Free OffSec SEC-100 Exam Questions

Become OffSec Certified with updated SEC-100 exam questions and correct answers

Page: 1 / 120

Total 600 Questions | Updated On: Oct 28, 2025

Add To Cart

Question 1

What is "Cloud Exploitation" in the context of offensive cloud security?

A : The encryption of data stored in cloud environments

B : The monitoring and logging of cloud resource usage

C : The use of cloud services to deploy and manage security defenses

D : The act of exploiting vulnerabilities or misconfigurations in cloud infrastructure for unauthorized access or control

Answer: D

Question 2

What is the benefit of implementing a Security Information and Event Management (SIEM) system?

A : To provide real-time analysis of security alerts and facilitate proactive defense

B : To perform regular software updates

C : To automatically encrypt data

D : To manage user access permissions

Answer: A

Question 3

What is the purpose of "Risk Mitigation"?

A : To completely eliminate all risks

B : To reduce the impact of identified risks through various controls and measures

C : To ignore risks in favor of focusing on performance

D : To increase the number of vulnerabilities in a system

Answer: B

Question 4

Which cloud security practice involves regularly reviewing and updating security policies and configurations?

A : Security Incident and Event Management (SIEM)

B : Cloud Security Posture Management (CSPM)

C : Cloud Access Security Broker (CASB)

D : Intrusion Detection System (IDS)

Answer: B

Question 5

What is "Spear Phishing"?

A : A phishing technique that uses malware to compromise systems

B : A targeted phishing attack aimed at specific individuals or organizations with personalized messages

C : A phishing attack that uses physical mail to deceive victims

D : A type of phishing attack targeting a broad audience with generic messages

Answer: B

Page: 1 / 120

Total 600 Questions | Updated On: Oct 28, 2025

Add To Cart