FACTORY ESCAPE GAME

cybersecurity ESCAPE GAME

AirLiquide - IMT Business school

• Nawal BAYAR
• Cloe ADEQUAIN
• Kawtar ALLALI
• Sonagnon BANKOLE
• Hamza AIT OMAR

start

THE MISSION

A hacker managed to steal the company's information, and used it for malicious purposes (reselling the data to competitors). The company is at its worst, it faces legal and economic sanctions. After an initial investigation, it was discovered that the flaw came from the discovery of the passwords of one of the employees. You have the opportunity to go back to the past and avoid this disaster. We are counting on you to disable all the 5 attacks, if you manage to disable all of them, you will be able to save the company and its employees from the sanctions.

THE base

Click here to disable the first attack

Mission 1 : Understand the bases of the company's security !

QUESTION 1/3

Yes

My UID is unique and allows me to guarantee my identity in my company

No

QUESTION 2/3

Identity and access management (IAM or IdAM for short) helps to tell who a user is and what they are authorized to do.

What does IAM means ?

Name of internal HR software for managing leave days.

QUESTION 3/3

Name of a famous film.

What is the “Zero trust” strategy ?

Enterprise Network Security Model.

THE base

Click here to disable the second attack

Mission 2 : What does cybersecurity means

QUESTION 1/3

identity / IAM (Idendity and Acces Management) / trust

What are the three main factors of cybersecurity?

Identidy/ IAM/ Lies

IAM/ Trust/ ID card

QUESTION 2/3

90%

What is the percentage of cyber attacks where the human is responsible for?

50%

10%

QUESTION 3/3

50%

What is the increase in cyber attacks per year?

30%

10%

the base

Click here to disable the third attack

Mission 3 : MFA operation

Multiple Factor Authentication (MFA) is a type of authentication that requires the user to provide unique verification factors

QUESTION 1/3

Multiple Factor Authentication (MFA) is a type of encryption which allow to block the cyberattack

A new employee has arrived in the company and does not yet know the MFA according to you what is the best defines of MFA ?

Multiple Factor Authentication (MFA) is a type of cyberattack used by hackers

Multiple Factor Authentication (MFA) is a type of authentication that requires the user to provide multiple verification factors (at least two steps)

QUESTION 2/3

Protect the devices

Simplify user login experience

Which of these propositions does NOT correspond to an advantage of the MFA ?

Reduce the risk of breaches

Adapt to different ways of working

QUESTION 3/3

Mobile phone

Letter

Which of these factors is NOT part of the different types of authentication ?

passwords

Fingerprint

the base

Click here to disable the fourth attack

Mission 4 : User cases for a better understanding of MFA

QUESTION 1/4

I have to enter my login and password at each connection.

I have accumulated a lot of holydays, I must validate my vacations in the HR tool, how can I authenticate myself ?

It's easy, I will be automatically recognized

What's the point of an application, I call my HR to do it !

QUESTION 2/4

His many attempts will go undetected.

We are currently working on a tender, the employee of a competitor has infiltrated us in order to collect very sensitive information.

As a new recruit, he has access to all information concerning our projects.

His status does not allow him to access sensitive information.

QUESTION 3/4

The system would not have recognized an unusual location/login device.

A competitor was hacked following the recovery of his employees' passwords by Russian hackers, what would have happened if the company used an MFA ?

The system would have requested other information to accept the connection.

The system would not have alerted the experts of a connection anomaly.

QUESTION 4/4

Contacting my IT department directly is probably a technical problem.

I want to telecommute but I can't connect to my usual applications, what can I do ?

Connect to the VPN through my authenticator app on my mobile phone.

It's okay, I'll get back to work when I get back to the office

the base

Click here to disable the last attack

Mission 5 : How to be a good user of the company's new system

QUESTION 1/3

I first need to enroll my new device into Intelligent Hub

I tried to log into my email with my new phone but it didn’t work. What should I do?

I shouldn’t have changed my phone, it is now impossible to log in with the new one

I have to call the company’s help desk

QUESTION 2/3

The person can log in since he has the password

My colleague at Air Liquide went to the bathroom but she left her computer password stuck on a post-it, on her computer. A malicious person takes advantage of it and logs into her mailbox. Considering the company just implemented a new authentificator system :

She received a notification so that she can give her approval to log in

The password was a fake one, she just wanted to prank me

QUESTION 3/3

I should pull the train alarm to block the thief

On my way home from work, I was so tired that I fell asleep on the train and when I woke up, I realized my laptop was gone. Someone stole it. What should I do ?

I panic, the thief will have access to all the work related data

I should call my office but I don’t have to worry, thanks to the MFA it is impossible to have access to my data without my knowledge

Mission Complete

You've saved the base

START OVER?

you saved your company and your colleagues from cyberattacks !

Are you sure you want to go out?

You will lose progress

exit

back

MISSION FAILED

You've destroyed the base......

try again