Create data.csv
Browse files
data.csv
ADDED
|
@@ -0,0 +1,41 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
text,label
|
| 2 |
+
An employee clicks a phishing email pretending to be HR,High Risk
|
| 3 |
+
A developer pushes API keys to a public GitHub repository,High Risk
|
| 4 |
+
Firewall rules are reviewed and tightened quarterly,Low Risk
|
| 5 |
+
An unknown USB drive is plugged into an office computer,High Risk
|
| 6 |
+
Multi-factor authentication is enabled for all admin accounts,Low Risk
|
| 7 |
+
A server is running an outdated operating system,Medium Risk
|
| 8 |
+
An employee reports a suspicious email to IT immediately,Low Risk
|
| 9 |
+
Database backups are stored without encryption,High Risk
|
| 10 |
+
Antivirus definitions are updated daily,Low Risk
|
| 11 |
+
An open port is detected during a routine security scan,Medium Risk
|
| 12 |
+
Employees reuse the same password across multiple systems,High Risk
|
| 13 |
+
Security awareness training is conducted every six months,Low Risk
|
| 14 |
+
A company laptop is lost without disk encryption enabled,High Risk
|
| 15 |
+
Access logs are reviewed only after an incident occurs,Medium Risk
|
| 16 |
+
Critical systems are isolated using network segmentation,Low Risk
|
| 17 |
+
An intern is given admin access without approval,High Risk
|
| 18 |
+
Patch management is delayed due to operational workload,Medium Risk
|
| 19 |
+
A public Wi-Fi network is used without a VPN for work tasks,High Risk
|
| 20 |
+
Security alerts are ignored due to alert fatigue,Medium Risk
|
| 21 |
+
Sensitive files are shared through unsecured messaging apps,High Risk
|
| 22 |
+
An organization enforces least-privilege access policies,Low Risk
|
| 23 |
+
Default credentials are left unchanged on network devices,High Risk
|
| 24 |
+
A web application lacks input validation,Medium Risk
|
| 25 |
+
Intrusion detection systems are actively monitored,Low Risk
|
| 26 |
+
Employees disable antivirus to improve performance,High Risk
|
| 27 |
+
Incident response plans are documented but not tested,Medium Risk
|
| 28 |
+
Password managers are recommended and enforced,Low Risk
|
| 29 |
+
Third-party vendors are not security-audited,Medium Risk
|
| 30 |
+
Logs are centrally collected and correlated,Low Risk
|
| 31 |
+
A critical vulnerability is publicly disclosed but not patched,High Risk
|
| 32 |
+
Developers follow secure coding guidelines,Low Risk
|
| 33 |
+
Remote access is allowed without MFA,High Risk
|
| 34 |
+
Security patches are applied after testing,Low Risk
|
| 35 |
+
Unauthorized software is installed on workstations,Medium Risk
|
| 36 |
+
Privileged access is time-bound and monitored,Low Risk
|
| 37 |
+
A cloud storage bucket is publicly accessible,High Risk
|
| 38 |
+
Employees share credentials to meet deadlines,High Risk
|
| 39 |
+
Regular penetration testing is conducted,Low Risk
|
| 40 |
+
Alerts are generated but not reviewed daily,Medium Risk
|
| 41 |
+
An email gateway blocks known malicious domains,Low Risk
|