cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

THWACK Monthly Mission - February 2020

Community Manager
_THWACK rotator – 900x300 no CTA.png

Did you make a New Year’s resolution in January? Are you still sticking to it? If you are—bravo! We salute you, resolution-keeper. For those of you who are feeling your resolutions fade as February dawns, we hear you. January was such a simpler time. But take heed. Don’t let your security resolutions follow in your clean-eating footsteps. Keep up with your cybercise routine.

Using Security Event Manager, Patch Manager, Identity Monitor, Network Configuration Manager, Server Configuration Manager, and Access Rights Manager, you too can join the ranks of the resolution-keepers while simultaneously protecting and securing your environment. Cybercise—the craze sweeping the nation—don’t miss out on your opportunity to live your best life in 2020.

Start your mission.



FEBRUARY MISSION

Use the mission’s resources to complete the tasks and answer the questions for a chance to win!

Correctly answer each question during the week and you'll be entered for a chance to win the weekly prize.

Correctly answer all 10 questions over the course of the month and you'll be entered for a chance to win the grand prize.

150 points are being awarded for each correctly answered question. There are 10 questions, which means you can earn a maximum of 1,500 points for this mission.

Want to join the mission, but not a member? Sign up FREE now!

PRIZES

Weekly Prizes & Drawing Dates:
February 10, 2020:  18oz Hydro Flask

February 17, 2020:  Rice Cooker and Food Steamer


Grand Prize:
February 17, 2020:  6 Month Subscription Medium Urthbox



MISSION RULES

A new question will open every day (Monday - Friday) starting on February 3, 2020. Once a question has opened, it will remain open until February 16, 2020 at 11:59 p.m. CT. Check the schedule below for exact open/close times.



MISSION SHORTCUT

Complete the mission shortcut between February 3, 2020 and February 16, 2020 to be entered to win Apple Airpods!

SolarWinds Access Rights Manager (ARM) enables IT and security admins to centrally provision, deprovision, manage, and audit user access rights to systems, data, and files while protecting their organizations from security breaches and complying with regulatory requirements

Shortcut Steps:

    1. Download a free trial of ARM

    2. Follow the steps here to install ARM

    3. Submit a screenshot of the rich client start page

DOWNLOAD FREE TRIAL  SUBMIT SCREENSHOT

WEEKLY PRIZESMONTUEWEDTHUFRIWINNERS
Week 1: Complete questions 1-5 by February 10, 2020 to be entered to win: 18oz Hydro Flask
Week 2: Complete questions 6-10 by February 17, 2020 to be entered to win: Rice Cooker and Food Steamer

Correctly answer all 10 questions by February 16, 2020 and get entered to win the Grand Prize! 6 Month Subscription Medium Urthbox



February Mission Terms & Conditions: US, UK, and Canada | Germany | Australia

February Mission Shortcut Terms & Conditions: US, UK, and Canada | Germany | Australia

98 Comments
Level 12

I wonder how many people now have the password of "correcthorsebatterystaple?"

Level 10

This password generator was based on that comic, and we use it on a regular basis: Correct Horse Battery Staple | Generate Secure Memorable Passwords

Level 14

I agree with you.  Weak passwords are only weak if the bad actor is allowed to brute force the password.  If the accounbt gets locked out after three bad attempts it will take forever to break a 5 character password.  The weakest link is users writing down complex passwords because they can't remember them.  Having this arguement at work at present as they want to go from a minimum of 8 to a min of 16 (both must have upper, lower, number and special character).  Pointless exercise and will make security weaker.  Users will just write their password down on a post-it stick to their laptop.  We already have MFA for IP addresses external to our offices and for Admins anywhere.   

Level 10

What a hoot!

Level 10

Came to say MFA all the way. That is your best defense.

MVP
MVP

Probably just bad wording...or my interpretation.

I agree that weak passwords are more easily guessed/brute force hacked.

Of course the dictionary attack when a known hash to password  relationships exists. 

In some breaches the full text of the password is exposed so regardless of how strong or weak it is being in plain text totally nullifies password strength.

The product highlighted in todays question bears that out.

Level 14

Ugh - I could've sworn I got today's answer correct, but there's the dreaded red X.

Level 9

Same, I wish we could see the question yet or know which one was wrong. I found them word for word, i didn't think i would be wrong on this one.

Level 14

Right!  I took my time on them and looked for variations of each possible answer to make sure. 

Level 11

Is it just me or are the answers NOT EVEN CLOSE today? The wording is obtuse and while I believe remotely shutting down a port is equivalent to turning off a compromised port, I'm loathed to check it because I've been burned on "technically correct but not what we asked for" way too many times.

Level 13

knucklebusted

If you drill into the features list you may find what you are looking for with ports.

EDIT: I got a green check mark using the information on the hint link.

Level 10

100% agree.

Plus since today's answers had squares instead of circles, I couldn't tell if there was more than one answer, and it looked likes there are - but I still got it wrong.  The question did not say to "click all that apply" or "choose more than one" - but the squares seem to indicate you should.

Just the same - I thought I chose correctly - especially based on the key features, but nope - not even close to the answer in reply.  And to check it - I screenshot what it told me and went back and looked at the website and STILL could not see how the answers were derived.

Level 10

I went through all the points carefully, drilling down into each one and checking off the answers as I went along. I double checked everything, and I learned a lot going through everything UDT does. I got a green check mark for my efforts.

Level 9

Same problem here. I read the whole thing carefully and was sure I answered correctly. No idea what I got wrong. The answer given seems to agree with what I said, not contradict it.

MVP
MVP

You needed to scroll down and look at the details of the key features (clicking on each one).

Level 12

I did the same. With so much information on the page it was tedious. I got the points but I'm wondering if it was worth my time.

Level 12

I guess I am the only one, but I cant get to the hint.  I'm on a DoD network.  Anyone else having issues on DoD network?

Level 10

wish we could rate the questions, this was an odd one for sure....

Level 12

I got the question wrong,  I thought I was right before I click submit.  I must of missed something.

I thought when you click on the red X it showed you what you selected so you can figure out where/how you are wrong?

Would someone mind posting the question before you answer so I can figure out where I was wrong?

Level 12

Here you go

answeroptions.JPG

Level 10

Sorry, I am on a DoD network, and I cannot tell you if I have access because of your clearance level.

Level 13

My mini-review of UDT:

I had an extended trial of UDT at my work. I really liked it. With it, I was able to show our info-sec group how to find a device (ie which switch and port the device is connected to) from just a MAC address or and IP address. I could further show them who recently logged into the device using AD. I however never got in to the topic of whitelisting/watchlists or alerts. But sure enough, in the default Device Tracker Summary screen, there is an option for "Manage Watch Lists". Unfortunately, we didn't budget for this product so, we didn't end up buying it. I still need to remove it from my Solarwinds Campus. This screenshot of the "Getting Started" app, and one of the "Port Details" screen, may be of some use.

pastedImage_0.pngpastedImage_1.png

Be aware UDT is not a NAC solution, just does a great job of tracking what is there.

And a hint for anyone who has firewall protected segments of their firewalls, if you want UDT to be able to resolve the devices behind the firewalls, you will need to enable the following features for the Firewall under Node Properties (depending on the firewall type being supported by UDT):
UDT Node Properties: Poll Layer 2 data, Poll Layer 3 data
CLI Polling Setting: Enable CLI Polling


Level 9

Same here. I read through the hint page four times, clicking every single key feature and did not see word for word 2 of the possible answers anywhere on that hint page. So I got it wrong. I even searched the page for some of the words in the 2 answers I couldn't find and those words were nowhere on that page.

MVP
MVP

I did exactly the same and I got it right. All the info was in the hint page but you did need to click around to see extra info. Just using control-F would not cut it for this question.

Level 12

The answers are there, but you definitely need to drill down in the Features list as the answers are not going to jump out at you this time

Level 9

Today 13 Feb. I couldn't answer question because it would only allow one selection. Oh well I got the question for 12 Feb.wrong so I wasn't in contention anyways

Level 14

Maybe there was only one correct answer.

Level 11

I've just started guessing. I don't have 30 minutes every morning to "have fun" with this.

Level 8

Today's question is super easy. It really takes a minute or two to find an answer.

Level 8

One selection is all you need to answer it right.

Level 11

I know that some of these questions require a bit of reading, but most are not that involved.  I spent 5 minutes today opening each key feature sub-menu to match the answers.

Level 9

According to this whitepaper on simplifying HIPAA compliance, which of the follow controls are critical to understand and implement to help maintain compliance?

Hint: You will find the answer in under step 3 in this whitepaper.

  1. Automated logging and monitoring
  2. At-rest and in-transit encryption
  3. Identity access management
  4. Reliable and accessible backups
  5. All the above

There is only one answer to select.

MVP
MVP

That question was super easy!

MVP
MVP

the last monthly mission on this platform!

Can't wait to see what the new one looks like

Level 12

So happy to go out on the very last mission with a clean board.

I was worried for a while there.

Bittersweet.

pastedImage_0.png

Level 11

Bacon is ALWAYS the correct answer

Level 11

there's the "ID-10-t" error and the "carbon interface layer" reference

Level 10

Maybe this website isn't for you?

Level 10

Did you miss "All of the above"?

Level 10

So what do we do for the rest of the month?

Level 9

PICNIC is one of my favourites, along with a Layer 8 problem..

Level 9

Are the points supposed to come through straight away? I haven't received any.

Level 12

foosball?

Level 12

My workplace doesn't have a foosball table and your workplace appears to already have a Solarwinds tech. Bummer for me.

Level 7

Yes.  I haven't had any points added since November (I missed the deadline for the short December mission)

Level 13

Congrats to all the winners!

Level 10

Another interesting mission. Congratulations to all the winners. Please keep the Missions coming...

Level 9

Guy just became a User. Sad day indeed.