Question 1

What is Multi-Factor Authentication (MFA)?

Accepted Answer

Multi-Factor Authentication (MFA or 2FA) is an extra layer of security that requires two or more verification methods to access an account. Typically combines something you know (password) with something you have (phone app code) or something you are (fingerprint). Even if someone steals your password, they can't access your account without the second factor.

Question 2

What is Phishing?

Accepted Answer

Phishing refers to fraudulent emails, texts, or messages designed to trick you into revealing sensitive information or clicking malicious links. Often impersonate trusted organizations or people. Red flags include urgent language, suspicious links, requests for passwords or financial info, and slight misspellings in sender addresses.

Question 3

What is a Password Manager?

Accepted Answer

A password manager is software that securely stores and generates strong, unique passwords for all your accounts. You only need to remember one master password. Popular options include 1Password, Bitwarden, Dashlane, and LastPass.

Question 4

What is a VPN (Virtual Private Network)?

Accepted Answer

A VPN creates an encrypted tunnel for your internet traffic, protecting your data from interception. Essential when using public Wi-Fi networks at airports, hotels, cafes, or for protecting browsing privacy.

Question 5

What is End-to-End Encryption (E2EE)?

Accepted Answer

End-to-End Encryption is a communication method where only the sender and recipient can read messages. Not even the service provider can access the content. Apps with E2EE include Signal, WhatsApp, and iMessage (between Apple devices).

Question 6

What is Ransomware?

Accepted Answer

Ransomware is malicious software that encrypts your files and demands payment for their release. Often spread through phishing emails or software vulnerabilities. Protection includes regular backups, updated software, email vigilance, and never paying the ransom.

Question 7

What is Social Engineering?

Accepted Answer

Social engineering refers to psychological manipulation techniques used by attackers to trick people into divulging confidential information or performing actions that compromise security. Examples include phishing emails, phone scams, pretexting, and impersonation.

Question 8

What is a Data Breach?

Accepted Answer

A data breach is unauthorized access to confidential data, often resulting in the exposure of personal information like passwords, credit card numbers, or social security numbers. If affected, change passwords immediately, enable MFA, and monitor credit reports.

Question 9

What is a Zero-Day Vulnerability?

Accepted Answer

A zero-day vulnerability is a previously unknown security flaw in software that attackers can exploit before developers have a chance to create a fix (patch). Protection includes keeping software updated, using security software, and being cautious with new apps.

Question 10

What is the 3-2-1 Backup Rule?

Accepted Answer

The 3-2-1 backup rule means keeping 3 copies of data, on 2 different types of media, with 1 copy stored off-site (cloud or external drive at another location). Essential for recovering from ransomware, hardware failure, or accidental deletion.

Cybersecurity Resources

🎯 Quick Security Wins

📚 Cybersecurity Glossary

Multi-Factor Authentication (MFA / 2FA)

Phishing

Password Manager

VPN (Virtual Private Network)

End-to-End Encryption (E2EE)

Ransomware

Social Engineering

Data Breach

Zero-Day Vulnerability

Backup (3-2-1 Rule)

🔗 Trusted External Resources

CISA (Cybersecurity & Infrastructure Security Agency)

Federal Trade Commission (FTC)

Have I Been Pwned

National Cyber Security Centre (NCSC UK)

Put Your Knowledge Into Action