A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have the following requirements:
Requirement 1 C Ensure their server infrastructure operating systems are at their latest patch levels
Requirement 2 C Test the behavior between the application and database
Requirement 3 C Ensure that customer data can not be exfiltrated
Which of the following is the BEST solution to meet the above requirements?
A . Penetration test, perform social engineering and run a vulnerability scanner
B . Perform dynamic code analysis, penetration test and run a vulnerability scanner
C . Conduct network analysis, dynamic code analysis, and static code analysis
D . Run a protocol analyzer perform static code analysis and vulnerability assessment
Answer: B
Leave a Reply