CISA Certified Information Systems Auditor – Question0352

Which of the following activities should an IS auditor perform FIRST during an external network security assessment?

A.
Exploitation
B. Enumeration
C. Vulnerability scanning
D. Reconnaissance

Correct Answer: B