A security administrator is tasked with conducting an assessment made to establish the baseline
security posture of the corporate IT infrastructure. The assessment must report actual flaws and
weaknesses in the infrastructure. Due to the expense of hiring outside consultants, the testing
must be performed using in-house or cheaply available resource. There cannot be a possibility of
any requirement being damaged in the test. Which of the following has the administrator been
tasked to perform?
A.
Risk transference
B.
Penetration test
C.
Threat assessment
D.
Vulnerability assessment