Zero Trust Zone
What is the core principle of Zero Trust?
Never trust, always verify
How can AI help cybersecurity?
Detect threats and anomalies
What is the first step in incident response?
Identify and assess the incident
What does GDPR protect?
Personal data of EU citizens
True or False: Antivirus software is sufficient protection if you avoid suspicious websites.
False — Threats can come from legitimate sites, email attachments, and software vulnerabilities.
What does Zero Trust require for access?
Continuous authentication and authorization
What is a risk of using AI in security?
Answers may include bias or false positives and data privacy concerns
What is containment in incident response?
Limiting the spread of the threat
What is HIPAA related to?
Healthcare data privacy
True or False: Cybersecurity awareness training is only necessary for employees who handle sensitive data.
False — All employees can be targets or vectors for cyber threats.
What is microsegmentation?
Dividing networks to limit access
What is machine learning?
Training systems to recognize patterns
What is the purpose of an incident report?
Answers may include limiting impact to organizational systems, and documenting actions and findings
What is a compliance audit?
Review of adherence to regulations
True or False: Strong passwords should be changed monthly to stay secure.
False — Passwords should be changed when compromised or as part of a policy, not arbitrarily.
What is a benefit of Zero Trust?
Reduced risk of lateral movement
What is a use of AI in phishing detection?
Analyzing email content and behavior
What is recovery in incident response?
Restoring systems and data
What is a data breach?
Unauthorized access to sensitive data
True or False: Cybersecurity strategies should include people, processes, and technology.
True — A holistic approach is essential for effective security.
What is a common approach to Zero Trust?
Identity and access management (IAM)
What is a challenge with AI in cybersecurity?
Answers may include data quality, model accuracy, and data privacy
What is a post-incident review?
Analyzing response to improve future actions
What is the role of a compliance officer?
Answers may include ensure regulatory adherence, manage compliance assessments, manage documentation of the control environment
True or False: Phishing attacks can occur through email, SMS, phone calls, and social media.
True — Phishing is multi-channel and increasingly sophisticated.