quizzes: expand all 35 quizzes to 15 questions each

OPS-1 through OPS-10, OS-2, OS-3 went from 5 → 15.
OS-1, OS-4 through OS-11, SEC-1 through SEC-11, TRB-1 through TRB-4 went from 7 → 15.
Questions cover exam-weight scenarios not duplicated from original content.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

quizzes/SEC-1-quiz.md

@@ -56,6 +56,62 @@ B. APFS
 C. SSO  
 D. exFAT  
 
+8. Which access control model assigns permissions based on the user's role in the organization?
+
+A. DAC (Discretionary)  
+B. RBAC (Role-Based)  
+C. TOTP  
+D. DLP  
+
+9. Which physical security control prevents someone from following an authorized person through a secure door?
+
+A. CCTV  
+B. Mantrap or access control vestibule  
+C. Badge color coding  
+D. SSID broadcast  
+
+10. Which type of control aims to fix a vulnerability or issue after it is detected?
+
+A. Preventive  
+B. Detective  
+C. Corrective  
+D. Deterrent  
+
+11. Which authentication factor type is a smartcard?
+
+A. Something you know  
+B. Something you are  
+C. Something you have  
+D. Something you do  
+
+12. A company requires two of the following to log in: PIN, fingerprint, and a phone app. This is an example of:
+
+A. Single-factor authentication  
+B. Multi-factor authentication (MFA)  
+C. Zero-trust bypass  
+D. Just-in-time SSID  
+
+13. Which security control type defines policies and procedures rather than technical tools?
+
+A. Physical  
+B. Technical  
+C. Administrative  
+D. Detective  
+
+14. Which physical control uses a second locked door to trap and verify a person before granting full access?
+
+A. Bollard  
+B. Badge scanner  
+C. Mantrap  
+D. CCTV  
+
+15. A user authenticates with a fingerprint. Which factor type is this?
+
+A. Something you know  
+B. Something you have  
+C. Something you are  
+D. Something you do  
+
 ## Answer Key For Instructor
 
 1. B
@@ -65,4 +121,12 @@ D. exFAT
 5. D
 6. A
 7. C
+8. B
+9. B
+10. C
+11. C
+12. B
+13. C
+14. C
+15. C