An audit at a popular on-line shopping site reveals that a flaw in the website allows customers to
purchase goods at a discounted rate. To improve security the Chief Information Security Officer
(CISO) has requested that the web based shopping cart application undergo testing to validate
user input in both free form text fields and drop down boxes.
Which of the following is the BEST combination of tools and / or methods to use?
A.
Blackbox testing and fingerprinting
B.
Code review and packet analyzer
C.
Fuzzer and HTTP interceptor
D.
Enumerator and vulnerability assessment