Zero Trust Zone
AI & Cybersecurity
Incident Response IQ
Regulations & Compliance
Cybersecurity Myths
100

What is the core principle of Zero Trust?

Never trust, always verify

100

How can AI help cybersecurity?

Detect threats and anomalies

100

What is the first step in incident response?

Identify and assess the incident

100

What does GDPR protect?

Personal data of EU citizens

100

True or False: Antivirus software is sufficient protection if you avoid suspicious websites.

False — Threats can come from legitimate sites, email attachments, and software vulnerabilities.

200

What does Zero Trust require for access?

Continuous authentication and authorization

200

What is a risk of using AI in security?

Answers may include bias or false positives and data privacy concerns

200

What is containment in incident response?

Limiting the spread of the threat

200

What is HIPAA related to?

Healthcare data privacy

200

True or False: Cybersecurity awareness training is most effective when tailored only to technical roles, since they are more likely to encounter cyber threats.

False. While technical roles may face specific threats, cyber risks like phishing, credential theft, and social engineering often target non-technical staff. Effective training should be role-aware but inclusive, ensuring everyone understands how their actions impact organizational security.

300

What is microsegmentation?

Dividing networks to limit access

300

What is machine learning?

Training systems to recognize patterns

300

What is the purpose of an incident report?

Answers may include limiting impact to organizational systems, and documenting actions and findings

300

What is a compliance audit?

Review of adherence to regulations

300

True or False: Strong passwords should be changed monthly to stay secure.

False — Passwords should be changed when compromised or as part of a policy, not arbitrarily.

400

What is a benefit of Zero Trust?

Reduced risk of lateral movement

400

What is a use of AI in phishing detection?

Analyzing email content and behavior

400

What is recovery in incident response?

Restoring systems and data

400

What is a data breach?

Unauthorized access to sensitive data

400

True or False: Cybersecurity strategies should include people, processes, and technology.

True — A holistic approach is essential for effective security.

500

What is a common approach to Zero Trust?

Answers may include: 

  • Least privilege access
  • Continuous authentication
  • Microsegmentation
  • Identity and access management (IAM)
  • Device posture checks
  • No implicit trust, verify everything
  • Network segmentation
500

What is a challenge with AI in cybersecurity?

Answers may include:

  • Susceptibility to social engineering data manipulation
  • Bias in training data
  • Difficulty detecting novel or zero-day threats
  • Adversarial attacks against AI models
  • Lack of transparency in decision-making (black box models)
  • Resource-intensive implementation
  • Limited contextual understanding of human behavior
  • Over-reliance on automated systems without human oversight
500

What is a post-incident review?

Analyzing response to improve future actions

500

What is the role of a compliance officer?

Answers may include ensure regulatory adherence, manage compliance assessments, manage documentation of the control environment

500

True or False: Phishing attacks can occur through email, SMS, phone calls, and social media.

True — Phishing is multi-channel and increasingly sophisticated.

M
e
n
u