CAM 2021 VSH Week 3

Posted by Dan Boyd Posted on October 18, 2021

You made it! Welcome to week 3 of the CAM 2021 Virtual Scavenger Hunt!

You are halfway there! Keep hunting (and learning)!

    OK, here are the questions for week 3 of the 2021 CAM Virtual Scavenger Hunt!

    The Cybersecurity News and Alerts Site has a Quick Info page about good password guidelines. One of the bullet points on this page explains that good passwords are long. According to that bullet point, how long is a good password?

    The website https://haveibeenpwned.com is an excellent resource for checking whether your email account may have been compromised as part of a data breach. The resource is entirely free and allows users to quickly assess whether they may have been put at risk due to any online account breaches. One of the recently added "breaches" is the LinkedIn Scraped Data incident. While this was technically not a breach, as all of the data was publicly available on LinkedIn, just not in aggregate form, there were still millions of account affected. How many million accounts were affected? Please round to the nearest million. For example, if the number was 178,767,232 accounts, your answer would be 179, as you would round UP the millions place in the number due to standard rounding conventions. Answer with just the number.

    The Have I Been Pwned website you visited in the last question has a page called "Pwned Password". The Pwned Passwords archive is a collection of exposed passwords that organizations can use to make sure none of their users are using exposed passwords. The passwords are NOT in clear text, but hashed in multiple formats. There are multiple versions of the password collection, which is, at its smallest, 8.5 gigabytes in size. Hosting files of this size can be expensive, but the HaveIBeenPwned site was assisted by a leading Internet company in distributing these files. How many files are there and what company is helping distribute these files?

    Phishing is the number one way attackers penetrate into organizations, so being able to spot them is something everyone should learn how to do. The Cybersecurity News and Alerts site has a Quick Info page on spotting phishing emails. How many red flags are listed on the page?

    Featured Image: Photo by Chase Clark on Unsplash

    (Visited 28 times, 1 visits today)