A security engineer would like to analyze the effect of deploying a system without patching it to
discover potential vulnerabilities. Which of the following practices would best allow for this testing
while keeping the corporate network safe?
A.
Perform grey box testing of the system to verify the vulnerabilities on the system
B.
Utilize virtual machine snapshots to restore from compromises
C.
Deploy the system in a sandbox environment on the virtual machine
D.
Create network ACLs that restrict all incoming connections to the system
Explanation: