An internal penetration tester finds a legacy application that takes measurement input made in a text box and outputs a specific string of text related to industry requirements. There is no documentation about how this application works, and the source code has been lost. Which of the following would BEST allow the penetration tester to determine the input and output relationship?
A) Running an automated fuzzer
B) Constructing a known cipher text attack
C) Attempting SQL injection commands
D) Performing a full packet capture
E) Using the application in a malware sandbox
Correct Answer:
Verified
Q402: Due to a recent acquisition, the security
Q403: A hospital is using a functional magnetic
Q404: A company contracts a security consultant to
Q405: An online bank has contracted with a
Q406: A government entity is developing requirements for
Q408: A security administrator was informed that a
Q409: A company's Chief Operating Officer (COO) is
Q410: A company is the victim of a
Q411: A security manager is determining the best
Q412: A company has completed the implementation of
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents