by which a victim is tricked into clicking on a URL, button or other screen object other than that intended by or perceived by the user. CLICKJACKING
Malware that passes information about a computer user’s activities to an external party. SPYWARE
Method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by sending an email that looks as though it has been sent by a legitimate organization PHISHING
An acronym that stands for distributed denial of service – a form of cyber attack. This attack aims to make a service such as a website unusable by “flooding” it with malicious traffic or data from multiple sources (often botnets). DDOS
A form of malware that deliberately prevents you from accessing files on your computer – holding your data hostage. It will typically encrypt files and request that a ransom be paid in order to have them decrypted or recovered. RANSOMWARE
The moment a hacker successfully exploits a vulnerability in a computer or device, and gains access to its files and network. BREACH
A malicious application or script that can be used to take advantage of a computer’s vulnerability. EXPLOIT
the process of transforming information to make it unreadable to anyone who doesn’t have the password needed to decode it. ENCRYPTION
a contraction of “malicious software,” malware is a general term used to describe software that infiltrates or damages a computer. MALWARE
malware that appears to perform a benign or useful action but in fact performs a malicious action, such as transmitting a computer virus. TROJAN
A Internet address on the World Wide Web. It usually begins with http:// followed by the rest of the name of the resource. It is the common name for a site’s web page. URL
a computer that has been compromised, often by a botnet, so that an unauthorized person has complete control to use the computer to perform malicious tasks. ZOMBIE
Senior officers of the university responsible for determining how data in their area should be handled DATASTEWARDS
the process of identifying a piece of information, the veracity of information provided. In computers, it is the process of identifying a person or system with the username; password AUTHENTICATION
Skimming is a method used by identity thieves to capture information from a cardholder. Several approaches can be used by fraudsters to procure card information with the most advanced approach involving a small device place at ATMs and other point of sale locations such as a gas station. SKIMMING
A process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value') that represents the data. HASHING
An individual who breaches Web sites or secured communications systems to deliver political messages, including those related to foreign policy, or propaganda HACKTIVIST
‐ The act of sending an e‐mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e‐mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information PHARMING
a secret phrase that helps protect accounts, files, folders, and other confidential information PASSPHRASE
What is a trojan that stays dormant on a computer until it is remotely activated by another user. RAT
A term used to describe any fraudulent business or scheme that takes money or other goods from an unsuspecting person. SCAM
What is a fraudulent action similar to phishing, using SMS (text) messages rather than e-mail messages to send bait messages to people. SMISHING
A small text file placed on your computer when you visit a website, that allows the website to keep track of your visit details and store your preferences. COOKIE
acquisition and use of a person's private identifying information IDENTITY THEFT

IT&S Cyber Security Crossword Puzzle

Type
Crossword
Description

A software that is designed and destroy computer viruses Antivirus
Do not leave your laptop or computer ___________________ Unattended
A ___________ is a hardware of a software that helps keep hackers from using your computer and it watches for outside attempts to access your system and blocks communication that you don't permit Firewall
Email scam or attempt to trick you into giving your password or personal information Phishing
The state of being free from danger and threat Security
A ___________ is often an email that gets mailed in chain letter fashion describing some devasting. highly unlikely type of virus. HOAX
Choose a password that is easy for you _______________ but hard for you someone to guess. Remember
Also known as malicious software any; any program or file that is harmful to a computer user Malware
Passwords should should always be at least this many characters long. Eight
A _______ assessment is the process by which risks are identified and the impact of those risks determined Risk
Applied to data to protect it from unauthorized use in case of theft or loss. Encryption
Always _______your computer when you leave your desk Lock
To protect personal information, avoid sending it via Email
_________________ is a software that gathers computer user information and transmits it to the creator of the software without the explicit knowledge or informed consent of the user SPYWARE
A collection of information that is organized so that it can easily be accessed, managed and updated Database
Never share your _________ with another person Password

HIPAA Crossword

Type
Crossword
Description

What act was passed in congress to protect individual's medical records and other personal health information HIPAA
Who is one person you can report a suspected breach to? SUPERVISOR
Is it ok, to discuss health information with an individual in an open area? NO
How should you send an email to outside recipients that contain protected health information? ENCRYPT
What HIPAA rule protects individual rights? PRIVACY
What is the acronym that identifies individual's information (ie: name, birthdate, address, etc.)? PHI
What is HIPAA's minimum training requirement for employees? ANNUALLY
Acronym for a document you receive from the physician office, which explains how they may use and share your health information NPP
What should you never share with another individual that is used to access systems? PASSWORD
How many days do you have to send a breach notification letter to individual(s), whose information was compromised? SIXTY