It kind of feels like one of those corporate cybersecurity online training classes. "Should a password contain English words?" "How often should you reset your password?" "Does phishing come from a weird email, or should you ignore that because they're spoofing the email anyway?"

Crap, what year was this training written in? The correct answers keep changing, and it will talk to me like an idiot if I guess wrong.