A web organization is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?
A. Code review by a third party
B. Web application firewall implementation
C. Penetration test results
D. Database application monitoring logs
A. Code review by a third party
B. Web application firewall implementation
C. Penetration test results
D. Database application monitoring logs