A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following activities would be MOST appropriate?
A) Use a protocol analyzer against the site to see if data input can be replayed from the browser
B) Scan the website through an interception proxy and identify areas for the code injection
C) Scan the site with a port scanner to identify vulnerable services running on the web server
D) Use network enumeration tools to identify if the server is running behind a load balancer

Question

Quizplus · Accepted Answer

The Answer of A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following activities would be MOST appropriate?
A) Use a protocol analyzer against the site to see if data input can be replayed from the browser
B) Scan the website through an interception proxy and identify areas for the code injection
C) Scan the site with a port scanner to identify vulnerable services running on the web server
D) Use network enumeration tools to identify if the server is running behind a load balancer

A Company Contracts a Security Engineer to Perform a Penetration