Which one of the following statements about inline CASB is incorrect?

What type of credential is commonly used to restrict access to an API?

Ben sets up a system that acts like a vulnerable host in order to observe attacker behavior. What type of system has he set up?

James is concerned that network traffic from his datacenter has increased and that it may be caused by a compromise that his security tools have not identified. What SIEM analysis capability could he use to look at the traffic over time sent by his datacenter systems?

Kevin recently identified a new security vulnerability and computed its CVSS base score as 6.5. Which risk category would this vulnerability fall into?

Which one of the following is not an example of a vulnerability scanning tool?

Under the shared responsibility model, which component always remains the responsibility of the customer, regardless of the cloud service model used?

Cameron builds a malware signature using a hash of the binary that he found on an infected system. What problem is he likely to encounter with modern malware when he tries to match hashes with other infected systems?

Jessica is reading reports from vulnerability scans run by different parts of her organization using different products. She is responsible for assigning remediation resources and is having difficulty prioritizing issues from different sources. What SCAP component can help Jessica with this task?

Which one of the following activities is not part of the vulnerability management life cycle?