View the step-by-step solution to:


An internal penetration tester finds a legacy application that takes measurement input made in a text box and

outputs a specific string of text related to industry requirements. There is no documentation about how this application works, and the source code has been lost.

Which of the following would BEST allow the penetration tester to determine the input and output relationship?

A.     Running an automated Fuzzer

B.     Constructing a known cipher text attack

C.     Attempting SQL injection commands

D.     Performing a full packet capture

E.      Using the application in a malware sandbox

Top Answer

C.Attempt... View the full answer

Sign up to view the full answer

Why Join Course Hero?

Course Hero has all the homework and study help you need to succeed! We’ve got course-specific notes, study guides, and practice tests along with expert tutors.

  • -

    Study Documents

    Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access.

    Browse Documents
  • -

    Question & Answers

    Get one-on-one homework help from our expert tutors—available online 24/7. Ask your own questions or browse existing Q&A threads. Satisfaction guaranteed!

    Ask a Question