Here is a summary of the questions and answers:
- Question 1: One out of approximately 800 devices on the Internet is vulnerable to what type of attack method?
- Answer: "BNAT - Broken Network Address Translation" and was part of the "Walking Through Firewalls" section (pages 51-54) in the Trustwave 2012 Global Security Report.
- Question 2: Which industry ranked third in total number of breaches investigated by Trustwave SpiderLabs in 2011?
- Answer: "Hospitality" and was part of the "2011 Incident Response Investigations" section (pages 3-20) in the Trustwave 2012 Global Security Report.
- Question 3: What was the 7th most popular password found during a Business Password Analysis of over 2M hashes by Trustwave SpiderLabs?
- Answer: "123456" and was part of the "Business Password Analysis" section (pages 35-40) in the Trustwave 2012 Global Security Report.
- Question 4: What was the top "origin" of attack as seen through Trustwave SpiderLabs investigations in 2011?
- Answer: "Unknown" or "Unknown Origin" and was part of the "International Perspectives" section (pages 10-16) in the Trustwave 2012 Global Security Report.
- Question 5: (Jeopardy Style) This data aggregation attack technique obtains data while it is being processed or access by a system or application.
- Answer: "What is In-transit or In-transit Attacks?" and was introduced on page 9 and in more detail as part of the "Malware Statistics" section (pages 17-18) in the Trustwave 2012 Global Security Report.
- Question 6: What are the two main motivations for web-based attacks as seen in 2011 by Trustwave SpiderLabs?
- Answer: "Hacking for Profit and Ideological Hacking" and discussed in the "The Web" section (pages 29-33) in the Trustwave 2012 Global Security Report.
- Question 7: One in how many organizations use insecure remote access solutions as seen through vulnerability scans performed by Trustwave?
- Answer: "One in Five" or "22%" and discussed in the "The Network - Legacy Issues Still At Large" section (pages 22-26) in the Trustwave 2012 Global Security Report.
We also kept track of all the correct answers throughout the contest and randomly selected one grand prize winner. The grand prize is a trip to Las Vegas for Black Hat USA and DEF CON 20. It includes airfare, hotel, conference passes, and a VIP invite to the famous "Spiders are FUN!" party.
