Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies
unapplied security controls and patches without attacking or compromising the system, Ann would
use which of the following?
A.
Vulnerability scanning
B.
SQL injection
C.
Penetration testing
D.
Antivirus update