Vendors typically ship software applications with security settings disabled by default to ensure a
wide range of interoperability with other applications and devices. A security administrator should
perform which of the following before deploying new software?

A.
Application white listing

B.
Network penetration testing

C.
Application hardening

D.
Input fuzzing testing

Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing
the surface of vulnerability typically includes removing unnecessary functions and features,
removing unnecessary usernames or logins and disabling unnecessary services.