A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance
manufacturer claims the new device is hardened against all known attacks and several undisclosed zero day exploits. The code base used for the device is a combination of compiled C
and TC/TKL scripts. Which of the following methods should the security research use to
enumerate the ports and protocols in use by the appliance?
A.
Device fingerprinting
B.
Switchport analyzer
C.
Grey box testing
D.
Penetration testing