Which of the following would BEST help to identify vulnerabilities introduced by changes to an organization-s technical infrastructure?
A. An intrusion detection system
B. Established security baselines
C. Penetration testing
D. Log aggregation and correlation