text,label
An employee clicks a phishing email pretending to be HR,High Risk
A developer pushes API keys to a public GitHub repository,High Risk
Firewall rules are reviewed and tightened quarterly,Low Risk
An unknown USB drive is plugged into an office computer,High Risk
Multi-factor authentication is enabled for all admin accounts,Low Risk
A server is running an outdated operating system,Medium Risk
An employee reports a suspicious email to IT immediately,Low Risk
Database backups are stored without encryption,High Risk
Antivirus definitions are updated daily,Low Risk
An open port is detected during a routine security scan,Medium Risk
Employees reuse the same password across multiple systems,High Risk
Security awareness training is conducted every six months,Low Risk
A company laptop is lost without disk encryption enabled,High Risk
Access logs are reviewed only after an incident occurs,Medium Risk
Critical systems are isolated using network segmentation,Low Risk
An intern is given admin access without approval,High Risk
Patch management is delayed due to operational workload,Medium Risk
A public Wi-Fi network is used without a VPN for work tasks,High Risk
Security alerts are ignored due to alert fatigue,Medium Risk
Sensitive files are shared through unsecured messaging apps,High Risk
An organization enforces least-privilege access policies,Low Risk
Default credentials are left unchanged on network devices,High Risk
A web application lacks input validation,Medium Risk
Intrusion detection systems are actively monitored,Low Risk
Employees disable antivirus to improve performance,High Risk
Incident response plans are documented but not tested,Medium Risk
Password managers are recommended and enforced,Low Risk
Third-party vendors are not security-audited,Medium Risk
Logs are centrally collected and correlated,Low Risk
A critical vulnerability is publicly disclosed but not patched,High Risk
Developers follow secure coding guidelines,Low Risk
Remote access is allowed without MFA,High Risk
Security patches are applied after testing,Low Risk
Unauthorized software is installed on workstations,Medium Risk
Privileged access is time-bound and monitored,Low Risk
A cloud storage bucket is publicly accessible,High Risk
Employees share credentials to meet deadlines,High Risk
Regular penetration testing is conducted,Low Risk
Alerts are generated but not reviewed daily,Medium Risk
An email gateway blocks known malicious domains,Low Risk